A quick guideline on how to fix the Hearthbleed bug (and update OpenSSL) on Ubuntu

If you still haven’t fixed your servers after mainstream discovery of the legendary Hearthbleed bug, then do it now – or better completely reinstall the full server, as the server might be compromized anyway and you’ll never find out (unless you are a security expert, but then you wouldn’t read this blog post).

Solution A: Complete reinstall of the entire system (best solution)

A complete reinstall, followed by a full update/upgrade. Make sure you have the latest version of OpenSSL, it needs to say “April 7th 2014” (or something that is even more in the future) on the “built on” line. I find it totally idiotic that this doesn’t simply put out the version (1.0.1g) of the packet, but anyway…To update an outdated version of OpenSSL, see the next paragraph.

Show the installed OpenSSL version on Ubuntu

Show the installed version of OpenSSL via

sudo openssl version -a

Should look like this: Note the “built on” line, should say “April 7th 2014”, like here:

If not, then update. There are several guidelines on the web, but the general way to do is either just updating the OpenSSL package or updating the entire system. DigitalOcean recommends updating the entire system.

Solution B: Just update the OpenSSL package

sudo apt-get install --only-upgrade openssl
sudo apt-get install --only-upgrade libssl1.0.0

To be 100% sure, reboot. This solution has been taken from here: DigitalOcean – How to Protect your Server Against the Heartbleed OpenSSL Vulnerability. Please see this post for additional and much deeper information. They also provide solutions for CentOS, Fedora and ArchLinux.

Solution C: Update/upgrade the entire system

sudo apt-get update
sudo apt-get dist-upgrade
sudo reboot

And then check for the installed version of OpenSSL via

sudo openssl version -a

This solution has been partly taken from Anson Cheung – 3 simple steps to update Ubuntu to fix the Heartbleed SSL bug and DigitalOcean – How to Protect your Server Against the Heartbleed OpenSSL Vulnerability.

This article was written quite a while ago (6 years), please keep this in mind when using the information written here. Links, code and commands might be outdated or broken.

Random articles

A quick guideline on how to fix the Hearthbleed bug (and update OpenSSL) on Ubuntu

Solution A: Complete reinstall of the entire system (best solution)

Show the installed OpenSSL version on Ubuntu

Solution B: Just update the OpenSSL package

Solution C: Update/upgrade the entire system

Random articles

Leave A Comment Cancel reply

How Snapchat wants to earn money (by establishing vertical videos)

Install Laravel 4 on Ubuntu 12.04 LTS (a how-to tutorial)

How to setup and use XDEBUG with PHPStorm 6/7 (locally in Windows 7/8 and Mac OS X)

PHP’s HipHop outperforms PHP 5.5 with Zend OPCache and Nginx by 15-20 times

GitHub finally introduces repo traffic stats

[FREE SERVER PROMO] Install GHOST for free on a free SSD server with this coupon

DEF CON 18 – When your computer got stolen and you can still SSH into it: “Pwned by the 0wner” (22min conference talk)

Google rolls out Chrome 37, finally fixes horrible font-rendering

How to enable mod_rewrite in Ubuntu 14.04 LTS

DigitalOcean VPS coupon codes for december 2013 and early 2014

Create a fast, perfect and bootable 1:1 Windows backup (full clone of HDD) for SSD migration

Disappointed by Watch Dogs’s graphics ? See how it looks with unlocked, hidden settings. Awesome!

How JavaScript really works – An introduction into the JavaScript call stack by Philip Roberts (20min video)

How to install the mcrypt php extension (to use Laravel 4)

October CMS, built on top of Laravel, is beautiful, clever and on the way to be the new #1 CMS

How to install/setup latest version of PHPMyAdmin on Ubuntu 12.04 LTS (Precise Pangolin)

Hochlastseiten mit PHP, MySQL und Apache am Beispiel stern.de (deutscher Artikel)

Creators of Laravel launch one-click-installations of Laravel (including nginx, PHP 5.5 etc.)

How to install/setup a basic LAMP stack (Linux, Apache, MySQL, PHP) on Ubuntu 12.04 or Debian 7.0/7.1

Only today: $50 coupon for DigitalOcean SSD VPS / hosting

EOL lists of Ubuntu, Debian and CentOS for your server plannings

8 awesome pure CSS spinner / loader

Microsoft announces “holographic” 3D interfaces (promo video)

How to install/setup latest version of PHP 5.5 on Debian Wheezy 7.0/7.1/7.2 (and how to fix the GPG key error)