Home | Blog | Update OpenSSL 1.0.1g

Update OpenSSL 1.0.1g

By Clément Nivolle

Features

Yesterday, a security patch of OpenSSL 1.0.1g was issued, fixing a pretty critical vulnerability (refered to as CVE-2014-0160).

Once issued, the Clever Cloud support team immediately updated our service with it.

Who's affected?

If you have SSL enabled on Clever Cloud, you have to read the following.

What to do?

Clever Cloud is not vulnerable to this security breach anymore, but we urge you to regenerate SSL keys and re-issue your certificate. Certificate regeneration is not a sufficient solution to protect you completely, you also have to regenerate a new SSL key. If you have any questions related to this security update for your apps hosted on Clever Cloud, feel free to send us an e-mail, our team will keep you informed of future developments.

Which versions of OpenSSL are vulnerable?

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Tags

Blog

À lire également

Manage your WordPress identities with Keycloak
Managing logins to your website can be a complex task. Fortunately, tools like Keycloak, an open-source Identity and Access Management (IAM) solution, can make it much easier to handle authentication and authorization for your application.
Engineering

Clever Cloud launches its first certification: “Cloud Concepts 101”
Clever Cloud, a leading European provider of Platform as a Service (PaaS) solutions, announces the launch of its first official certification, Cloud Concepts 101, designed to help developers master the fundamentals of cloud computing and the Clever Cloud platform.
Company

ACCES 2025: A Day Dedicated to Showcasing Clever Cloud Innovations at the Heart of FOST
Take part in ACCES – Amazing Clever Cloud Enterprise Summit, at FOST Paris.
Company Event