Dear Zimbra Forum and Wiki users:
Zimbra wanted to advise you that the Zimbra Forums and Wiki websites have now been patched for the OpenSSL Heartbleed vulnerability [reference: https://cve.mitre.org/cgi-bin/cvenam...CVE-2014-0160], and new SSL certificates have been issued. At this time, we would recommend that all users of the Zimbra Forums or Wiki change their passwords, as the Heartbleed vulnerability could possibly lead to your username and/or password being compromised by an attacker. While Zimbra has no direct evidence that any usernames or passwords were compromised, the OpenSSL Heartbleed vulnerability can be taken advantage of without any logs being recorded, and thus we are advising that you change your passwords as a precaution.
Please let us know if you have any questions.