In order to mitigate the security risk imposed by Openssl "heartbleed" vulnerability, follow the below vendor recommendations where applicable instead of downloading Openssl 1.0.1g from source and compiling it only to find that it breaks package management on the Amazon EC2 instances.
Nginx:-
http://nginx.com/blog/nginx-and-the-heartbleed-vulnerability/
Apache:-
https://blogs.apache.org/cloudstack/entry/how_to_mitigate_openssl_heartbleed
RHEL + CentOS instances:-
https://access.redhat.com/site/solutions/781793
Amazon Linux instances (NAT + ELB):-
https://aws.amazon.com/amazon-linux-ami/security-bulletins/ALAS-2014-320/
Ubuntu instances:-
http://www.ubuntu.com/usn/usn-2165-1/
Nginx:-
http://nginx.com/blog/nginx-and-the-heartbleed-vulnerability/
Apache:-
https://blogs.apache.org/cloudstack/entry/how_to_mitigate_openssl_heartbleed
RHEL + CentOS instances:-
https://access.redhat.com/site/solutions/781793
Amazon Linux instances (NAT + ELB):-
https://aws.amazon.com/amazon-linux-ami/security-bulletins/ALAS-2014-320/
Ubuntu instances:-
http://www.ubuntu.com/usn/usn-2165-1/
No comments:
Post a Comment