[CentOS] [CentOS-announce] CVE-2014-0160 CentOS 6 openssl heartbleed workaround

[David Hrbáč]

Dne 9.4.2014 17:27, Johnny Hughes napsal(a):
> It is only things that actually used SSL in memory (like httpd, imaps,
> pop3s, etc) . those certificates COULD have been impacted. openssh was
> not impacted (based on my reading).

What about the user credentials sent over this "insecure" communication
channel. They could be also compromised...
DH