Update OpenSSL 1.0.1g

Yesterday, a security patch of OpenSSL 1.0.1g was issued, fixing a pretty critical vulnerability (refered to as CVE-2014-0160).

Once issued, the Clever Cloud support team immediately updated our service with it.

Who's affected?

If you have SSL enabled on Clever Cloud, you have to read the following.

What to do?

Clever Cloud is not vulnerable to this security breach anymore, but we urge you to regenerate SSL keys and re-issue your certificate. Certificate regeneration is not a sufficient solution to protect you completely, you also have to regenerate a new SSL key. If you have any questions related to this security update for your apps hosted on Clever Cloud, feel free to send us an e-mail, our team will keep you informed of future developments.

Which versions of OpenSSL are vulnerable?

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Blog

À lire également

Up to €100,000 in funding to adopt Hyper Open X technologies

The Hyper Open X consortium, made up of sixteen major French cloud players, has launched anambitious call for projects designed to accelerate the adoption of open source technologies for cloud and edge computing.
Company

Clever Cloud announces international growth strategy and the expansion of leadership team

Nantes, France - Clever Cloud, French creator of Platform as a Service (PaaS) hosting and deployment solutions, announced today its intention to expand internationally, with a particular focus on the African and South Asian markets.
Company Press

Materia KV: our easy-to-use serverless key-value database is available to all

Clever Cloud was born out of a desire to make life easier for developers, by providing them automation tools and interfaces, so that they can concentrate on their applications and sites.
Features