We have resolved the threat to AppFog users of the OpenSSL vulnerability that was unveiled this week--the CVE-2014-0160 vulnerability, aka “Heartbleed." This bug allows attackers to retrieve data stored in a server’s memory and access sensitive information.
Yesterday, all AppFog servers were successfully patched, including all core infrastructure pieces, database/service nodes, and application execution hosts. In addition, our SSL certificates were updated and redeployed this afternoon, which will ensure all applications accessed using the auto-generated URL (e.g. *.af.cm) via HTTPS are secure.
Read this AppFog blog post for more information on the steps we've taken and actions for AppFog users to take.
If you have not already, AppFog highly recommends that all of our customers update their passwords as soon as possible.
- The AppFog Team
Copyright © 2014 AppFog, a CenturyLink product, All rights reserved.
You are receiving this email because you have an AppFog account.
manage your email preferences
|
发表于 2014-4-12 00:12:00