Tracker »
Issue 1151 »
Issue activity log
| 2014-04-09 09:43 | Created | OpenSSL vulnerability CVE-2014-0160 |
| Component | Core | |
| Version | 4.3.8 | |
| Severity | Bug | |
| Priority | High | |
| Comment | https://winscp.net/forum/viewtopic.php?t=13736 https://winscp.net/forum/viewtopic.php?t=13730 |
|
| 2014-04-09 09:45 | Comment | Other resources: https://heartbleed.com/ https://security.stackexchange.com/q/55119/43677 |
| 2014-04-09 11:53 | Status | RESOLVED |
| Fixed in | 5.5.3 | |
| Resolution | FIXED | |
| Comment | Fixed (upgraded to OpenSSL 1.0.1g). | |
| 2014-04-09 18:13 | Comment | OpenSSL is used with FTP over TLS/SSL only. Majority (about 98%) of WinSCP users use SSH (SFTP/SCP) and plain FTP only and are NOT affected! |
| 2014-04-10 10:28 | Comment | https://winscp.net/forum/viewtopic.php?t=13743 |
| 2014-04-11 06:46 | Comment | https://winscp.net/forum/viewtopic.php?t=13751 |
| 2014-04-14 11:51 | Comment | https://www.openssl.org/news/secadv/20140407.txt |
| 2014-10-21 16:18 | Comment | https://superuser.com/q/739690/213663 |