Tinc is *not vulnerable* to the Heartbleed bug.
-The [Hearbleed bug](http://heartbleed.com/)
+The [Heartbleed bug](http://heartbleed.com/)
([CVE-2014-0160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160))
is a bug in the [OpenSSL](https://en.wikipedia.org/wiki/Openssl) library that
-affects any application which is linked to it and is making or accepting TLS
+affects any application that is linked to it and is making or accepting TLS
connections. Although tinc links to the OpenSSL library, it does not use the
TLS protocol, and is therefore not vulnerable.
projects / wiki / blobdiff