Heartbleed: Serious SSL Security Vulnerability

Project Announcements. This is read-only, as in... not for problems/bugs/feature request.
Post Reply
calguy1000
Support Guru
Support Guru
Posts: 8169
Joined: Tue Oct 19, 2004 6:44 pm
Location: Fernie British Columbia, Canada

Heartbleed: Serious SSL Security Vulnerability

Post by calguy1000 »

Though this issue does not effect CMSMS directly, and only effects users that are using SSL on their websites it is important enough to mention.

An important security vulnerability has been detected in SSL libraries that will allow a malicious person to intercept SSL communications to get personal data including usernames and passwords (and on eCommerce sites potentially credit card information etc). They can also access the memory on the server and extract private keys and other nasty stuff.

This vulnerability only effects people who's sites are using SSL.

If you are hosting your sites on a dedicated server, or a VPS you need to investigate how to upgrade your SSL libraries. If you are using a shared server you should ensure that your hosts have upgraded their servers appropriately.

For more information on this vulnerability, also known as "Heartbleed," visit: http://heartbleed.com/
Follow me on twitter
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
Post Reply

Return to “Announcements”