On April 7, 2014, a large security hole was announced for Unix systems
utilizing the OpenSSL cryptographic library. http://heartbleed.com
After we received initial notifications, we immediately gathered as much
information as we could and started patching the systems that were affected
and had patches immediately available (Ubuntu 12.04 LTS) that Monday evening.
We have finished our analysis and investigation, updating our
systems on Monday or Tuesday as patches became available from the
vendors. We have already communicated directly with the few customers
that were affected by this bug, advising the security steps they should take.
All of our core main systems were unaffected by this bug. The
only systems that we found in our network that we manage and
needed patching were Ubuntu 12.04 LTS deployments for certain
virtual server customers.
Our main web, mail, and authentication are all on unaffected systems due
to the versions of software running on them. And thus private data on these
systems was never exposed via the Heartbleed bug.
If you have any problems or questions please let us know at
[log in to unmask], or call us up at 612-337-6340.
--
Doug McIntyre <[log in to unmask]>
~.~ ipHouse ~.~
Network Engineer/Provisioning/Jack of all Trades
