[[!meta author="guus"]]

Tinc is *not vulnerable* to the Heartbleed bug.

The [Hearbleed bug](http://heartbleed.com/)
([CVE-2014-0160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160))
is a bug in the [OpenSSL](https://en.wikipedia.org/wiki/Openssl) library that
affects any application which is linked to it and is making or accepting TLS
connections. Although tinc links to the OpenSSL library, it does not use the
TLS protocol, and is therefore not vulnerable.