From c4f0d3f446c481fee169b6a18332c20752f09234 Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 15 Oct 2014 21:51:12 -0700 Subject: poodle hotfix announcement --- pages/about-us/news/2014/android-oh-seven.md | 2 +- pages/about-us/news/2014/bitmask-oh-seven-rc.md | 2 +- pages/about-us/news/2014/poodle-hot-fix.haml | 18 ++++++++++++++++++ 3 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 pages/about-us/news/2014/poodle-hot-fix.haml diff --git a/pages/about-us/news/2014/android-oh-seven.md b/pages/about-us/news/2014/android-oh-seven.md index ef0428e..3c5f232 100644 --- a/pages/about-us/news/2014/android-oh-seven.md +++ b/pages/about-us/news/2014/android-oh-seven.md @@ -1,6 +1,6 @@ @title = 'Bitmask Android 0.7.0' @author = 'Parménides GV' -@posted_at = '2014-09-06' +@posted_at = '2014-10-06' @more = true @preview = '

We\'ve released a new version of our Android client, which improves the stability of our VPN tunnel and fixes a bunch of bugs.

'.html_safe diff --git a/pages/about-us/news/2014/bitmask-oh-seven-rc.md b/pages/about-us/news/2014/bitmask-oh-seven-rc.md index f73e629..574ab6d 100644 --- a/pages/about-us/news/2014/bitmask-oh-seven-rc.md +++ b/pages/about-us/news/2014/bitmask-oh-seven-rc.md @@ -1,6 +1,6 @@ @title = 'Bitmask Desktop v0.7.0-rc1 is ready for testing' @author = 'Ivan' -@posted_at = '2014-09-06' +@posted_at = '2014-10-06' @more = true @preview = '

Starting today users can run a "stable" or "unstable" version of Bitmask. For each new version, we will first issue an "unstable" public release candidate. People who are in position to run bleeding edge code can run the "unstable" version and help us find any problems that we might have missed.

'.html_safe diff --git a/pages/about-us/news/2014/poodle-hot-fix.haml b/pages/about-us/news/2014/poodle-hot-fix.haml new file mode 100644 index 0000000..66d9bb49 --- /dev/null +++ b/pages/about-us/news/2014/poodle-hot-fix.haml @@ -0,0 +1,18 @@ +- @title = "Poodle hot-fix" +- @author = "Micah" +- @posted_at = "2014-10-15" +- @more = true +- @preview = capture_haml do + As you may have heard, there is a new dog in town, and it is a Poodle. Poodle (Padding Oracle On Downgraded Legacy Encryption) is the name for a severe flaw in the SSLv3 protocol, which can be exploited to force connections to reveal plain-text. The Poodle announcement brought with it the death of the SSLv3 protocol, and none too soon. + +%p As you may have heard, there is a new dog in town, and it is a Poodle. Poodle (Padding Oracle On Downgraded Legacy Encryption) is the name for a severe flaw in the SSLv3 protocol, which can be exploited to force connections to reveal plain-text. The Poodle announcement brought with it the death of the SSLv3 protocol, and none too soon. + +%p In order to respond to this issue, we've made an important security fix release for the Platform. This release simply disables the SSLv3 protocol (as well as deactivates the weak RC4 cipher). + +%p To apply this update, simply update the Leap Platform master branch (or checkout the signed 0.5.5 tag), and deploy to the webapp node. + +%ul + %li + %a(href="https://leap.se/git/leap_platform.git") Leap Platform git repository + %li + %a(href="https://leap.se/git/leap_platform.git/tag/3c7f2f98cdaabb00e13325476197fbbc74dff597") The signed 0.5.5 tag -- cgit v1.2.3