Jogamp's Heartbleed Vulnerability / Mitigation

Heartbleed Bug <https://en.wikipedia.org/wiki/Heartbleed>

2014-04-08 00:17:39 CET: Xerxes gave us a heads up about the possible vulnerability
  <http://jogamp.org/log/irc/jogamp_20140407050513.html#l61>.

2014-04-08 00:52:37 CET: I was able update the Debian packages to stop the leak
  <http://jogamp.org/log/irc/jogamp_20140407050513.html#l105>

2014-04-09 08:03:49 CET: Further 'hardening' work of the TLS settings happens,
                         i.e. preferring PFS DHE ciphers and dropping weak ones started.
  <http://jogamp.org/log/irc/jogamp_20140409075029.html#l9>


Now I am waiting to receive the new SSL certificate,
which were issued free of charge from Hetzner and Thawte.
Since Hetzner is in Germany and the reseller, sadly this will not happen
before Monday.
However, the vulnerability is _active_ for at least one year w/ deployed
OpenSSL packages - so I guess we don't need to be hysterical :)
Whoever has the passwords and certificate already probably will not change the behavior.
Since the leak is closed, new attacks will not be successful regarding this bug.

I will update you after installing the new certs
and revoking the old one.

Whoever has an account on jogamp.org (wiki, email, jenkins, ..)
please update your passwords, *** after the replacement of the certificate *** !

Cheers, Sven