Engine Yard
All Systems Operational
Engine Yard Cloud?
IaaS
Help Center?
GitHub
Past Incidents
Apr 17, 2014

No incidents reported today.

Apr 16, 2014

No incidents reported.

Apr 15, 2014

No incidents reported.

Apr 14, 2014

No incidents reported.

Apr 13, 2014

No incidents reported.

Apr 12, 2014

No incidents reported.

Apr 11, 2014

No incidents reported.

Apr 10, 2014

No incidents reported.

Apr 9, 2014

No incidents reported.

Apr 8, 2014
Resolved - Engine Yard stacks on Gentoo are not currently running a version of OpenSSL greater than 1.0.0. which removes it from the scope of this vulnerability. The current issue facing our customers with this vulnerability presents itself with the use of AWS ELB’s and our Ubuntu offerings, which do run a version of OpenSSL that is vulnerable in CVE-2014-0160.

AWS has updated their ELB offerings to address the vulnerability: https://aws.amazon.com/security/security-bulletins/aws-services-updated-to-address-openssl-vulnerability/ Contrary to the statement in the link, all ELBs in use by Engine Yard, and in the Engine Yard pool of resources, have been updated in all regions, including US East.

At this time, if you have been using an ELB in your environment, it is recommended that you rotate your SSL certificates. If running on our Ubuntu stack, open a support ticket and Engine Yard Support can verify that your environment is secure.
Apr 8, 21:10 UTC
Monitoring - If you're using Engine Yard Cloud on AWS without ELB’s you are not affected. Please read https://support.cloud.engineyard.com/entries/50554018-April-7-2014-OpenSSL-security-vulnerability for more details.
Apr 8, 03:45 UTC
Apr 7, 2014

No incidents reported.

Apr 6, 2014

No incidents reported.

Apr 5, 2014

No incidents reported.

Apr 4, 2014

No incidents reported.

Apr 3, 2014

No incidents reported.