8 Apr
2014
8 Apr
'14
8:21 p.m.
- John Rowe J.M.Rowe@exeter.ac.uk:
Do we know if dovecot is vulnerable to the heartbleed SSL problem?
ANY application using the affected OpenSSL versions is vulnerable. That includes dovecot.
I'm running dovecot-2.0.9 and openssl-1.01, the latter being intrinsically vulnerable. An on-line tool says that my machine is not affected on port 993 but it would be nice to know for sure if we were vulnerable for a while. (Naturally I've blocked it anyway!).
Thanks
John
-- [*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein