Edsby not vulnerable to OpenSSL compromise

Edsby is no longer vulnerable to the recently publicized “Heartbleed” compromise in the popular OpenSSL cryptographic software library.

The Edsby educational engagement platform uses Apache, which uses OpenSSL for the SSL/TLS encryption it uses to protect user traffic, and upgraded its servers immediately after a fix was made available by the OS service provider.

The vulnerability had been in the wild since OpenSSL release 1.0.1 on March 14, 2012, but had only recently been publicized. OpenSSL 1.0.1g, released this Monday, April 7th, 2014, fixed the OpenSSL bug. Edsby incorporated the fix the next day.