SSL vulnerability

April 8, 2014 1.6k views
lynhines
By:
lynhines
http://thenextweb.com/insider/2014/04/08/openssl-critical-security-vulnerability-need-patch-right-now/ If a new droplet is created, will the patch be included as part of the install or do we need to update openssl?
Log In to Comment
2 Answers
asb MOD April 8, 2014
We're in the process of recreating our images. In most cases, upgrading will pull in the fix. For a more detailed run down of the situation, see this article:

https://www.digitalocean.com/community/articles/how-to-protect-your-server-against-the-heartbleed-openssl-vulnerability
How to Protect Your Server Against the Heartbleed OpenSSL Vulnerability
by Justin Ellingwood
The Heartbleed OpenSSL vulnerability is one of the most massive security bugs to hit the internet in years. It basically renders any communication that was supposed to have been protected by SSL open to anyone exploiting this vulnerability. In this guide, we'll tell you how to update your servers and rekey your certificates.
Reply
matt.lintz April 9, 2014
After setting up a new droplet you should check for updates as an automatic part of setting up.

- just updated / went through cert re issue on mine
Reply
Have another answer? Share your knowledge.