Opened 10 years ago

Last modified 10 years ago

#220 new defect

mitigate heartbleed vulnerability

Reported by: davidsarah Owned by:
Priority: major Milestone: undecided
Component: negotiation Version: 0.6.4
Keywords: security pyopenssl Cc:

Description

  • Make a FAQ describing the impact of heartbleed on foolscap.
  • Check the OpenSSL version number and refuse to run if vulnerable.

Change History (2)

comment:2 Changed 10 years ago by Brian Warner

Milestone: 0.6.5undecided
Priority: criticalmajor

I've added a note to the README for this, but I'm pushing any actual code changes out for a future release.

Note: See TracTickets for help on using tickets.