The Heartbleed SSL vulnerability is big news in the media right now (and rightly so — it’s a scary bug).
I’ve been contacted by some organizations and software vendors and I’ve contacted others about it. I thought I would compile the list here, mainly for my own reference.
Financial / Banking
President’s Choice Financial – Not Affected (a telephone rep confirmed they do not use the affected versions of OpenSSL)
CIBC – Reply pending but likely unaffected (they provide banking services to PC Financial)
Online Services
CACert – Recommends revoking and regenerating any certificates or keys installed on vulnerable systems
GitHub – Recommends changing your password, enabling two-factor auth and resetting all your tokens
Amazon Web Services – Recommends upgrading OpenSSL on any vulnerable systems (EC2), running update_dependencies for OpsWorks and rotating any keys and certificates for Elastic Load Balancing, EC2, Elastic Beanstalk and CloudFront
Software
VisualSVN – VisualSVN Server is not affected. The client should be upgraded to version 4.0.6.
Games
Minecraft (and other Mojang games) – Recommends changing your password