A quick guideline on how to fix the Hearthbleed bug (and update OpenSSL) on Ubuntu

If you still haven’t fixed your servers after mainstream discovery of the legendary Hearthbleed bug, then do it now – or better completely reinstall the full server, as the server might be compromized anyway and you’ll never find out (unless you are a security expert, but then you wouldn’t read this blog post).

Solution A: Complete reinstall of the entire system (best solution)

A complete reinstall, followed by a full update/upgrade. Make sure you have the latest version of OpenSSL, it needs to say “April 7th 2014” (or something that is even more in the future) on the “built on” line. I find it totally idiotic that this doesn’t simply put out the version (1.0.1g) of the packet, but anyway…To update an outdated version of OpenSSL, see the next paragraph.

Show the installed OpenSSL version on Ubuntu

Show the installed version of OpenSSL via

sudo openssl version -a

Should look like this: Note the “built on” line, should say “April 7th 2014”, like here:

If not, then update. There are several guidelines on the web, but the general way to do is either just updating the OpenSSL package or updating the entire system. DigitalOcean recommends updating the entire system.

Solution B: Just update the OpenSSL package

sudo apt-get install --only-upgrade openssl
sudo apt-get install --only-upgrade libssl1.0.0

To be 100% sure, reboot. This solution has been taken from here: DigitalOcean – How to Protect your Server Against the Heartbleed OpenSSL Vulnerability. Please see this post for additional and much deeper information. They also provide solutions for CentOS, Fedora and ArchLinux.

Solution C: Update/upgrade the entire system

sudo apt-get update
sudo apt-get dist-upgrade
sudo reboot

And then check for the installed version of OpenSSL via

sudo openssl version -a

This solution has been partly taken from Anson Cheung – 3 simple steps to update Ubuntu to fix the Heartbleed SSL bug and DigitalOcean – How to Protect your Server Against the Heartbleed OpenSSL Vulnerability.

A quick guideline on how to fix the Hearthbleed bug (and update OpenSSL) on Ubuntu

Solution A: Complete reinstall of the entire system (best solution)

Show the installed OpenSSL version on Ubuntu

Solution B: Just update the OpenSSL package

Solution C: Update/upgrade the entire system

The New Era of JavaScript (28min conference talk, Jack Franklin, 2013)

A short & simple Composer tutorial

PHP 6.0 will be PHP 7

PHPStorm: 42 Tips and Tricks (47min video talk by Mikhail Vink at Dutch PHP Conference 2015)

A quick history of Comic Sans, the most wrongly used font ever

A preinstalled Vagrant box with PHP HipHop / HHVM and Ubuntu 12.04 (Precise Pangolin)

Create a fast, perfect and bootable 1:1 Windows backup (full clone of HDD) for SSD migration

This is an experimental advertisement

O’Reilly’s Learning JavaScript Design Patterns by Addy Osmani for free

Get Github’s code colors in PHPStorm (2014 style)

The difference between “composer install” and “composer update” – nailed on the head

How to install the mcrypt php extension (to use Laravel 4)

[Link] Redesigning SoundCloud by Evan Simoni

Killer-feature in PHPStorm: Search everywhere

Support FLARUM, the future of PHP forum scripts (with some dollars on Kickstarter)

A PHPStorm shortcuts cheat sheet (for Windows, Mac OS and Linux)

Joshua Davis – my hero of Flash – in two excellent interviews (audio, video)

Extremely simple deployment with PHPloy

A short & simple Composer tutorial

[Link] How to create, read, update and delete (CRUD) with PDO, MySQLi and MySQL the right way (prepared statements)

A preinstalled Vagrant box with PHP HipHop / HHVM and Ubuntu 12.04 (Precise Pangolin)

Redesigning Windows 8 – fantastic and clever drafts by Jay Machalani

How to install latest PHP 5.4.x on Ubuntu 12.04 LTS (Precise Pangolin)