OpenSSL also at UiB
Information regarding security vulnerabilities discovered in OpenSSL.
Updated: 08.10.2014 (First published: 10.04.2014)
- The University of Bergen has been using the Open SSL technology with security gaps. This applies to all web services with SSL (webmail, MySpace, bs.uib.no and many more). We have updated so that the security gap is removed at the central services and we keep locating all services at the University of Bergen which use this.
- We cannot rule out that the usernames/passwords from UoB users have been stolen. We have no particular reason to believe it, but it cannot be excluded.
- We will remind about the general tips to have different passwords for different websites! Then if or when a password is stolen one place, you will avoid burglaries in other sites you have access to and thus limit the damage.
- It is never wrong to change your password! If you feel unsure and/or have not changed your password in a while, then change your password! Your UiB passord can be changed on sebra only. Information about passwords at University of Bergen.
- You can read more about the problem i PCworld.