Home | Blog | Update OpenSSL 1.0.1g

Update OpenSSL 1.0.1g

By Clément Nivolle

Features

Yesterday, a security patch of OpenSSL 1.0.1g was issued, fixing a pretty critical vulnerability (refered to as CVE-2014-0160).

Once issued, the Clever Cloud support team immediately updated our service with it.

Who's affected?

If you have SSL enabled on Clever Cloud, you have to read the following.

What to do?

Clever Cloud is not vulnerable to this security breach anymore, but we urge you to regenerate SSL keys and re-issue your certificate. Certificate regeneration is not a sufficient solution to protect you completely, you also have to regenerate a new SSL key. If you have any questions related to this security update for your apps hosted on Clever Cloud, feel free to send us an e-mail, our team will keep you informed of future developments.

Which versions of OpenSSL are vulnerable?

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Tags

Blog

À lire également

Clever Cloud: Discover our clever side
Faced with increasingly demanding technical environments, Clever Cloud has established itself as a key player in supporting tech teams and IT decision-makers.
Company

Metabase on Clever Cloud: easily query and visualize your data
Your business generates data, which you need to analyse, understand and make available to your teams, both technical and non-technical. To meet this need, we worked with David Sferruzza to integrate Metabase for the cloud, which is available on our Marketplace and can be easily deployed on Clever Cloud.
Company

What is cloud computing?
Cloud computing is much more than just a trend: it's revolutionising the way businesses use, manage and optimise their IT resources.
Engineering