Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)

These are old archives. They are kept for historic purposes only.
Post Reply
Alucard
Posts: 9
Joined: Fri Mar 06, 2009 3:12 am

Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)

Post by Alucard »

http://heartbleed.com/

Unreal IRCd uses OpenSSL and uses TLS, but is it vulnerable to the heartbleed attack? Should we recompile, or is it good enough to update OpenSSL and restart Unreal?
Alucard
Posts: 9
Joined: Fri Mar 06, 2009 3:12 am

Re: Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)

Post by Alucard »

Just received the email entitled "SSL Heartbleed security issue & UnrealIRCd" sent to unreal-notify list. Thanks!

Answer is you need to update OpenSSL then RESTART the ircd.
katsklaw
Posts: 1124
Joined: Sun Apr 18, 2004 5:06 pm
Contact:

Re: Unreal IRCd & the 7-Apr-2014 OpenSSL vuln (heartbleed)

Post by katsklaw »

Most major distros are proactive to fix this. Debian has already patched both their stable and testing branches, red hat and centos have also released patched rpms. Check with your distro support channel before compiling to check for patched binaries, which could save you a headache or 6. :)
Post Reply