Accounts e-mail HP

Heartbleed Vulnerability

You can get help here for any kind of problem ranging from Freeciv to the website.

Heartbleed Vulnerability

Postby Major Nimrod » Thu Apr 10, 2014 6:41 pm

This OpenSSL vulnerability has been getting a lot of traction lately in the press. In fact, it's quite serious.

http://it.slashdot.org/story/14/04/07/2354258/openssl-bug-allows-attackers-to-read-memory-in-64k-chunks

@ Davide: are any of your systems vulnerable ? Likely not, given what little I do know about the backend systems you're running, but I still have to ask.
"Big Brother is watching you" - George Orwell
"Shh! I'm Hunting Wabbits" - Elmer Fudd
"What a Nimrod" - Bugs Bunny

NIMMY
User avatar
Major Nimrod
Contributor & Co-Admin
 
Posts: 505
Joined: Thu Dec 13, 2012 5:24 pm
Location: Montreal, Canada

Re: Heartbleed Vulnerability

Postby Davide » Thu Apr 10, 2014 7:02 pm

There's no SSL involved in any of the webservers / proxies upon which GT runs.
Zielmicha once suggested to request an SSL certificate for civland.org, and move the website to https.
Quite good that I didn't.
User avatar
Davide
 
Posts: 864
Joined: Sat Mar 24, 2012 12:34 am

Re: Heartbleed Vulnerability

Postby Major Nimrod » Fri Apr 11, 2014 3:44 pm

Fabulous. I didn't think so, but it doesn't hurt to ask. Besides, it's not like you're holding onto credit card numbers here ;)
"Big Brother is watching you" - George Orwell
"Shh! I'm Hunting Wabbits" - Elmer Fudd
"What a Nimrod" - Bugs Bunny

NIMMY
User avatar
Major Nimrod
Contributor & Co-Admin
 
Posts: 505
Joined: Thu Dec 13, 2012 5:24 pm
Location: Montreal, Canada


Return to General tech support

Who is online

Users browsing this forum: No registered users and 1 guest

cron