ZACR Notice : Connectivity Issues – heart bleed bug

By April 10, 2014Home, Notices

ZACR has issued the following statement regarding the recent heart bleed bug vulnerability affecting mostly Linux based Operating Systems

Intermittent Connectivity Issues – 10 April 2014

Please note that some registrars might experience intermittent connectivity issues as well as closing of existing sessions throughout the day. If a session is unexpectedly closed, registrars are advised to simply Login again to have access to the Registry system.

The Registry is currently fixing an identified bug in OpenSSL. For more information on the bug, please see the official report.

Please accept our apologies for any inconvenience caused during this time.

Affected OS’s currently include

Debian Wheezy (stable), OpenSSL 1.0.1e-2+deb7u4
Ubuntu 12.04.4 LTS, OpenSSL 1.0.1-4ubuntu5.11
CentOS 6.5, OpenSSL 1.0.1e-15
Fedora 18, OpenSSL 1.0.1e-4
OpenBSD 5.3 (OpenSSL 1.0.1c 10 May 2012) and 5.4 (OpenSSL 1.0.1c 10 May 2012)
FreeBSD 10.0 – OpenSSL 1.0.1e 11 Feb 2013
NetBSD 5.0.2 (OpenSSL 1.0.1e)
OpenSUSE 12.2 (OpenSSL 1.0.1c)

Operating system distribution with versions that are not vulnerable:

Debian Squeeze (oldstable), OpenSSL 0.9.8o-4squeeze14
SUSE Linux Enterprise Server
FreeBSD 8.4 – OpenSSL 0.9.8y 5 Feb 2013
FreeBSD 9.2 – OpenSSL 0.9.8y 5 Feb 2013
FreeBSD Ports – OpenSSL 1.0.1g (At 7 Apr 21:46:40 2014 UTC)