OpenSSL Heartbleed

Advisory: OpenSSL TLS Heartbleed Vulnerability

Edward Wincott
Tuesday, August 4, 2015 - 10:15
eduroam
advisory
eduroam(UK) Advisory
OpenSSL Heartbleed
Advisory issued by eduroam.OT 08/04/2014 It has come to our attention that there are vulnerabilities in the relatively new 1.0.1-series of OpenSSL (as detailed by http://heartbleed.com/) affecting TLS enabled services via a heartbeat extension. While there are no indications that this affects TLS-based EAP-mechanisms or RADIUS/TLS (aka RadSec) at this time, the operational team has made the decision to upgrade OpenSSL to versions implementing a fix for CVE-2014-0160
Read more

How to claim back your certificate credit if you have been affected by the OpenSSL heartbleed bug

Simon Cooper
17 April 2014 at 4:39pm
SSL
jcs
OpenSSL Heartbleed
certificate
If you have been affected by the OpenSSL bug, dubbed ‘heartbleed’ and need to replace SSL certificates as a result of this vulnerability, we are happy to replace the certificate credit used to obtain the replacement certificate. Registered authorised users should first obtain the new SSL certificate in the usual way from their Janet Certificate Service account using the following link:  https://community.ja.net/apps/janet-certificate-service.  
Read more
31 March 2021 at 9:54pm

Advisory: OpenSSL TLS Heartbleed Vulnerability, 8-14 April 2014 rev 1.2

Edward Wincott
eduroam
advisory
OpenSSL Heartbleed
This advisory has moved to: https://community.jisc.ac.uk/library/janet-services-documentation/advisory-openssl-tls-heartbleed-vulnerability/
Read more
Subscribe to OpenSSL Heartbleed