FileMaker, Inc. has released FileMaker Server 13.0v1a. This update addresses an issue where the OpenSSL library used by FileMaker Server 13.0v1 was vulnerable to the Heartbleed bug.
• FileMaker Server 13.0v1a includes OpenSSL 1.0.1g, which is not vulnerable to the Heartbleed bug. In addition, the TLS heartbeat in OpenSSL is disabled, which removes the attack method used by Heartbleed bug.
• FileMaker Server 13.0v1a includes an updated default SSL certificate.
It is possible that FileMaker passwords may become compromised due to a Heartbleed bug exploit. We recommend that you change all passwords, including Admin Console and database passwords, after installing FileMaker Server 13.0v1a.
Sr. Manager, FileMaker Developer Relations