SSL vulnerability

April 8, 2014 1.1k views If a new droplet is created, will the patch be included as part of the install or do we need to update openssl?
2 Answers
We're in the process of recreating our images. In most cases, upgrading will pull in the fix. For a more detailed run down of the situation, see this article:
by Justin Ellingwood
The Heartbleed OpenSSL vulnerability is one of the most massive security bugs to hit the internet in years. It basically renders any communication that was supposed to have been protected by SSL open to anyone exploiting this vulnerability. In this guide, we'll tell you how to update your servers and rekey your certificates.
After setting up a new droplet you should check for updates as an automatic part of setting up.

- just updated / went through cert re issue on mine
Have another answer? Share your knowledge.