[quassel-announce] A Bleeding Heart - Important Information for Quassel Core Hosters!

Manuel Nickschas sputnick at quassel-irc.org
Thu Apr 10 00:10:44 CEST 2014


On Wednesday 09 April 2014 23:18:00 you wrote:

Hi again,

> * If you host a Quassel core, make sure to upgrade your OpenSSL to at least
> version 1.0.1g (or whatever your distro deems to be a fixed one), create a
> new private key and certificate and replace the quasselCert.pem file in
> your config directory as described in our wiki [2]; then restart your core.

Obviously, you need to restart your core *after upgrading OpenSSL* and *before 
creating a new certificate* first, because otherwise your newly generated 
private key could leak again. And then restart your core a second time after 
replacing the certificate.

Also, you should change the passwords afterwards, because they may have 
leaked, too.

Cheers,
~ Sput
-- 
Manuel "Sputnick" Nickschas ("Sput" on Freenode)                  |  (o<
Member of the Quassel IRC Project - http://quassel-irc.org        |  //\
Come visit us in #quassel!                                        |  V_/_


More information about the quassel-announce mailing list