OpenSSL Heartbleed Bug Vulnerability Report (CVE-2014-0160)

Posted on
Tue Apr 08, 2014 9:06 am
matt (support) offline
Site Admin
User avatar
Posts: 21411
Joined: Jan 27, 2003
Location: Texas

OpenSSL Heartbleed Bug Vulnerability Report (CVE-2014-0160)

Yesterday security researches reported details on a recently discovered OpenSSL bug called the Heartbleed Bug (technically known as CVE-2014-0160).

We take security very seriously, so we have immediately audited and patched all of our backend servers (PerceptiveAutomation.com, reflector server, and internal servers) as well as the Indigo software itself, which was not directly effected by the bug. No updates to Indigo are needed.

We are still waiting on an official statement from Apple regarding how/if Mac OS might be impacted by the vulnerability. However, based on our internal evaluation of the version of OpenSSL included by default on Mac OS (all versions) and used by some apps (including Indigo), the vulnerability is not present. You should contact 3rd party software vendors which might be including their own version of OpenSSL to ensure that their software is not effected.

Image

Page 1 of 1

Who is online

Users browsing this forum: No registered users and 3 guests