Many distributions link OpenSSL as a shared library, including RedHat, CentOS, Fedora, Debian, Ubuntu, Gentoo, and others. These are most certainly affected.
Please check your running server directly to see if you're affected. http://filippo.io/Heartbleed/ seems to work well. I would *not* suggest switching to static linking in the future; the act that default Node.js is unaffected was a complete coincidence, and normally security vulnerabilities happen the other way around (due to static linking with custom compile options, and so on). Austin. On Tuesday, April 8, 2014 2:48:21 AM UTC-7, Bruno Jouhier wrote: > > http://heartbleed.com/ > > It looks very serious. Is node impacted? > > -- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
