Maintained by: NLnet Labs

[Unbound-users] OpenSSL heartbleed bug

Daisuke HIGASHI
Sat Apr 12 04:51:21 CEST 2014


2014-04-12 1:10 GMT+09:00 Phil Pennock <unbound-users+phil at spodhuis.org>:

> So if you have ssl-service-key set then you're vulnerable, but you need
> to then change _all_ keys and certs used by Unbound, including for those
> services which are not part of the attack vector, not _just_
> ssl-service-key.

Yes, we should change all keys/certs after upgrading OpenSSL if HB bug affected.

Regards,
-- 
 Daisuke HIGASHI <daisuke.higashi at gmail.com>