Planned service interruption March 1st, 2016

author David Wibergh, about Status & transparency reports

Update 2 (14:32 GMT): All servers have been patched and restarted. One of the vulnerabilities is called DROWN and another is called CacheBleed. More information is also available in OpenSSL's Security Advisory.


Update 1 (14:15 GMT): OpenSSL has released their update. Right now we're awaiting the package for Debian Jessie. We can update our servers when that package has been released.


Tomorrow, March 1st 2016, OVPN will have a service interruption which affects all servers (VPN01-VPN24).

The cause of the interruption is that OpenSSL releases a new verison which fixes several security defects with maximum severity
"high".

Since the defects are categorized as high, we will update are servers directly upon the release.

The service interruption will be very short per server since we only need to restart the OpenVPN processes after the update. We will update this blog post when we've updated OpenSSL on all our servers.