On April 7th, 2014, a serious security vulnerability was publicly announced in the popular OpenSSL software library, which is used by many web systems for encryption and decryption of data. The bug opens up the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. If exploited, attackers could eavesdrop on communications, steal data directly from the services and users, and to impersonate services and users.
Is CVTracer affected by this issue?
No. CVTracer Software runs on web servers which do not use the OpenSSL library by default and therefore are not vulnerable to the exploit.
If you are a CVTracer user concerned that your password may have been compromised by use with another website, you may wish to change your password. Go to “Account Details” under Home in your User Account to change your password. CVTracer recommends to change passwords regularly as a good business practice.
For more information on security practices in CVTracer, contact your representative.
For more information on the Heartbleed bug, see http://www.heartbleed.com