Search this Site

Site Features

See this page for more about this site including its features.

Background: The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

That is, if you use a secure connection (https://) then OpenSSL may be used to provide that.  On Linux servers as used by Cobourg Internet, the operating system is Apache and OpenSSL is usually used and is in fact used by the Cobourg Internet Server. 

However, there are two reasons why sites on the Cobourg Internet Server are not vulnerable:

  1. There are no sites on Cobourg Server using encryption so none are affected. Any encryption is done using Paypal - and reports I have seen say that PayPal is not vulnerable.
  2. There are multiple versions of OpenSSL.

Status of different versions:

OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable (1.0.1 released March 14, 2012)
OpenSSL 1.0.1g is NOT vulnerable (released April 7, 2014)
OpenSSL 1.0.0 branch is NOT vulnerable (Released March 29, 2010 - Still supported)
OpenSSL 0.9.8 branch is NOT vulnerable (Released July 5, 2005 - Still supported)

The version used on Cobourg Internet Server is not vulnerable since it uses version 0.9.8m

There is no need to change any passwords.

Google Ad