Home | Blog | Update OpenSSL 1.0.1g

Update OpenSSL 1.0.1g

heartbleed logo 1

By Clément Nivolle

Features

Yesterday, a security patch of OpenSSL 1.0.1g was issued, fixing a pretty critical vulnerability (refered to as CVE-2014-0160).

Once issued, the Clever Cloud support team immediately updated our service with it.

Who's affected?

If you have SSL enabled on Clever Cloud, you have to read the following.

What to do?

Clever Cloud is not vulnerable to this security breach anymore, but we urge you to regenerate SSL keys and re-issue your certificate. Certificate regeneration is not a sufficient solution to protect you completely, you also have to regenerate a new SSL key. If you have any questions related to this security update for your apps hosted on Clever Cloud, feel free to send us an e-mail, our team will keep you informed of future developments.

Which versions of OpenSSL are vulnerable?

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Tags

Blog

À lire également

UP Program: Clever Cloud announces its fifth startup selection
With this new batch, Clever Cloud welcomes four startups to the UP Program: Sentibee, Pictaderm, Legaia and Cockpit Agriculture.
Company

Sōzu 2.0 — turning a reverse proxy into a programmable edge
Sōzu is the reverse proxy that sits in front of every application running on Clever Cloud. After eighteen months of work — first the HTTP/2 multiplexer, built on our existing kawa pivot, then almost every other layer of the proxy, and finally a long run in production on the cleverapps.io load balancers — Sōzu 2.0 is out.
Engineering

K3s vs K8s: What Are the Differences and Which One Should You Choose in 2026?
Kubernetes has become the standard for container orchestration. But depending on your infrastructure constraints (limited resources, edge computing, IoT, or large-scale enterprise clusters), the distribution you choose can radically change the operational experience. K3s and K8s (upstream Kubernetes) address different needs, even though both share the same CNCF-certified foundation.
Engineering Features