A serious security bug... caused by no bounds checking.
H. S. Teoh
hsteoh at quickfur.ath.cx
Mon Apr 7 21:15:00 PDT 2014
On Mon, Apr 07, 2014 at 09:36:28PM -0400, Nick Sabalausky wrote:
> On 4/7/2014 7:28 PM, w0rp wrote:
> >http://heartbleed.com/
> >
> >This bug has been getting around. The bug was caused by missing
> >bounds checking.
> >
> >I'm glad to be using a language with bounds checking.
>
> Whelp, time for that server system upgrade I've been putting off for
> far too long...
I learned the hard way to always keep on top of the security upgrades. A
year or two ago, I put off a pending upgrade for a week, and the day
before I finally got around to it, my server was hacked via the same
vulnerability that the upgrade would've fixed. They got root, so I had
to nuke the system from orbit after backing up my data, and rebuild the
server from scratch. :-( Ever since then, I've set up the system to
notify me as soon as an update is available, and now I dare not delay to
install it ASAP.
T
--
It said to install Windows 2000 or better, so I installed Linux instead.
More information about the Digitalmars-d
mailing list