OpenSSL Heartbleed bug fix for RedHat and CentOS systems

RedHat has released an updated OpenSSL package to fix the Heartbleed bug in RedHat/CentOS 6.x systems. This bug does not affect RedHat/CentOS 5.x systems.

You can read about this release here.

First, you should clean Yum to ensure that you are receiving the latest updates
yum clean all

Install the new OpenSSL package
yum install openssl

You should see the following package being installed
openssl-1.0.1e-16.el6_5.7

You will want to make sure that all SSL-enabled services are restarted on your server. For example, Apache HTTP Server, Postfix.

You can check which services are using the the old OpenSSL libraries by running the following:
lsof -n | grep ssl | grep DEL

This entry was posted in Uncategorized. Bookmark the permalink.

Comments are closed.