A quick guideline on how to fix the Hearthbleed bug (and update OpenSSL) on Ubuntu

If you still haven’t fixed your servers after mainstream discovery of the legendary Hearthbleed bug, then do it now – or better completely reinstall the full server, as the server might be compromized anyway and you’ll never find out (unless you are a security expert, but then you wouldn’t read this blog post).

Solution A: Complete reinstall of the entire system (best solution)

A complete reinstall, followed by a full update/upgrade. Make sure you have the latest version of OpenSSL, it needs to say “April 7th 2014” (or something that is even more in the future) on the “built on” line. I find it totally idiotic that this doesn’t simply put out the version (1.0.1g) of the packet, but anyway…To update an outdated version of OpenSSL, see the next paragraph.

Show the installed OpenSSL version on Ubuntu

Show the installed version of OpenSSL via

sudo openssl version -a

Should look like this: Note the “built on” line, should say “April 7th 2014”, like here:

If not, then update. There are several guidelines on the web, but the general way to do is either just updating the OpenSSL package or updating the entire system. DigitalOcean recommends updating the entire system.

Solution B: Just update the OpenSSL package

sudo apt-get install --only-upgrade openssl
sudo apt-get install --only-upgrade libssl1.0.0

To be 100% sure, reboot. This solution has been taken from here: DigitalOcean – How to Protect your Server Against the Heartbleed OpenSSL Vulnerability. Please see this post for additional and much deeper information. They also provide solutions for CentOS, Fedora and ArchLinux.

Solution C: Update/upgrade the entire system

sudo apt-get update
sudo apt-get dist-upgrade
sudo reboot

And then check for the installed version of OpenSSL via

sudo openssl version -a

This solution has been partly taken from Anson Cheung – 3 simple steps to update Ubuntu to fix the Heartbleed SSL bug and DigitalOcean – How to Protect your Server Against the Heartbleed OpenSSL Vulnerability.

This article was written quite a while ago (9 years), please keep this in mind when using the information written here. Links, code and commands might be outdated or broken.

Random articles

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

A quick guideline on how to fix the Hearthbleed bug (and update OpenSSL) on Ubuntu

Solution A: Complete reinstall of the entire system (best solution)

Show the installed OpenSSL version on Ubuntu

Solution B: Just update the OpenSSL package

Solution C: Update/upgrade the entire system

Random articles

Leave A Comment Cancel reply

GitHub buys Easel.io, a code-free full website creator worth a look

Interesting: code of the same application in PHP, Python, Ruby, Closure, node.js, Java and Go

Frontend Ops Conf 2014 – Paul Irish: Delivering The Goods In Under 1000ms (40min video)

JavaScript Testing Tactics (21min video by Justin Searls)

How to setup a config-free WordPress, PHP and MySQL (for local development) in Windows 7 / 8 in under 3 minutes

[Link] Excellent PHP best practices, 2014 style

Stressed and unrelaxed while coding ? Try some ultra-deeply-relaxing ASMR audio clips. It will change your life. Seriously.

Two excellent introductions into AngularJS by Todd Motto

GitHub introduces revert button / rollback for merged pull requests

HipHop VM reaches 100% green Unit Tests in Laravel, Drupal, Slim, CodeIgniter etc.

When PHPStorm’s cache eats up your harddisk space

Going node.js at Netflix (Slides by Micah R of Netflix)

Awesome list of Design Patterns with PHP code examples

A super-simple Vagrant LAMP stack bootstrap (installable with one command)

“Belt” adds very clever everyday functions to PHP, comes with JavaScript naming styles and eventually solves the needle/haystack problem

A super-simple introduction into PHP namespaces (7min video)

How to install sqlite driver for PHP in Ubuntu & Debian

Frontend Ops Conf 2014 – Rebooting Flickr On A Node.js Stack, One Page At A Time (from PHP) by Bertrand Fan

Rare Steve Jobs AND Bill Gates video interview from 2007’s D5 conference (90min)

Windows XP is officially dead from today. Do you know people still using it ? Punch them.

Free $10 coupon for DigitalOcean SSD cloud VPS hosting

Which server OS version to choose ? Some EOL lists of Debian, Ubuntu and CentOS

[Link] How to create, read, update and delete (CRUD) with PDO, MySQLi and MySQL the right way (prepared statements)

Must-read PHP blog: PHPweekly.com

How to install/setup a basic LAMP stack (Linux, Apache, MySQL, PHP) on Ubuntu 14.04 LTS