If you ever used the payment protocol (you clicked a bitcoin: link and saw a green box in Bitcoin Core's send dialog), then you should consider your wallet to be compromised.
My exact thoughts. I think this is serious enough.
alert is like defcon 1 I think, Im trying to imagine the crypto equal of an impending nuclear winter
This vulnerability is caused by a critical bug in the OpenSSL library used by Bitcoin Core. Successfully attacking Bitcoin Core by means of this bug seems to be difficult in most cases, and it seems at this point that even successful attacks may be limited, but I recommend taking the above actions just in case.
I shivered for a monent. Next time try mentioning the good news first.
Thanks for the heads up!
I think action first is probably wise, prevention before cure?
My noob question here is could gox claim this bug had any influence at all in their case
That's a good policy. I also do that. You don't need to update from versions older than 0.9.0 unless you're using rpcssl. Most people aren't.
Do they do alpha beta test before then allowing a recommended update to the masses