OpenSSL 'Heartbleed' vulnerability
Posted: Wed 09 Apr 2014 10:16 am
http://heartbleed.com/
The more observant amongst you will know that Cumulus uses OpenSSL client libraries (libeay32.dll and ssleay32.dll). These are used for connections to Twitter. It's not clear to me exactly how client libraries are affected (as opposed to servers) but apparently, they are. However, Cumulus uses version 1.0.0 of the libraries, which do not have the bug.
The more observant amongst you will know that Cumulus uses OpenSSL client libraries (libeay32.dll and ssleay32.dll). These are used for connections to Twitter. It's not clear to me exactly how client libraries are affected (as opposed to servers) but apparently, they are. However, Cumulus uses version 1.0.0 of the libraries, which do not have the bug.