[kwlug-disc] Heartbleed OpenSSL bug
adamglauser at gmail.com
Tue Apr 8 11:54:03 EDT 2014
On Tue, Apr 8, 2014 at 11:40 AM, L.D. Paniak
<ldpaniak at fourpisolutions.com>wrote:
> As many of you already know, there is a critical flaw in OpenSSL
> versions 1.0.1-1.0.1f (and 1.0.2beta) which allows for attackers to
> access server (and client) memory.
Regarding client software:
You can check Cygwin systems as follows: `cygcheck -l | grep cygssl`
Firefox and Chrome/Chromium use NSS instead of OpenSSL, so are not
Also, there is a command-line tester tool you can use to check your sites.
 There is also a web tester at http://filippo.io/Heartbleed/, though it
seems to be having load problems (surprise!).
Does anyone know if Android apps typically provide their own SSL
implementation? That is, does each app need updating?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the kwlug-disc