Though this issue does not effect CMSMS directly, and only effects users that are using SSL on their websites it is important enough to mention.
An important security vulnerability has been detected in SSL libraries that will allow a malicious person to intercept SSL communications to get personal data including usernames and passwords (and on eCommerce sites potentially credit card information etc). They can also access the memory on the server and extract private keys and other nasty stuff.
This vulnerability only effects people who's sites are using SSL.
If you are hosting your sites on a dedicated server, or a VPS you need to investigate how to upgrade your SSL libraries. If you are using a shared server you should ensure that your hosts have upgraded their servers appropriately.
For more information on this vulnerability, also known as "Heartbleed," visit: http://heartbleed.com/
Heartbleed: Serious SSL Security Vulnerability
-
- Support Guru
- Posts: 8169
- Joined: Tue Oct 19, 2004 6:44 pm
- Location: Fernie British Columbia, Canada
Heartbleed: Serious SSL Security Vulnerability
Follow me on twitter
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.