[FreeBSD-Announce] HEADSUP! OpenSSL "Heartbleed" bug

[FreeBSD Security Officer]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

This is a heads-up for the OpenSSL "Heartbleed" bug.

FreeBSD port security/openssl have been patched on 2014-04-07 21:46:40
UTC (head, r350548) and 2014-04-07 21:48:07 UTC (branches/2014Q2, r350549).

FreeBSD base system have been patched on 2014-04-08 18:27:32 UTC (head,
r264265), 2014-04-08 18:27:39 UTC (stable/10, r264266), 2014-04-08
18:27:46 UTC (releng/10.0, r264267).  The update is available with
freebsd-update.  All other supported FreeBSD branches are not affected
by this issue.

Users who use TLS client and/or server are strongly advised to apply
updates immediately.

Because of the nature of this issue, it's also recommended for system
administrators to consider revoking all of server certificate, client
certificate and keys that is used with these systems and invalidate
active authentication credentials with a forced passphrase change.

Formal security advisories would be announced later today.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)

iQIcBAEBCgAGBQJTRF6nAAoJEO1n7NZdz2rnA7AP/jG89g90O5ULI3aXZOeeYH6U
/l3Cb5/vUgEQWiG5HO50lID3fJOktTWvwMBs+q7E7vaGJ4icL5kl816Zucj3cI8j
H4JZZVYWbY1cBET2sNAxz5+XqGvERL8LUj8+hvVxo5L071plAbiucnvisx4K9Vyd
IQryUOvRwxUUbmOXIVbfPLoY4VJFT+fDMxEXjeOh3vFWXftg5v4KaB9jYCRKBiAo
BTEKlU1/bVjkJ4sU5ApavMOuyeqqOPTxLpqs6+9bsPUsBoiMR1LyxrWW9tWPb/x+
LKoLwwkHwjHmrCx9ob/L5jNtOiLeFAsN/Rvox8eLLCb2VRe90dkMKazAJCGT/Shf
DKRo4jlRCVqmHofc96+bWBGDGHvTT7xY3MZQYU9IEHIXSzAgxykXmyYSdIDm6bxk
tsladfGEpKNzpwQXbuzLFXjl0nd87P1ZcPh+cDprP4+b68knfAXDIF/ca7mVD00B
PTIUmXOSuvmYfhQyY4lurB3vjbWoJv06JkYJRe4luPyZiEulw7PNNPqR0BqR4vPX
R9VhOhDhXn1AJcF8urTMIwZ3tGyhwWbOjqOgAdI9jW4gTTtXqwwesWhjX0ZghzRf
Pqs9T7IrZ4pNvfHBETSc7JN/9kpspTEm/a2tUalEIKIErSxmaOAWUTethrjf3lyd
kNC30mma046jR7E4/ccB
=J3Tm
-----END PGP SIGNATURE-----