-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
hi,
per [0], i have disabled the authorized_keys of users with affected keys. if you can no longer log into hemlock, you should contact ts-admins@wikimedia.org and provide a new public key, generated on a system which is not using the affected version of OpenSSL.
- river.
[0] http://lists.debian.org/debian-security-announce/2008/msg00152.html
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
to be clear: just because your key wasn't detected as broken doesn't mean it isn't - the tool can only detect most broken keys, not all of them. if your key was generated on an affected Debian or Ubuntu system, you still need to regenerate it.
- river.
toolserver-l@lists.wikimedia.org