Hello Serv-U users,
With the announcement of the Heartbleed bug\ CVE-2014-0160we are seeing a large amount of our users concerned with their deployments of Serv-U being affected.
The links about tell us that only the following OpenSSL libraries are effected
- OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
- OpenSSL 1.0.1g is NOT vulnerable
- OpenSSL 1.0.0 branch is NOT vulnerable
- OpenSSL 0.9.8 branch is NOT vulnerable
Serv-U is officially UNAFFECTED due to the fact we are currently using OpenSSL 0.9.8
We made sure though our own testing and validation that the "heartbleed" bug is something our administrators do not need to worry about.
If you have any questions comments or concerns about this issue please feel free to reply to this or submit a technical support ticket