29 Apr
2014
29 Apr
'14
12:23 p.m.
Responding to some questions about this topic, the official word is that routerOS is not affected: http://forum.mikrotik.com/viewtopic.php?f=2 <http://forum.mikrotik.com/viewtopic.php?f=2&t=83815> &t=83815 according to the posts, routerOS prior to 6.11 used an older version of openSSL that did not have the reported vulnerability, and 6.12 onward has a newer version of openSSL that has the vulnerability fixed. Thus it seems that due to a lack of attention in keeping public maintained libraries up to date has been counted as a win for routerOS users this time around ;) Cheers! Mike.