An updated version of OpenSSL was depoyed on our servers on Apr 8th, 2014. In the following days, SSL certificates for our servers were revoked and replaced with new ones. Due to overload on our certification authority's servers, the last certificate was updated on Sat Apr 12th, 2014.

Routers were updated to the new OpenSSL version on Fri Apr 11th, 2014 together with an update of server certificates. It is important that during the whole time, automated updates were safe due to digitally signed packages being used, which are signed on a machine independent of the rest of the deployment infrastructure.

At present, the whole system is updated and safe against Heartbleed.