How to patch Ubuntu for Heartbleed

README.md

How to patch Ubuntu for Heartbleed

1. sudo apt-get update
2. sudo apt-get install -y libssl1.0.0 openssl
3. openssl version -a and confirm the "built on" date is >= 2014-04-07
4. sudo lsof -n | grep ssl | grep DEL and restart all listed services.

Repeat #4 until no results are returned.

you can:

sudo apt-get install debian-goodies
sudo checkrestart

In place of the lsof/grep, for similar effect.

For Ubuntu Lucid: https://gist.github.com/psykode/10111495

This didn't quite work. Nothing was installed (as I already had the old build of the package)

https://gist.github.com/suhastech/10225968

Worked for me:

$ openssl version -a
OpenSSL 1.0.1 14 Mar 2012
built on: Wed Jan  8 20:45:51 UTC 2014
$ sudo apt-get update
$ sudo apt-get install -y libssl1.0.0 openssl debian-goodies
$ sudo checkrestart
 ...
   sudo /etc/init.d/ssh restart
   sudo /etc/init.d/ntp restart
   sudo /etc/init.d/whoopsie restart
   sudo /etc/init.d/collectd restart
   ....
$ openssl version -a
OpenSSL 1.0.1 14 Mar 2012
built on: Mon Apr  7 20:33:29 UTC 2014

Note that the version doesn't change, but the built on: date does; which can be confusing

Thanks a ton. Had to use @suhastech solution with the --reinstall flag.

Thanks for this...very simple and worked like a charm on my Ubuntu 13.10 servers.

Ubuntu Lucid comes with 0.9.8k out of the box, which is not vulnerable. Adding Precise sources is possibly dangerous...YMMV.

make sure you restart apache/ your webserver after running this fix. I was confused as to why it wasn't working until I restarted apache, then all was good.