SSL vulnerability

April 8, 2014 1.4k

http://thenextweb.com/insider/2014/04/08/openssl-critical-security-vulnerability-need-patch-right-now/ If a new droplet is created, will the patch be included as part of the install or do we need to update openssl?

2 Answers

asb MOD April 8, 2014

We're in the process of recreating our images. In most cases, upgrading will pull in the fix. For a more detailed run down of the situation, see this article:

https://www.digitalocean.com/community/articles/how-to-protect-your-server-against-the-heartbleed-openssl-vulnerability

How to Protect Your Server Against the Heartbleed OpenSSL Vulnerability

by Justin Ellingwood

The Heartbleed OpenSSL vulnerability is one of the most massive security bugs to hit the internet in years. It basically renders any communication that was supposed to have been protected by SSL open to anyone exploiting this vulnerability. In this guide, we'll tell you how to update your servers and rekey your certificates.

matt.lintz April 9, 2014

After setting up a new droplet you should check for updates as an automatic part of setting up.

- just updated / went through cert re issue on mine

Have another answer? Share your knowledge.

Share

Share your Question

SSL vulnerability

Leave a Comment

Almost there!

Report a Bug