BBHN Not affected by Heartbleed PDF Print E-mail
Written by Administrator   
4/11/14
Security Review: OpenSSL Heartbleed vulnerability and BBHN
CVE-2014-0160

By default the distribution does not contain the openssl libraries in the distributed build OpenSSL is however available from the package repositories we publish.

Packages available in repository for installation on 4/11/14.
Linksys Build:
libopenssl 0.9.8e
NOT AFFECTED

Ubiquiti Build:
libopenssl 0.9.8r
NOT AFFECTED

At this time it appears we are not affected by the heartbleed vulnerability and do not require deployment of any remediation at this time.
End users may have however used outside sources to update their openssl library to a version other than our core distribution.  Each end user would need to evaluate their own security if they are using non default repositories.

Submitted:
Conrad Lara
KG6JEI

References:
 
SPONSORED AD: