Tumblr posted an urgent advisory about a major vulnerability in the popular OpenSSL cryptographic software library, which is used in the majority of SSL protected sites on the Internet.
Codenomicon, a developer of security and robustness testing solutions based in Finland, warned that the Heartbleed bug allows the theft of the information protected, under normal conditions, by SSL/TLS encryption used in a wide range of applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
http://heartbleed.com/
http://www.tumblr.com/search/Heartbleed
