New bug in OpenSSL – mailbox.org ist secure again
Once again, a new vulnerability was published in OpenSSL. We already applied the newest patches to our servers, so we are not affected by this vulnerability anymore. You can verify this on your own:
Please observe the last entry of the testresult, labeled with “OpenSSL CCS vulnerability (CVE-2014-0224)”
This vulnerability, named “OpenSSL CCS Injection Vulnerability (CVE-2014-0224)”, would have allowed for a so-called “man-in-the-middle” attack. This means, that an attacker would’ve been able to break the
transport encryption of your connections.
OpenSSL is used for the encryption of connections between computers, for example from your computer to our mailbox-org-Website. Because of this update, you are now once again able to securely communicate with our servers.