OpenSSL Heartbleed - What We're Doing About It

Published 08 April 2014 by C. G. Brown

A few customers have written in expressing concerns about the massive OpenSSL vulnerability nicknamed "Heartbleed". We figured it would be best to notify you what we're doing about it rather than have you worry.

As soon as the patches were made available for our respective servers, we patched all vulnerable primary servers. We're in the process of patching all secondary servers that our customers don't directly interact with. 

Since part of the nature of this bug is that we can't know whether we've been compromised, we'll also be reissuing our SSL certificates some time in the next 24-48 hours. Do not be alarmed if you see a change in the cert; it's us.

We'll notify you again when the process is complete. In the meantime, good luck with your own patching processes, and as always, reach out to us if you have questions or if we can help.

 

Topics: Security

Subscribe to ProjectLocker's Blog

Follow Us

Get Updates by Email

Follow @ProjectLockerHQ on Twitter

Follow Us

Free Checklist: How to Choose Source Control for your Project