How to Patch CVE-2014-0160 in OpenSSL

OpenSSL has a critical security vulnerability that needs to be patched right away.

This bug in OpenSSL has been found affecting versions 1.0.1 through 1.0.1f (inclusive) and 1.0.2-beta.

Upgrading OpenSSL version to 1.0.1g is fixing this security vulnerability.

Below the single command line to compiling and install the last openssl version.

1

curl https://www.openssl.org/source/openssl-1.0.1g.tar.gz | tar xz && cd openssl-1.0.1g && sudo ./config && sudo make && sudo make install

Replace old openssl binary file by the new one via a symlink.

1

sudo ln -sf /usr/local/ssl/bin/openssl `which openssl`

You are all good !

1
2
3

# openssl version should return
openssl version
OpenSSL 1.0.1g 7 Apr 2014

Notes

This is not fixing Nginx and Apache server who have to be recompile with 1.0.1g openSSL sources.

More…

• openssl binaries
• CVE-2014-0160