1 [[!meta author="guus"]]
3 Tinc is *not vulnerable* to the Heartbleed bug.
5 The [Hearbleed bug](http://heartbleed.com/)
6 ([CVE-2014-0160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160))
7 is a bug in the [OpenSSL](https://en.wikipedia.org/wiki/Openssl) library that
8 affects any application which is linked to it and is making or accepting TLS
9 connections. Although tinc links to the OpenSSL library, it does not use the
10 TLS protocol, and is therefore not vulnerable.