CI Impacted by Heartbleed
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
Still loading...
ABCDEFGHIJKLMNOPQRST
1
ComponentImpacted?More information
2
CILogonNohttp://www.cilogon.org/news/cilogonandtheopensslheartbleedbug
3
FutureGridNo, but requiring password change."In recent weeks you may have heard about the Heartbleed vulnerability in OpenSSL. FutureGrid operations teams responded to the disclosure of this vulnerability by updating affected systems and installing new SSL certificates on all vulnerable resources. While we have no evidence that any FutureGrid portal passwords were compromised, as a precaution we are requiring all users to change their portal password. As a best practice please do not use a password that you use for any other online services, and never share your password with another user." https://portal.futuregrid.org/forums/announcements/user/important-notice-about-openssl-heartbleed (requires FutureGrid account)
4
Globus (including GridFTP and GRAM)Yeshttps://support.globus.org/entries/50667608
5
GSI-OpenSSHYeshttp://lists.globus.org/pipermail/gsi-openssh-announce/2014-April/000019.html
6
HTCondorYeshttps://lists.cs.wisc.edu/archive/htcondor-users/2014-April/msg00054.shtml
7
HUBzeroYes"You may have heard recently about the "Heartbleed" security vulnerability in OpenSSL. If not, you can read about it here: http://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/

As soon as this was publicly announced, we took steps to upgrade our software on https://hubzero.org and replace our security certificates to safeguard your information. We take security very seriously.

To further safeguard your account, we'll be rolling out password resets gradually to all users over the next few weeks. Sometime soon, when you log in, you'll be prompted to change your password. We have no reason to believe that anyone has stolen your password or accessed your account, but with the new safeguards in place, and with a new password on your account, you should be immune from any attacks related to this exploit.

Please drop by https://hubzero.org sometime in the next few weeks and log in. There's no need to change your password until prompted to do so, but when prompted, please choose a new password."
8
MyProxyYeshttp://lists.globus.org/pipermail/myproxy-announce/2014-April/000032.html
9
OpenSSH (non-GSI)Nohttp://superuser.com/questions/739349/does-heartbleed-affect-ssh-keys
10
PerfSonarYeshttp://gab.es.net/pipermail/sciencedmz/2014-April/000131.html
11
trustedci.groupsite.comNoEmail from GroupSite: ""The Groupsite.com platform is not, and has never, used a vulnerable version of the OpenSSL library, so our service was not directly affected. We have been monitoring news from our providers, especially those that may have been affected, and as a precaution, we have changed API keys and passwords."
12
XSEDE User PortalYeshttps://portal.xsede.org/web/xup/user-news/-/news/item/6717
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...
 
 
 
Sheet1