Update OpenSSL 1.0.1g

Yesterday, a security patch of OpenSSL 1.0.1g was issued, fixing a pretty critical vulnerability (refered to as CVE-2014-0160).

Once issued, the Clever Cloud support team immediately updated our service with it.

Who's affected?

If you have SSL enabled on Clever Cloud, you have to read the following.

What to do?

Clever Cloud is not vulnerable to this security breach anymore, but we urge you to regenerate SSL keys and re-issue your certificate. Certificate regeneration is not a sufficient solution to protect you completely, you also have to regenerate a new SSL key. If you have any questions related to this security update for your apps hosted on Clever Cloud, feel free to send us an e-mail, our team will keep you informed of future developments.

Which versions of OpenSSL are vulnerable?

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Blog

À lire également

UP Programme: Who are the new winning startups?

Clever Cloud is proud to announce the arrival of new start-ups for the second promotion…

Company

Quentin Adam joins Micode on the Underscore_ podcast

Quentin Adam, CEO of Clever Cloud, was a guest on Underscore_, the tech podcast hosted by well-known French content creator Micode.
Company

PostgreSQL 16 and 17 available on Clever Cloud, migrate effortlessly

After upgrading our infrastructure and working hard over the last year to improve the quality of our service and accelerate new product releases, we're delighted to announce the availability of PostgreSQL 16 and 17 on Clever Cloud.
Engineering