sudo apt-get updatesudo apt-get install -y libssl1.0.0 opensslopenssl version -aand confirm the "built on" date is >= 2014-04-07sudo lsof -n | grep ssl | grep DELand restart all listed services.
Repeat #4 until no results are returned.
Last active
August 18, 2023 18:33
-
-
Save coderanger/10084033 to your computer and use it in GitHub Desktop.
How to patch Ubuntu for Heartbleed
For Ubuntu Lucid: https://gist.github.com/psykode/10111495
This didn't quite work. Nothing was installed (as I already had the old build of the package)
Worked for me:
$ openssl version -a
OpenSSL 1.0.1 14 Mar 2012
built on: Wed Jan 8 20:45:51 UTC 2014
$ sudo apt-get update
$ sudo apt-get install -y libssl1.0.0 openssl debian-goodies
$ sudo checkrestart
...
sudo /etc/init.d/ssh restart
sudo /etc/init.d/ntp restart
sudo /etc/init.d/whoopsie restart
sudo /etc/init.d/collectd restart
....
$ openssl version -a
OpenSSL 1.0.1 14 Mar 2012
built on: Mon Apr 7 20:33:29 UTC 2014
Note that the version doesn't change, but the built on: date does; which can be confusing
Thanks a ton. Had to use @suhastech solution with the --reinstall flag.
Thanks for this...very simple and worked like a charm on my Ubuntu 13.10 servers.
Ubuntu Lucid comes with 0.9.8k out of the box, which is not vulnerable. Adding Precise sources is possibly dangerous...YMMV.
make sure you restart apache/ your webserver after running this fix. I was confused as to why it wasn't working until I restarted apache, then all was good.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
you can:
In place of the lsof/grep, for similar effect.