Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

[Security Notice] How the Heartbleed bug affects SCS computing

As a part of our commitment to security, SCS Computing Facilities is responding to the recently announced Heartbleed vulnerability (http://www.heartbleed.com).

CORE SERVICES:

SCS core services were not affected by the "Heartbleed" bug. The hosts providing services such as the Instance Manager and SCS WebISO services were not affected by this vulnerability. As a result, you do NOT need to reset your SCS passwords.

UBUNTU COMPUTERS:

Ubuntu 12.04 LTS computers installed by SCS Computing Facilities should have had a patch for this vulnerability applied on or before Tuesday, April 8th, 2014. SSL-enabled network services may need to be restarted before this patch takes effect.

FEDORA COMPUTERS:

Fedora hosts installed by SCS Computing Facilities run a version of OpenSSL that does not have this vulnerability.

NETWORK SCANS:

In addition, we have scanned the SCS wired network for vulnerable hosts. The contacts for any vulnerable hosts have been notified. We will be doing additional follow-up scans and notifying contacts for hosts that may have been affected by this vulnerability before it was announced.

Please contact the SCS Help Desk at x8-4231 or help@cs.cmu.edu with any questions or concerns regarding this vulnerability.