Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

defacto7

(13,612 posts)
Fri Apr 11, 2014, 01:37 AM Apr 2014

A note to linux users about HeartBeat OpenSSL hole...

It's an important find and should be taken care of but I wouldn't panic just get it fixed.

Here is the fix BTW...

Get out your trusty Terminal and type:

openssl version -a

If it shows openssl 1.0.0 or a lower number like 0.9.8, then You are OK and always have been but follow the update routine below in a couple of days.

If it shows openssl 1.0.1a (through f), then look at the lines below it to see what the built on date is.
If it says built on: Tue Apr 7 20:23:47 UTC 2014 or a later time or date you are in the clear... nothing to do.
BUT if it has any earlier date for built on: .... you are vulnerable... update and upgrade your computer with the following command:

sudo apt-get update
wait till it's done..... then

sudo apt-get upgrade
answer all questions with yes or ok. You may get another strange window that asks you to choose whether to restart a particular program update... choose ok by using your <tab> key to select then <enter>
Wait for it to finish and you will be updated and OK.

If you use Red Hat, Open SUSE or other branches, the update procedures may be a little different but the outcome of openssl version -a will tell you want you need to know and you can proceed with your routine.

Other sites you visit will need to do the same on their servers and change their certificates but most important ones probably already have. Then you need to change your passwords on their sites if they have important personal info, banks, paypal, work stations, whatever.

Apple users, the procedures are the same only within you Apple framework.

Hope this helps get this over with fast.

Latest Discussions»Culture Forums»Open Source and Free Software»A note to linux users abo...