Skip to content

Embed URL

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
How to patch Ubuntu for Heartbleed

How to patch Ubuntu for Heartbleed

  1. sudo apt-get update
  2. sudo apt-get install -y libssl1.0.0 openssl
  3. openssl version -a and confirm the "built on" date is >= 2014-04-07
  4. sudo lsof -n | grep ssl | grep DEL and restart all listed services.

Repeat #4 until no results are returned.

@fujin

you can:

sudo apt-get install debian-goodies
sudo checkrestart

In place of the lsof/grep, for similar effect.

@suhastech

This didn't quite work. Nothing was installed (as I already had the old build of the package)

https://gist.github.com/suhastech/10225968

@mrdavidlaing

Worked for me:

$ openssl version -a
OpenSSL 1.0.1 14 Mar 2012
built on: Wed Jan  8 20:45:51 UTC 2014
$ sudo apt-get update
$ sudo apt-get install -y libssl1.0.0 openssl debian-goodies
$ sudo checkrestart
 ...
   sudo /etc/init.d/ssh restart
   sudo /etc/init.d/ntp restart
   sudo /etc/init.d/whoopsie restart
   sudo /etc/init.d/collectd restart
   ....
$ openssl version -a
OpenSSL 1.0.1 14 Mar 2012
built on: Mon Apr  7 20:33:29 UTC 2014

Note that the version doesn't change, but the built on: date does; which can be confusing

@FestivalBobcats

Thanks a ton. Had to use @suhastech solution with the --reinstall flag.

@brianz

Thanks for this...very simple and worked like a charm on my Ubuntu 13.10 servers.

@luntzel

Ubuntu Lucid comes with 0.9.8k out of the box, which is not vulnerable. Adding Precise sources is possibly dangerous...YMMV.

@Sophrinix

make sure you restart apache/ your webserver after running this fix. I was confused as to why it wasn't working until I restarted apache, then all was good.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.