You are here

Block title
Block content

UPDATE: Heartbleed Patch Applied to All DuraSpace Services and Websites

Dear DuraSpace Services, Wiki, JIRA and Website Users,

Winchester, MA  As you know a vulnerability in OpenSSL, which has been named “Heartbleed”, was detected earlier this month.

“Heartbleed is a security bug in the open-source OpenSSL cryptography library, widely used to implement the Internet's Transport Layer Security (TLS) protocol. This vulnerability results from a missing bounds check in the handling of the Transport Layer Security (TLS) heartbeat extension, the heartbeat being why the vulnerability got its name. A fixed version of OpenSSL was released on April 7, 2014, at the same time as Heartbleed was publicly disclosed.” [1]

The Heartbleed patch (a fixed version of OpenSSL) was applied to all DuraSpace services and websites on April 8, 2014 including:

• DuraCloud
• DSpaceDirect
• DuraSpace Wiki

[1] Wikipedia,