Someone just started a thread about a new security flaw affecting OpenSSL and all wallets using anything but the latest version.
https://bitcointalksearch.org/topic/security-flaw-found-in-almost-all-crypto-related-software-561464
He says "although the vulnerability has been addressed in OpenSSL's version 1.0.1g, it is present in prior versions up to 1.0.1f."
He goes on to say he checked the current Vertcoin wallet and it is vulnerable because it is using version 1.0.1'c'.
Apparently CGA and YACC will be updated soon.
The thread also says any exchanges using OpenSSL are vulnerable too.
I just checked the latest community coin wallet but could not find the OpenSSL version it uses.
All I could find in the Qt help was "This product includes software developed by the OpenSSL Project".
https://bitcointalksearch.org/topic/security-flaw-found-in-almost-all-crypto-related-software-561464
He says "although the vulnerability has been addressed in OpenSSL's version 1.0.1g, it is present in prior versions up to 1.0.1f."
He goes on to say he checked the current Vertcoin wallet and it is vulnerable because it is using version 1.0.1'c'.
Apparently CGA and YACC will be updated soon.
The thread also says any exchanges using OpenSSL are vulnerable too.
I just checked the latest community coin wallet but could not find the OpenSSL version it uses.
All I could find in the Qt help was "This product includes software developed by the OpenSSL Project".
Thanks for sharing information! This should be checked!
So far, when dev will be online, things to get him to take into consideration:
1. Check, which OpenSSL version is used in software.
2. Update OP with link to Mac OSX wallet (and donation address for instacash). Wallet works without problems (I am waiting for PoS to kick in now, but should be fine)
Anyone has something to add to list?
