Update your System
PLEASE NOTICE: Backup all your system before big updates!
Ubuntu and Debian
sudo apt-get update
sudo apt-get dist-upgrade
CentOS and Fedora
yum update
Checking your Version Numbers
Debian and Ubuntu Releases and Fix Versions
dpkg -l | grep "openssl"
- Ubuntu 10.04: Unaffected (Shipped with older version prior to vulnerability)
- Ubuntu 12.04: 1.0.1-4ubuntu5.12
- Ubuntu 12.10: 1.0.1c-3ubuntu2.7
- Ubuntu 13.04: SUPPORT END OF LIFE REACHED, SHOULD UPGRADE
- Ubuntu 13.10: 1.0.1e-3ubuntu1.2
- Debian 6 (Squeeze): Unaffected (Shipped with older version prior to vulnerability)
- Debian 7 (Wheezy): 1.0.1e-2+deb7u6
- Debian testing (Jessie): 1.0.1g-1
- Debian unstable (Sid): 1.0.1g-1
If you are using Ubuntu 13.04 its HIGHLY RECOMMENDED for you to upgrade your version.
PLEASE NOTICE: Backup all your system before big updates!
Check for your OpenSSL version
dpkg -l | grep “openssl”
Check for your Ubuntu version
lsb_release -a
root@localhost:~# dpkg -l | grep "openssl"
ii libcurl4-openssl-dev 7.29.0-1ubuntu3.4 amd64 development files and documentation for libcurl (OpenSSL flavour)
ii libgnutls-openssl27:amd64 2.12.23-1ubuntu1.1 amd64 GNU TLS library - OpenSSL wrapper
ii openssl 1.0.1c-4ubuntu8.2 amd64 Secure Socket Layer (SSL) binary and related cryptographic tools
root@localhost:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 13.04
Release: 13.04
Codename: raring
CentOS and Fedora Releases and Fix Versions
rpm -q -a | grep "openssl"
- CentOS 5: Unaffected (Shipped with older version prior to vulnerability)
- CentOS 6: openssl-1.0.1e-16.el6.5.7
- Fedora 17: Unaffected (Shipped with older version prior to vulnerability)
- Fedora 19: openssl-1.0.1e-37.fc19.1If your OpenSSL Fedora version number doesn’t ends in .1 you are vulnerable!
Check for your OpenSSL version
rpm -q -a | grep “openssl”
Check for your Ubuntu version
cat /etc/redhat-release
[root@stream4 ~]# rpm -q -a | grep "openssl"
openssl-1.0.1e-16.el6_5.4.x86_64
[root@stream4 ~]# cat /etc/redhat-release
CentOS release 6.5 (Final)
Revoking and Reissuing your SSL Certs/Keys
- regenerate your certificate using a new private key
- create new key and then create the certificate or send CSR to certificate authority issuer to create the new certificate
- replace the old certificate and start using the new ones.
Continue reading Protect your Server Against the Heartbleed OpenSSL Vulnerability →