View Single Post
  #2   (View Single Post)  
Old 8th April 2014
comet--berkeley comet--berkeley is offline
Real Name: Richard
Package Pilot
 
Join Date: Apr 2009
Location: California
Posts: 163
Default

OpenBSD just released a patch to stable version 5.4 in order to fix this.
Quote:
007: SECURITY FIX: April 8, 2014 All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS heartbeat extension (RFC6520) which can result in a leak of memory contents.
http://www.openbsd.org/errata54.html
Reply With Quote