Debian Wheezy OpenSSL heartbleed patching tutorial


Quick tip about patching CVE-2014-0160 vulnerability, in this case we gonna take care of Debian 7. There’re few ways to secure your server (recompilling package with no-heartbleed switch, disabling ssl support or else), but here’s (imho) easiests and fastest solution using already patched packages.

Update 2014-04-09 19:55: Hours after I wrote this tutorial openssl and libssl packages were updated in wheezy repository. Right now just run:

sudo apt-get update
sudo apt-get upgrade

That’s all. Remember to regenerate your certificates.