Home | Blog | Update OpenSSL 1.0.1g

Update OpenSSL 1.0.1g

By Clément Nivolle

Features

Yesterday, a security patch of OpenSSL 1.0.1g was issued, fixing a pretty critical vulnerability (refered to as CVE-2014-0160).

Once issued, the Clever Cloud support team immediately updated our service with it.

Who's affected?

If you have SSL enabled on Clever Cloud, you have to read the following.

What to do?

Clever Cloud is not vulnerable to this security breach anymore, but we urge you to regenerate SSL keys and re-issue your certificate. Certificate regeneration is not a sufficient solution to protect you completely, you also have to regenerate a new SSL key. If you have any questions related to this security update for your apps hosted on Clever Cloud, feel free to send us an e-mail, our team will keep you informed of future developments.

Which versions of OpenSSL are vulnerable?

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Tags

Blog

À lire également

Autumn-Winter 2025 Events
Clever Cloud is wrapping up the year on a high note with a busy agenda of events in France and abroad. From prestigious conferences to hands-on workshops, specialized forums, and professional gatherings.
Company Event

Building Smarter MCP Servers — From Theory to Practice

A few months ago, I published an article introducing MCP servers. Since then, I’ve…

Engineering

Clever Cloud goes London: New availability zone (AZ) build on IONOS infrastructure
IONOS, the leading European digitalisation Partner and trusted cloud enabler, supports Clever Cloud, a European Platform-as-a-Service (PaaS) provider, to open a new availability zone (AZ) in London. This collaboration enables Clever Cloud to establish a physical presence in the UK market.
Company Press