Browse By

Patch OpenSSL “heartbleed” vulnerability for Ubuntu

To update and secure Ubuntu against the latest vulnerability effecting OpenSSL (see vulnerable versions below) you can either update the entire OS or do the following (If you have packages you don’t want to update just yet).

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable

OpenSSL 0.9.8 branch is NOT vulnerable

To confirm you have the correct version which for Ubuntu should be 1.0.1e-3ubuntu1.2

Once you have installed that package you need to restart the web server / mail server (etc) that is presenting the SSL certificate otherwise it will use the old library in memory;

Done.

You can confirm your changes here:

http://filippo.io/Heartbleed 

References;

  • http://www.ubuntu.com/usn/usn-2165-1/
  • http://heartbleed.com/

Leave a Reply

Your email address will not be published. Required fields are marked *