How to patch CVE-2014-0160 in OpenSSL

How to patch CVE-2014-0160 in OpenSSL

1 minute
153 words
Categories: Development System Security
Tags: Openssl Security Vulnerability
Author: Quentin

OpenSSL has a critical security vulnerability that needs to be patched right away.

This bug in OpenSSL has been found affecting versions 1.0.1 through 1.0.1f (inclusive) and 1.0.2-beta.

Upgrading OpenSSL version to 1.0.1g is fixing this security vulnerability.

Below the single command line to compiling and install the last openssl version.

PLAINTEXT
curl https://www.openssl.org/source/openssl-1.0.1g.tar.gz | tar xz && cd openssl-1.0.1g && sudo ./config && sudo make && sudo make install
Click to expand and view more
SH
sudo ln -sf /usr/local/ssl/bin/openssl `which openssl`
Click to expand and view more

You are all good !

SH
# openssl version should return
openssl version
OpenSSL 1.0.1g 7 Apr 2014
Click to expand and view more

Notes

This is not fixing Nginx and Apache server who have to be recompile with 1.0.1g openSSL sources.

More…

Quentin Rousseau

Quentin Rousseau

CTO & Co-founder at Rootly (YC S21)

San Francisco, CA

Former Instacart SRE. Rock climber & wine enthusiast.

GitHub X LinkedIn Email

Start searching

Enter keywords to search articles

↑↓
ESC
⌘K Shortcut