[MPlayer-users] OpenSSL Heartbeat bug
Alexander Strasser
eclipse7 at gmx.net
Fri Apr 18 20:06:46 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Our server hosting the Trac issue tracker was vulnerable to the attack
against OpenSSL known as "heartbleed". The OpenSSL software library was
updated on 7th of April, shortly after the vulnerability was publicly
disclosed. We have changed the private keys (and certificates) for all
MPlayer servers. The new SHA1 fingerprints are:
mplayerhq.hu: d0 4c 1f d0 08 f6 e0 24 f0 2c 31 de 4d 01 45 04 32 2e 36 29
trac.mplayerhq.hu: 2a 1c d7 a5 7e 39 6a bc c3 55 22 88 ba 2a cd e0 1f c1 9f 6e
We encourage you to read up on "OpenSSL heartbleed"[1]. It is possible
that login data for the issue tracker was exposed to people exploiting
this security hole. You might want to change your password in the tracker
and everywhere else you used that same password.
[1] For example here: https://www.schneier.com/blog/archives/2014/04/heartbleed.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlNRabYACgkQp9ile6h25Y+LEQCePV3GZQch65arbNksG6jArfdQ
6QoAnAmaXZeDH2QqaWEgsRLbQRKKAwV0
=77MV
-----END PGP SIGNATURE-----
More information about the MPlayer-users
mailing list