Heartbleed Bug Information
11 April 2014
Earlier this week the OpenSSL Heartbleed Bug was announced. The list below details how this affects Zumero for SQL Server (ZSS).
- The ZSS Server uses IIS which does not use OpenSSL. It is not vulnerable to the Heartbleed bug.
- The only potentially affected platform in the ZSS Client SDK is Android, which bundles a copy of OpenSSL that is used only for client-side access. In the ZSS 1.3 release, the bundled OpenSSL is upgraded to 1.0.1g.