Community Discussions and Support
OpenSSL heartbleed bug

[quote user="Rolf Lindby"]Mercury 4.74 does not use OpenSSL, so it's not at risk. In the upcoming v. 4.80 there will be a corrected version of OpenSSL.[/quote]I know but i must use SSL. Without SSL get i no connection to my mail-provider and with SSL have I annoying crashes of Mercury32.

 

[quote user="Konrad Hammerer"]If so, make sure to use the latest stunnel v5.01 as the prior versions are affected as well![/quote]Jep. Installed, old keys revoked and new keys created.

 

<p>[quote user="Rolf Lindby"]Mercury 4.74 does not use OpenSSL, so it's not at risk. In the upcoming v. 4.80 there will be a corrected version of OpenSSL.[/quote]I know but i must use SSL. Without SSL get i no connection to my mail-provider and with SSL have I annoying crashes of Mercury32.</p><p> </p>[quote user="Konrad Hammerer"]If so, make sure to use the latest stunnel v5.01 as the prior versions are affected as well![/quote]Jep. Installed, old keys revoked and new keys created. <p> </p>

Hi All,

I just heard about this OpenSSL heartbleed bug:

 

http://heartbleed.com/

 

Is this relevant for Mercury and its SSL implementation as well and if so, what do we have to do in order to secure the application?

 

Thx

Konrad

<p>Hi All,</p><p>I just heard about this OpenSSL heartbleed bug: </p><p> </p><p>http://heartbleed.com/</p><p> </p><p>Is this relevant for Mercury and its SSL implementation as well and if so, what do we have to do in order to secure the application?</p><p> </p><p>Thx</p><p>Konrad </p>

This is relevant for the upcoming v. 4.80 of Mercury, and in fact already taken care of. 

This is relevant for the upcoming v. 4.80 of Mercury, and in fact already taken care of. 

While we waiting for a fix from David, i suggest to use https://www.stunnel.org.

While we waiting for a fix from David, i suggest to use <a href="https://www.stunnel.org/index.html" title="https://www.stunnel.org" mce_href="https://www.stunnel.org/index.html">https://www.stunnel.org</a>.

Mercury 4.74 does not use OpenSSL, so it's not at risk. In the upcoming v. 4.80 there will be a corrected version of OpenSSL.

Mercury 4.74 does not use OpenSSL, so it's not at risk. In the upcoming v. 4.80 there will be a corrected version of OpenSSL.

If so, make sure to use the latest stunnel v5.01 as the prior versions are affected as well!

 

Konrad

<p>If so, make sure to use the latest stunnel v5.01 as the prior versions are affected as well!</p><p> </p><p>Konrad </p>
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Cancel
Delete
Pending draft ... Click to resume editing
Discard draft