http://heartbleed.com/
Unreal IRCd uses OpenSSL and uses TLS, but is it vulnerable to the heartbleed attack? Should we recompile, or is it good enough to update OpenSSL and restart Unreal?
Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)
Re: Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)
Just received the email entitled "SSL Heartbleed security issue & UnrealIRCd" sent to unreal-notify list. Thanks!
Answer is you need to update OpenSSL then RESTART the ircd.
Answer is you need to update OpenSSL then RESTART the ircd.
Re: Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)
Most major distros are proactive to fix this. Debian has already patched both their stable and testing branches, red hat and centos have also released patched rpms. Check with your distro support channel before compiling to check for patched binaries, which could save you a headache or 6.
Configuration - https://www.unrealircd.org/docs/Configuration
FAQ - https://www.unrealircd.org/docs/FAQ
FAQ - https://www.unrealircd.org/docs/FAQ