Personal tools
You are here: Home Members admin Site News Notice about "Heartbleed" SSL/TLS bug

Notice about "Heartbleed" SSL/TLS bug

We tested our site for vulnerability to this bug (CVE-2014-0160) and we are not affected.

We happen to be using a version of OpenSSL (OpenSSL 0.9.8r) which predates the introduction of TLS code, which saved us from this. This counts as pure luck.

However, it brings up a serious warning about our site. It has been running for years with zero funding to support it. If an issue arises which affects the security of the site, we will be forced to immediately, and without warning, shut the site down, and await funding to provide the manpower to bring it back up safely.

Document Actions