linuxdcpp-team team mailing list archive

Thread
Date

[Bug 1304769] Re: Heartbleed

To: linuxdcpp-team@xxxxxxxxxxxxxxxxxxx
From: eMTee <1304769@xxxxxxxxxxxxxxxxxx>
Date: Wed, 09 Apr 2014 21:51:22 -0000
Reply-to: Bug 1304769 <1304769@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable which means DC++ 0.799 to 0.841 are affected.
For ADCH++ Windows releases, I should have switched to 1.0.1 roughly at the same time as DC++ did. It would mean ADCH++ 2.8.1 and later official Windows releases are possibly affected.
A hub running 2.8.0 passed the test and isn't looking vulnerable.

-- 
You received this bug notification because you are a member of
Dcplusplus-team, which is subscribed to DC++.
https://bugs.launchpad.net/bugs/1304769

Title:
  Heartbleed

Status in ADCH++:
  Confirmed
Status in DC++:
  Confirmed

Bug description:
  Seems that ADCH++ is affected, maybe a new release?

  http://heartbleed.com/
  http://filippo.io/Heartbleed/

To manage notifications about this bug go to:
https://bugs.launchpad.net/adchpp/+bug/1304769/+subscriptions

References

[Bug 1304769] [NEW] Heartbleed
From: Herman, 2014-04-09