Heartbleed Bug: what we did

14 Apr 2014 5 min read

heart-bleed-bug.jpg

You have certainly heard of the the Heartbleed bug. It is a very important security issue with the OpenSSL protocol, which is basically used for SSL certificates (accessing web pages using https://).

This bug affected a very large amount of servers on the Internet and the attacker might have been able to read the memory of the server, thus gaining access to the private keys, which would in turn render the encryption useless.

At XWiki SAS, we immediately upgraded the OpenSSL version to a patched one that doesn't show this problem anymore. We will continue to monitor the situation closely to ensure everything is OK. 

Even though there is no reason to believe that any of your account data or personal information has been compromised in any way, it is still a good idea to change the passwords you use to log in to XWiki, as a precaution, as changing your passwords regularly helps ensure privacy and protect your personal information.

You may also be interested in:

News

Enhancing digital sovereignty: XWiki and Nextcloud forge closer ties

XWiki SAS has long upheld its commitment to independence, with shareholders exclusively comprising current and former employees. However, recognizing the importance of strong collaboration among major open-source projects in the EU, the company is embracing a strategic shift through a symbolic investment in XWiki SAS from Frank Karlitschek, Founder and CEO of Nextcloud. Moreover, Nextcloud GmbH and XWiki SAS have signed a mutual resellers' agreement to provide their customers an easy way to purchase a complete solution from either vendor. Read the full article to learn about the why, how, and what.