Slides from my talk about how the HeartBleed OpenSSL vulnerability affects Apache CloudStack and how to mitigate the vulnerability. From CloudStack Collaboration Conference 2014 in Denver, CO
3. What is Vulnerable
• Apache CloudStack 4.2 – 4.3
• SystemVMs have vulnerable version of OpenSSL installed
• In particular, SSVM is running vulnerable services
13. ASF Infrastructure team:
“Thank you for your patience while we have worked to sort this out.
We expect to reset all LDAP passwords within the next 48 hours or so,
so do not be alarmed when your password stops working.”