Heartbleed vulnerability

Announcements about events or changes to the website and forum
Topic locked

Heartbleed vulnerability

Postby Nick » Fri Apr 11, 2014 11:07 am

You may have heard about the "heartbleed vulnerability" being discussed on the Internet over the last couple of days. Chicken Smoothie updated to patch this security hole within 20 minutes of the fix being available, and is currently secure. You can see a confirmation of that on our SSL test results:

https://www.ssllabs.com/ssltest/analyze ... Results=on

We don't believe there were any leaked passwords and are not recommending you change your CS password (though it wouldn't hurt, and if you use the same password on CS as you do anywhere else, you should definitely change it).

Some people have mentioned that the LastPass website said we hadn't updated, but this only reports the last time our HTTPS certificate was updated, not if we are actually vulnerable to Heartbleed. We don't use HTTPS on our login pages anyway, so even if the certificate were to be compromised, it wouldn't have any impact on the security of logging on. We've updated our HTTPS certificate now so that LastPass stops bleating about it :)
User avatar
Nick
Admin
 
Posts: 6337
Joined: Thu Jul 03, 2008 2:40 pm
My pets
My items
My wishlist
My gallery
My scenes
My dressups
Trade with me
Top
Topic locked

Who is online

Users browsing this forum: No registered users and 25 guests