Information has been released about a new OpenSSL vulnerability (CVE-2014-0160) and we were using an affected version of OpenSSL until today - April 10, 2014, 10 AM PT. We have updated our servers now to the latest version of OpenSSL that includes a patch for the vulnerability.We recommend changing your account password, now - if you have an account on our the Kantara Initiative IdP (for example if you log in the Kantara Initiative wiki using the selection "Kantara Initaitve IdP ..."). To change your password please go to: https://idp.kantarainitiative.org/myaccount.phpIf you have any questions about this incident, please do not hesitate to contact us at staff@kantarainitative.orgThanks,Oliver--Oliver MaerzThe information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. No representation is made on its accuracy or completeness of the information contained in this electronic message. Certain assumptions may have been made in the preparation of this material as at this date, and are subject to change without notice. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. Please reply to Oliver Maerz and destroy all copies of this message and any attachments from your system.