How to Upgrade OpenSSL and Protect your Server Against the Heartbleed OpenSSL Vulnerability
Important SSL Security Vulnerability
On Monday, April 7th 2014, an OpenSSL vulnerability was disclosed which has been called one of the worst security holes in recent internet history. The bug, called the Heartbleed bug, was introduced in OpenSSL version 1.0.1. It has been in the wild since March of 2012 and is patched with OpenSSL version 1.0.1g released on April 7th 2014. The problem, tagged CVE-2014-0160, is described in detail here.
The bug allows any attacker to read the memory of a vulnerable host, which means that any keys that have been used on a host with a vulnerable version of OpenSSL should be considered compromised. Distributions have been updating their packages and pushing out updates, but users need to pull down the most recent packages and revoke any previous keys based on insecure versions.
Update your System
On Ubuntu and Debian, you can update by typing:
sudo apt-get update sudo apt-get dist-upgrade
On CentOS and Fedora, you can type:
yum update you get the current version of your OpenSSL package by typing:
dpkg -l | grep "openssl" source: https://www.digitalocean.com/community/articles/how-to-protect-your-server-against-the-heartbleed-openssl-vulnerability