Has GAE ever used OpenSSL for its frontend servers? It's quite interesting in context of the Hearbleed security hole (http://heartbleed.com). It'd be nice to get a confirmation from Google that no risks are present.
Asked
Active
Viewed 295 times
3
-
This question appears to be off-topic because it is about software versions, administration and patching. Server Fault has quite a few questions on the topic: http://serverfault.com/questions/tagged/heartbleed. – jww Apr 09 '14 at 19:01
-
1they say they have patched it as of yesterday http://googleonlinesecurity.blogspot.ca/2014/04/google-services-updated-to-address.html – slashdottir Apr 11 '14 at 02:15
-
According to Red Hat's issue tracker a patch has been applied on March 21st. I wrote down a couple of notes on App Engine, Heartbleed and what it means for App Engine customers. see https://medium.com/p/f1353165c24e – Nik Graf Apr 23 '14 at 14:06