Is this site affected 1 of the 6 or so new openssl vulnerabilities ?

[Justin00]

have not had a chance to fully vertify the new vulnerabilities.
hopefully theymos had ?

any chance you have been able to see if the site is vulnerable ?? from a quick glance one of them were quite serious...

[1714903870]

1714903870

[1714903870]

1714903870

[1714903870]

1714903870

[Mikez]

As far as I know, and as theymos announced, bitcointalk is not heartbleed vulnerable anymore. Have new vulnerabilies surfaced?
I used a couple of SSL checkers just now and everything seemed fine.

[abacus]

Have new vulnerabilies surfaced?

Yes, yesterday:
https://www.openssl.org/news/secadv_20140605.txt

[BCwinning]

Have new vulnerabilies surfaced?

Yes, yesterday:
https://www.openssl.org/news/secadv_20140605.txt

Those only affect systems that are affected by heartbleed. So if openssl has been upgraded from the
affected version there is no issues.

[abacus]

Those only affect systems that are affected by heartbleed. So if openssl has been upgraded from the
affected version there is no issues.

Oh, good to know. Then there's a bit of FUD in many articles about this news.

[shorena]

Those only affect systems that are affected by heartbleed. So if openssl has been upgraded from the
affected version there is no issues.

Oh, good to know. Then there's a bit of FUD in many articles about this news.

Its FUD that this only affects systems that are affected by the heartbleed bug. One of the new bugs is in code that the same person wrote who did the misstakes in heartbleed, maybe thats where this missunderstanding comes from.
From what I read noone uses DTLS anyway. Anonymous ECDH is not used by the forum and barely any homepage for that matter because most use certificates anyway. The only thing that could affect us would be the possible MITM for Bitcoin, but than not really doing any damage AFAIK. You can MITM with Bitcoin anyway, but not get the juicy stuff (private keys).

[theymos]

The forum's OpenSSL was updated yesterday.

Those only affect systems that are affected by heartbleed. So if openssl has been upgraded from the
affected version there is no issues.

No, it's unrelated to heartbleed

[Justin00]

good man theymos.

I must apologise for an hositility I have shown towards you in the past; however I will still keep you on your toes, espeaclly when security and what not is at stake

The forum's OpenSSL was updated yesterday.

Those only affect systems that are affected by heartbleed. So if openssl has been upgraded from the
affected version there is no issues.

No, it's unrelated to heartbleed

[Mikez]

Here's another thread on the new vulnerabibilities: https://bitcointalk.org/index.php?topic=640430

[Peter882]

Here's another thread on the new vulnerabibilities: https://bitcointalk.org/index.php?topic=640430

I believe that thread in "Development & Technical Discussion" focuses on the affects on the wallet client, while this one in "Meta" focuses on the forum itself.