Recently, information was released concerning a vulnerability in OpenSSL, software that secures traffic between computers on the Web. As soon as we heard about this vulnerability, known as “Heartbleed,” we took action to assess and patch MLA systems.
The servers that power mla.org, ade.org, and adfl.org use an older version of OpenSSL that is not vulnerable to the Heartbleed bug.
MLA Commons, MLA Handbook, and MLA Journals do not use OpenSSL to secure traffic, but the servers they run on did have vulnerable versions of OpenSSL installed. These servers have been patched, and the SSL certificates were replaced.
The Literary Research Guide was not affected.
We do not believe that any accounts on MLA sites could have been compromised because of this vulnerability. However, to be completely safe, you may want to change your password, especially if you use the same password at other sites that may have been affected.
If you have questions, please feel free to contact us.