Wikimedia Foundation and heartbleed status
In case you were wondering:
1) we upgraded openssl last night
2) we put in place new ssl certs last night/early this morning
3) we're in the process of forcibly logging out all users (reseting their user session token) to make them re-login using the new openssl/certs.
4) We're recommending all users change their passwords (forcibly doing this for all users is hard for us, because we don't actually require an email to have an account).
The note I just sent out:
http://lists.wikimedia.org/pipermail/wikitech-ambassadors/2014-April/000666.html
1) we upgraded openssl last night
2) we put in place new ssl certs last night/early this morning
3) we're in the process of forcibly logging out all users (reseting their user session token) to make them re-login using the new openssl/certs.
4) We're recommending all users change their passwords (forcibly doing this for all users is hard for us, because we don't actually require an email to have an account).
The note I just sent out:
http://lists.wikimedia.org/pipermail/wikitech-ambassadors/2014-April/000666.html
Francesca Ciceri, netgeek, Douglas Perkins, lnxwalt@microca.st likes this.
Thanks a lot!!!