Hello everybody!

This is not something directly related to ZeXtras Suite, but worth a post in the "News and Announcements" forum nonetheless.

A severe vulnerability has been found in OpenSSL which could be exploited for data disclosure by allowing an attacker to read the memory of a system running a compromised version of OpenSSL, ultimately compromising the safety of encryption keys and therefore of encrypted communications.

Only releases 1.0.1 and 1.0.2-beta are affected, and the bug has been fixed in OpenSSL 1.0.1g (and 1.0.2-beta2)

More informations can be found at:

http://www.openssl.org/news/secadv_20140407.txt
CVE - CVE-2014-0160
Heartbleed Bug
https://bugzilla.zimbra.com/show_bug.cgi?id=88688

Have a nice day,
Cine
the ZeXtras Team