Just a heads up to all readers. A serious vulnerability in OpenSSL was just announced and patched a few hours ago. Vulnerable versions of OpenSSL could potentially leak private keys from memory to an unauthenticated remote attacker. You will need to immediately patch all affected systems and revoke any potentially exposed keys and associated certificates.
Seems like some organizations got advanced notice due to the co-ordination of some of the researchers and NCSC-FI but before they finished their pre notifications someone else discovered the vulnerability and went public with it.
Read more about the vulnerability at the researcher’s website: Heartbleed Bug