Welcome to the Cumulus Support forum.

Latest Cumulus MX release v3.0.0 build 3048 - 02 March 2019.
Legacy Cumulus 1 release v1.9.4 (build 1099) - 28 November 2014

See the Wiki for downloading either version.

OpenSSL 'Heartbleed' vulnerability

General news concerning Sandaysoft and its products, announcements of new releases etc.
Post Reply
User avatar
steve
Cumulus Author
Posts: 26717
Joined: Mon 02 Jun 2008 6:49 pm
Weather Station: None
Operating System: None
Location: Vienne, France
Contact:

OpenSSL 'Heartbleed' vulnerability

Post by steve » Wed 09 Apr 2014 10:16 am

http://heartbleed.com/

The more observant amongst you will know that Cumulus uses OpenSSL client libraries (libeay32.dll and ssleay32.dll). These are used for connections to Twitter. It's not clear to me exactly how client libraries are affected (as opposed to servers) but apparently, they are. However, Cumulus uses version 1.0.0 of the libraries, which do not have the bug.
Steve

Post Reply