CVE-2014-0160 Heartbleed

Message boards : Questions and problems : CVE-2014-0160 Heartbleed
Message board moderation

To post messages, you must log in.

AuthorMessage
Neil

Send message
Joined: 28 Dec 13
Posts: 10
United Kingdom
Message 53716 - Posted: 19 Apr 2014, 11:39:45 UTC

Is my version of BOINC Manager 7.2.39 (x64) affected/fixed re:Heartbleed CVE-2014-0160.

Cheers.
Neil
ID: 53716 · Report as offensive
Profile Jord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15476
Netherlands
Message 53719 - Posted: 19 Apr 2014, 14:45:12 UTC - in response to Message 53716.  

Your version of BOINC has other trouble, it being responsible for inability to reach certain projects, and the crashing of the newest CPDN models. So you better update to 7.2.42

That said, all of the presently available BOINC versions make use of OpenSSL 1.0.1f or earlier, and thus would be susceptible to the HeartBleed bug. But in order for the exploit to be used, the project server would have to be compromised. All project administrators should by now have heard about the problem and have updated OpenSSL on their servers.

Any next BOINC version will have the updated OpenSSL.
ID: 53719 · Report as offensive
Neil

Send message
Joined: 28 Dec 13
Posts: 10
United Kingdom
Message 53728 - Posted: 19 Apr 2014, 18:26:16 UTC - in response to Message 53719.  

Many thanks for your response Ageless.
Much appreciated and very helpful.

Regards,
Neil.
ID: 53728 · Report as offensive

Message boards : Questions and problems : CVE-2014-0160 Heartbleed

Copyright © 2024 University of California. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.