

Heroku working to fix Heartbleed - zizee
https://status.heroku.com/incidents/606

======
craigkerstiens
Heroku Product manager here, we're working as quickly as possible to assess
and address all details around the issue. Three hours is our worst case to
provide details as unfortunately is has been a slow evolving incident, though
all hands are on deck and we're working to update status.heroku.com as broadly
as possible as well as more direct channels.

~~~
somesay
What's exactly the problem? Could be fixed by either getting the latest
package upgrades from you favorite distro or compile an old version yourself
with a specific flag set as mentioned in the security report. Or are you
behind some third-party SSL proxy that doesn't react that fast?

------
asharpe
Most if, not all, competitors have already pushed their fix (eg
[http://blog.cloud66.com/security-vulnerability-
cve-2014-0160...](http://blog.cloud66.com/security-vulnerability-
cve-2014-0160-heartbleed/)). Ouch, 3 hours to go for the next update, ie not a
fix.

~~~
asharpe
Title should be: Heroku still hasn't pushed a fix for HeartBleed

