SSL vulnerability

Posted April 8, 2014 1.9k views If a new droplet is created, will the patch be included as part of the install or do we need to update openssl?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers
We're in the process of recreating our images. In most cases, upgrading will pull in the fix. For a more detailed run down of the situation, see this article:
by Justin Ellingwood
The Heartbleed OpenSSL vulnerability is one of the most massive security bugs to hit the internet in years. It basically renders any communication that was supposed to have been protected by SSL open to anyone exploiting this vulnerability. In this guide, we'll tell you how to update your servers and rekey your certificates.
After setting up a new droplet you should check for updates as an automatic part of setting up.

- just updated / went through cert re issue on mine