Memotoo
Bugs / BoguesRSS Feed
You have noticed bugs, anomalies, then report them here
Informations:
Number of messages: 1067
Number of posts: 4062
Last posted: 2024-09-12 - 14:50
Last visit: 2024-12-27 - 04:17
Number of posts not read since your last visit: 0
Bookmark and Share
Return to the forum - Forums list - Reply to this post - New message - Search a postSearch a post

OpenSSL Bug: www.memotoo.com IS VULNERABLERSS Feed



Author Message
u.b.muc

Translate this message to:
BulgarianChinese (Traditional)CroatianCzechEnglishFinnishFrancaisGermanGreek
HindiItalianJapaneseNederlandsNorwegianPortugueseRussianSpanishSwedish
smile Posted 2014-04-08 - 19:42

According to the test script https://filippo.io/Heartbleed//#www.memotoo.com, memotoo is affected by the severe OpenSSL "heartbleed" bug. Are there any plans to fix it?



7 Replie(s)
Author Message
Dominik

Translate this message to:
BulgarianChinese (Traditional)CroatianCzechEnglishFinnishFrancaisGermanGreek
HindiItalianJapaneseNederlandsNorwegianPortugueseRussianSpanishSwedish
smile Posted 2014-04-08 - 20:00     Subject: Re: OpenSSL Bug: www.memotoo.com IS VULNERABLE

ACK - I would appreciate an immediate update!


Thomas - Webmaster Memotoo
Thomas - Webmaster Memotoo


Translate this message to:
BulgarianChinese (Traditional)CroatianCzechEnglishFinnishFrancaisGermanGreek
HindiItalianJapaneseNederlandsNorwegianPortugueseRussianSpanishSwedish
smile Posted 2014-04-09 - 11:11     Subject: Re: Re: OpenSSL Bug: www.memotoo.com NOW CORRECTED

Thanks for these information, now the Memotoo servers are updated and corrected:


Dominik

Translate this message to:
BulgarianChinese (Traditional)CroatianCzechEnglishFinnishFrancaisGermanGreek
HindiItalianJapaneseNederlandsNorwegianPortugueseRussianSpanishSwedish
smile Posted 2014-04-09 - 11:32     Subject: Re: Re: Re: OpenSSL Bug: www.memotoo.com NOW CORRECTED

THX


Dominik

Translate this message to:
BulgarianChinese (Traditional)CroatianCzechEnglishFinnishFrancaisGermanGreek
HindiItalianJapaneseNederlandsNorwegianPortugueseRussianSpanishSwedish
smile Posted 2014-04-14 - 09:53     Subject: Re: Re: Re: Re: OpenSSL Bug: www.memotoo.com NOW CORRECTED

According to the CloudFlare-Test on http://blog.cloudflare.com/the-results-of-the-cloudflare-challenge

Thomas, do you plan to change the servers certificate?

http://possible.lv/tools/hb/?domain=www.memotoo.com


Thomas - Webmaster Memotoo
Thomas - Webmaster Memotoo


Translate this message to:
BulgarianChinese (Traditional)CroatianCzechEnglishFinnishFrancaisGermanGreek
HindiItalianJapaneseNederlandsNorwegianPortugueseRussianSpanishSwedish
smile Posted 2014-04-14 - 12:25     Subject: Re: Re: Re: Re: Re: OpenSSL Bug: www.memotoo.com NOW CORRECTED

@Dominik, the servers certificate expire in 2 years, so it is good
08/05/2016


Simon

Translate this message to:
BulgarianChinese (Traditional)CroatianCzechEnglishFinnishFrancaisGermanGreek
HindiItalianJapaneseNederlandsNorwegianPortugueseRussianSpanishSwedish
smile Posted 2014-04-20 - 01:38     Subject: Re: Re: Re: Re: Re: Re: OpenSSL Bug: www.memotoo.com NOW CORRECTED

How is that good? The issue is that exploiting Heartbleed the private key of the certificates could have leaked out. If someone obtained that key, all communication from and to memotoo.com can be decrypted. The certificate in use now was issued on 2014-03-07, ergo, prior to the fix of heartbleed. To be safe, it should be replaced with a new one.


Thomas - Webmaster Memotoo
Thomas - Webmaster Memotoo


Translate this message to:
BulgarianChinese (Traditional)CroatianCzechEnglishFinnishFrancaisGermanGreek
HindiItalianJapaneseNederlandsNorwegianPortugueseRussianSpanishSwedish
smile Posted 2014-04-20 - 16:47     Subject: Re: Re: Re: Re: Re: Re: Re: OpenSSL Bug: www.memotoo.com NOW CORRECTED

@Simon, OK I have updated the SSL certificate on all Memotoo server


Memotoo Cloud Add Memotoo widgets to iGoogleiGoogle, NetvibesNetvibes.com, Windows VistaWindows Vista, Apple DashboardMac OS X, ...
Learn more ยป
Return to the forum - Forums list - Reply to this post - New message - Search a postSearch a post