Home | Blog | Update OpenSSL 1.0.1g

Update OpenSSL 1.0.1g

By Clément Nivolle

Features

Yesterday, a security patch of OpenSSL 1.0.1g was issued, fixing a pretty critical vulnerability (refered to as CVE-2014-0160).

Once issued, the Clever Cloud support team immediately updated our service with it.

Who's affected?

If you have SSL enabled on Clever Cloud, you have to read the following.

What to do?

Clever Cloud is not vulnerable to this security breach anymore, but we urge you to regenerate SSL keys and re-issue your certificate. Certificate regeneration is not a sufficient solution to protect you completely, you also have to regenerate a new SSL key. If you have any questions related to this security update for your apps hosted on Clever Cloud, feel free to send us an e-mail, our team will keep you informed of future developments.

Which versions of OpenSSL are vulnerable?

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Tags

Blog

À lire également

‘There is no such thing as happy vassalage’: President Macron underlines the urgent need for a sovereign European cloud
On 5 May, French President Emmanuel Macron gave a speech at the Sorbonne in support of free and open research in Europe - Choose Europe for Science. Quentin Adam, CEO of Clever Cloud, expresses his satisfaction and proposes concrete actions to strengthen Europe's strategic independence.
Press

Deploy Brinjel on Clever Cloud
Brinjel is an open-source field management software designed for market gardeners, helping them plan seasons, track harvests, and optimize agricultural production. Created by and for market gardeners, it emphasizes an intuitive interface and features tailored to real-world needs.
Company

Simplify the management of Clever Cloud services via Kubernetes with our new operator
For the past two years, we've been enabling our customers to combine the ease of deployment of Clever Cloud with an existing Kubernetes infrastructure through an operator.
Engineering