Community Discussions and Support
Pegasus Mail 4.70 and "Heartbleed" OpenSSL vulnerability

[quote user="idw"]

[quote user="netware5"]David, I will appreciate if you provide some information about the OpenSSL library used in v.4.70 and probably when the fix will be issued if needed.[/quote]

The fix is already there, it's currently being tested for release. According to David Harris it's especially urgent for Mercury users, but not so for Pegasus Mail users.

[/quote]

Thank you very much for the information provided. As usual David is doing perfect job! Thank you David!

[quote user="idw"]<p>[quote user="netware5"]David, I will appreciate if you provide some information about the OpenSSL library used in v.4.70 and probably when the fix will be issued if needed.[/quote]</p><p>The fix is already there, it's currently being tested for release. According to David Harris it's especially urgent for Mercury users, but not so for Pegasus Mail users.</p><p>[/quote]</p><p>Thank you very much for the information provided. As usual David is doing perfect job! Thank you David! </p>

Recently a very critical vulnerability in OpenSSL has been announced. For details please check http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

The OpenSSL versions equal or greater to 1.0.1 are vulnerable except the new fix 1.0.1g which has been released yesterday. As the PMail v4.70 uses OpenSSL a question raises if it is vulnerable.

David, I will appreciate if you provide some information about the OpenSSL library used in v.4.70 and probably when the fix will be issued if needed.

 

<p>Recently a very critical vulnerability in OpenSSL has been announced. For details please check <a href="http://community.pmail.com/forums/" mce_href="http://community.pmail.com/forums/" title="HERE">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160</a></p><p>The OpenSSL versions equal or greater to 1.0.1 are vulnerable except the new fix 1.0.1g which has been released yesterday. As the PMail v4.70 uses OpenSSL a question raises if it is vulnerable. </p><p>David, I will appreciate if you provide some information about the OpenSSL library used in v.4.70 and probably when the fix will be issued if needed. </p><p> </p>

[quote user="netware5"]David, I will appreciate if you provide some information about the OpenSSL library used in v.4.70 and probably when the fix will be issued if needed.[/quote]

The fix is already there, it's currently being tested for release. According to David Harris it's especially urgent for Mercury users, but not so for Pegasus Mail users.

<p>[quote user="netware5"]David, I will appreciate if you provide some information about the OpenSSL library used in v.4.70 and probably when the fix will be issued if needed.[/quote]</p><p>The fix is already there, it's currently being tested for release. According to David Harris it's especially urgent for Mercury users, but not so for Pegasus Mail users.</p>
			Michael
--
IERenderer's Homepage
PGP Key ID (RSA 2048): 0xC45D831B
S/MIME Fingerprint: 94C6B471 0C623088 A5B27701 742B8666 3B7E657C
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Cancel
Delete
Pending draft ... Click to resume editing
Discard draft