Is my Buffalo Product (LS-CHL-V2 Firmware 1.60) affected by Heartbleed

[Florian71]

Hi,
is the Firmware 1.60 running OpenSSL which contains the Heartbleed Security Issue?
Best regards,
   Florian

[RandyChev]

I'm concerned about the same thing. My "About" page shows "DD-WRT v24SP2-MULTI (07/05/12) std
(SVN revision 19438)".

According to DD-WRT any version from 19000-23882 are affected. My question is whether or not Buffalo will issue a firmware upgrade for this or if we have to go straight DD-WRT? I've been very happy with the Buffalo version compared to other versions I've used (perhaps because of the hardware it was used on).

Some sort of announcement would be in order.

[Net7]

Hi,
is the Firmware 1.60 running OpenSSL which contains the Heartbleed Security Issue?
Best regards,
   Florian

That is a good question... I wonder what all else uses OpenSSL these days!

Also, looking at your unit model, it seems that while the US ends at v1.60, the EU has your unit at 1.68 like the rest of the LinkStation and LinkStation Pro model's! You might take a look into that if being up-to-date is your thing! (EU is normally hardware equal, they just release firmware or continue to release firmware earlier/later)

[Net7]

I'm concerned about the same thing. My "About" page shows "DD-WRT v24SP2-MULTI (07/05/12) std
(SVN revision 19438)".

According to DD-WRT any version from 19000-23882 are affected. My question is whether or not Buffalo will issue a firmware upgrade for this or if we have to go straight DD-WRT? I've been very happy with the Buffalo version compared to other versions I've used (perhaps because of the hardware it was used on).

Some sort of announcement would be in order.

Come on guy... Thread jacking, especially when talking about a totally different product, is not cool..

That being said, the last time I asked for a F/W update (the G450H 20025 release is TRASH), I was told that the unit was no longer going to be updated as its EoL... SOOO Off to the Community Release's I went! (you lose the phone support or warranty if the firmware causes the unit to brick, but much better!)

[RandyChev]

Come on guy... Thread jacking, especially when talking about a totally different product, is not cool..

I've been posting on bulletin boards and forums since 1981 and this is the first time I've been accused of "thread jacking". Since it was the ONLY thread I could find discussing Heartbleed I suspected it was the proper place to discuss (gasp) Heartbleed on a Buffalo Product. (Oh, gee. "Heartbleed" and "Buffalo Product" are all in the thread subject... I must be in the wrong place.)

That being said...

That being said, the last time I asked for a F/W update (the G450H 20025 release is TRASH), I was told that the unit was no longer going to be updated as its EoL... SOOO Off to the Community Release's I went! (you lose the phone support or warranty if the firmware causes the unit to brick, but much better!)

Thank you for bringing me up to speed on my product being EOL. I bought this unit new just over a year ago so I had no idea it was near EOL. I'm quite happy with it and may look for another for backup. I will access my options and probably move to the community DD-WRT asap.

Sorry for intruding.

[Eastmarch]

A lot of that depends on what you are using DD-WRT for. Only VPN server and the web GUI use SSL, and web GUI has to be turned on to allow management through the WAN.