Ddating web site related 2 txt 2
Bug is in the Open SSL's implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520).
When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server.
Fixed Open SSL has been released and now it has to be deployed.
As long as the vulnerable version of Open SSL is in use it can be abused.Only owners of the services will be able to estimate the likelihood what has been leaked and they should notify their users accordingly.Most important thing is to restore trust to the primary and secondary key material as described above.This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content.This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.
Service providers and users have to install the fix as it becomes available for the operating systems, networked appliances and software they use.