Heartbleed

Discussion in 'Suggestion Box' started by Black Bart, Apr 10, 2014.


  1. Black Bart

    Black Bart Have Towel – Will Travel Supporting Member

    Joined:
    Sep 11, 2010
    Messages:
    2,344
    Just wondering if the site has been assessed regarding the Heartbleed SSL encryption flaw?

    According to a quick check at https://lastpass.com/heartbleed/?h=talkbass.com

    Site: talkbass.com
    Server software: Apache/2.2.15 (CentOS)
    Was vulnerable: Likely (known use OpenSSL)
    SSL Certificate: Possibly Unsafe (created 2 years ago at Aug 24 18:00:38 2012 GMT)
    Assessment: Wait for the site to update before changing your password
     
  2. paul

    paul Administrator Administrator

    Joined:
    Jul 20, 2000
    Messages:
    4,575
    Location:
    Austin, TX
    Every check I've run says the openssl version is ok. Regardless, as you know our certificate is self-signed and expired (we don't provide ssl support currently) so this is moot.

    We will support ssl after switch to new software shortly (days or weeks depending on how things go).
     
  3. vikunja

    vikunja

    Joined:
    Oct 29, 2004
    Messages:
    190
    Location:
    Norway
    Thanks for the information!
     
  4. Black Bart

    Black Bart Have Towel – Will Travel Supporting Member

    Joined:
    Sep 11, 2010
    Messages:
    2,344
    Thanks Paul. Good to know, feel free to close the thread.
     
  5. Register to disable this ad
  6. paul

    paul Administrator Administrator

    Joined:
    Jul 20, 2000
    Messages:
    4,575
    Location:
    Austin, TX

Share This Page