Home | Blog | Update OpenSSL 1.0.1g

Update OpenSSL 1.0.1g

By Clément Nivolle

Features

Yesterday, a security patch of OpenSSL 1.0.1g was issued, fixing a pretty critical vulnerability (refered to as CVE-2014-0160).

Once issued, the Clever Cloud support team immediately updated our service with it.

Who's affected?

If you have SSL enabled on Clever Cloud, you have to read the following.

What to do?

Clever Cloud is not vulnerable to this security breach anymore, but we urge you to regenerate SSL keys and re-issue your certificate. Certificate regeneration is not a sufficient solution to protect you completely, you also have to regenerate a new SSL key. If you have any questions related to this security update for your apps hosted on Clever Cloud, feel free to send us an e-mail, our team will keep you informed of future developments.

Which versions of OpenSSL are vulnerable?

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Tags

Blog

À lire également

Clever Cloud announces 11 new products at its Clever Cloud Fest
Clever Cloud is celebrating its 15th anniversary with the Clever Cloud Fest on 6 and 7 February 2025 in Nantes. This event will bring together customers and partners, during which Clever Cloud will unveil 11 new products and an international growth strategy.
Company Événements Press

What is Clever AI?
AI services are everywhere, but the sheer number and diversity of them makes it harder for developers to manage them. All the more so when they work in a team. That's why we came up with Clever AI: a multi-vendor, multi-model range of solutions to simplify access to AI for businesses.
Company

Protect yourself: beware of job scams spoofing Clever Cloud’s brand
At Clever Cloud, we provide reliable, secure cloud hosting services for businesses and developers worldwide. Unfortunately, our reputation is being exploited by malicious actors engaging in fraudulent activities under the guise of our company name. We want to set the record straight and help protect you from falling victim to these scams.
Company