Github reports fixing Heartbleed vulnerability

Matthijs Kooijman matthijs at
Thu Apr 10 13:39:28 EDT 2014

Hey John,

> I’ll add that if you’ve used a github ssh key anywhere else you should
> replace it there as well — and use a different key this time.
Huh? github only has your public SSH key, so there should not be any
reason to replace it AFAICS? At most double-check if they still have the
correct key listed, under the assumption that attackers might somehow
managed to get write access to github's data (for which there is no
indication, though).

Or am I misunderstanding something here?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <>

More information about the gnucash-devel mailing list