Not much more needs to be said that hasn't already been said about Heartbleed. However, the SaltStack team was thrilled to watch how armies of system administrators and DevOps teams utilized SaltStack to diagnose and remediate the impact of OpenSSL vulnerabilities in data centers around the world. We were glad to hear how easy (cmd.run) and fast (milliseconds) it was for most folks to use SaltStack to automate what could have been a massive undertaking if attempted by hand.
A tip of our hat to the legions of data center operators who work hard (some harder than others <cough> use SaltStack <cough>) to keep the Internets and clouds safe and available. Here are some of the tweets and IRC posts that warmed our hearts (bad pun intended):
OpenSSL vulnerability to patch on many servers? `salt '*' pkg.install openssl`. DONE! Salt Stack really rocks!— Renoir Boulanger (@renoirb) April 8, 2014
that's a good sign, 30 linux boxes just tested with a salt call for heartbleed vulnerabilities, all came back not vulnerable.— Sir Derek Bradley (@derekbradley) April 10, 2014
I have to give it to SaltStack and Debian/Ubuntu for making updating OpenSSL painless earlier.— Kyle Ray Kelley (@rgbkrk) April 9, 2014
And last but not least, this from our IRC channel (#salt on Freenode):
9 out of 10 sys admins agree, "salt \* pkg.install openssl" helped them see their families last night— SaltStack (@SaltStackInc) April 8, 2014