Hello everybody!
This is not something directly related to ZeXtras Suite, but worth a post in the "News and Announcements" forum nonetheless.
A severe vulnerability has been found in OpenSSL which could be exploited for data disclosure by allowing an attacker to read the memory of a system running a compromised version of OpenSSL, ultimately compromising the safety of encryption keys and therefore of encrypted communications.
Only releases 1.0.1 and 1.0.2-beta are affected, and the bug has been fixed in OpenSSL 1.0.1g (and 1.0.2-beta2)
More informations can be found at:
http://www.openssl.org/news/secadv_20140407.txt
CVE - CVE-2014-0160
Heartbleed Bug
https://bugzilla.zimbra.com/show_bug.cgi?id=88688
Have a nice day,
Cine
the ZeXtras Team
Bookmarks