- Joined
- Feb 27, 2003
- Messages
- 8,138
Hello,
As all of you are likely already aware, an openssl bug called "HeartBleed" has been found which can compromise the security of your SSL certificates and the data it passes.
From my understanding, this would likely only apply to systems with CentOS 6.5 or Debian 7 (openssl 1.0.1 through 1.0.1f)
To test if you are affected, go to this site and enter your domain name:
http://filippo.io/Heartbleed
The update process is quite simple:
CentOS 6:
and restart all of your web services, and you're done the updating part for CentOS 6.
Debian 7:
and also update your Debian 7 DA binaries.
The bug report mentions that private keys could be known, so re-keying your certificates would be recommended for any affected OS.
We don't recommend manually recompiling openssl as it could break your system. Using the pre-install package manager for your system will give you the safer result.
For more information, or questions, please visit this thread:
http://forum.directadmin.com/showthread.php?t=48721
Note that www.directadmin.com was affected, and was patched very quickly after the bug was released.
As this is a new server, this also greatly reduces the amount of time exposed to the bug.
We have no reason to believe any harm was done or any data lost.
As a precaution, we welcome you to change your client password, if you wish:
https://www.directadmin.com/clients
John
As all of you are likely already aware, an openssl bug called "HeartBleed" has been found which can compromise the security of your SSL certificates and the data it passes.
From my understanding, this would likely only apply to systems with CentOS 6.5 or Debian 7 (openssl 1.0.1 through 1.0.1f)
To test if you are affected, go to this site and enter your domain name:
http://filippo.io/Heartbleed
The update process is quite simple:
CentOS 6:
Code:
yum update opensslDebian 7:
Code:
apt-get update
apt-get upgrade libssl1.0.0The bug report mentions that private keys could be known, so re-keying your certificates would be recommended for any affected OS.
We don't recommend manually recompiling openssl as it could break your system. Using the pre-install package manager for your system will give you the safer result.
For more information, or questions, please visit this thread:
http://forum.directadmin.com/showthread.php?t=48721
Note that www.directadmin.com was affected, and was patched very quickly after the bug was released.
As this is a new server, this also greatly reduces the amount of time exposed to the bug.
We have no reason to believe any harm was done or any data lost.
As a precaution, we welcome you to change your client password, if you wish:
https://www.directadmin.com/clients
John