SSL Heartbleed bug
Posted: Fri Apr 11, 2014 1:22 am
Are UE users affected?
No.
According to the OpenSSL website advisory the buggy OpenSSL versions are only v1.0.1 and v1.0.2, UE uses a different version which is not affected.
Also UE doesn't mask memory access violations (it would compromise reliability), so if something tries to read random block of the process memory (it is what the SSL bug is about) it will just crash.