Welcome Guest, Not a member yet? Register   Sign In
Potential Major Security Problem in the Encryption lib's (IE: Heartbleed Bug)
#1

Ok as the title says.

What I want to know is is this something we as CI users have to be worried about?

If so, are there plans by the CI dev's to provide a fix or workaround?

I have a major web application in progress on CI and do not want to release it if this is an issue, at least not releasing it until there is a fix.
"I reject your reality and substitute my own" - Adam Savage, M5 Inc.
Reply
#2

Heartbleed is a bug in OpenSSL. It has nothing to do with CI. What makes you think CI is affected by this?
Reply
#3

reading the documentation for CI3 , for the encryption lib, it mentions it requires openssl and/or mcrypt.
"I reject your reality and substitute my own" - Adam Savage, M5 Inc.
Reply
#4

(12-14-2014, 06:45 AM)Hobbes Wrote: reading the documentation for CI3 , for the encryption lib, it mentions it requires openssl and/or mcrypt.

Exactly, it requires external libraries on your web server. Those are not part of CodeIgniter so there's nothing to fix in CI. You need to make sure your server run the latest version of OpenSSL (or at least the one with the bug fixed).
Reply
#5

Thanks hate. I will check with my server techs and make sure we have the fixed version of openssl.

I just wanted to make sure is all. Thanks for the info
"I reject your reality and substitute my own" - Adam Savage, M5 Inc.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB