UnrealIRCd Forums

Welcome to the UnrealIRCd Forums!
https://forums.unrealircd.org/

Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)

https://forums.unrealircd.org/viewtopic.php?t=8264

Page 1 of 1

Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)

Posted: Tue Apr 08, 2014 2:39 pm
by Alucard
http://heartbleed.com/

Unreal IRCd uses OpenSSL and uses TLS, but is it vulnerable to the heartbleed attack? Should we recompile, or is it good enough to update OpenSSL and restart Unreal?

Re: Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)

Posted: Tue Apr 08, 2014 6:30 pm
by Alucard
Just received the email entitled "SSL Heartbleed security issue & UnrealIRCd" sent to unreal-notify list. Thanks!

Answer is you need to update OpenSSL then RESTART the ircd.

Re: Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)

Posted: Wed Apr 09, 2014 12:08 am
by katsklaw
Most major distros are proactive to fix this. Debian has already patched both their stable and testing branches, red hat and centos have also released patched rpms. Check with your distro support channel before compiling to check for patched binaries, which could save you a headache or 6. :)
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited