Heartbleed bug – Upgrade OpenSSL on Ubuntu 12.04

Posted by & filed under Linux, Server.

The Heartbleed bug found in OpenSSL needs addressing if you are using OpenSSL to generate TLS keys for HTTPS or FTPS in particular. Upgrading OpenSSL on Ubuntu is not just a matter of running ‘apt-get upgrade’ – this does not get the latest patched version. I found the answer was to install the openssl libssl-dev package. For more info see:

http://askubuntu.com/a/434245/172772

Once installed I checked openssl and got the following info:

user@myserver:~# openssl version -a
OpenSSL 1.0.1 14 Mar 2012
built on: Mon Apr  7 20:33:29 UTC 2014
platform: debian-amd64

The important bit is ‘built on:’ – it should be April 7th or later.

It’s probably wise to make new TLS keys to replace any that may already be compromised.

Related info:
http://stackoverflow.com/questions/10175812/how-to-build-a-self-signed-certificate-with-openssl

http://www.howtoforge.com/setting-up-proftpd-tls-on-ubuntu-12.10

Leave a Reply

  • (will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Bitnami