Hi gents, one question.
What’s the best way to patch Heartbleed bug on a Ubuntu Server 13.10 installation without Docker?
Any recommended approach?
Tks!
Just install the new openssl packages from the repositories and restart all services using it.
(If you don’t care about your precious uptime, restarting the whole server works too.)
3 Likes
Let’s be clear here - reissuing your SSL certs against existing keys won’t help. You need to generate new private keys (and thus new certificates based on those).
4 Likes
I’ve updated the entire server, docker and discourse. Destroyed and bootstrapped the container and rebooted the entire server. My site is still showing up as vulnerable. What am I missing here?
Have you pulled the latest discourse-docker?
The updated image (0.2.0) is necessary and the templates have changed to reflect that.
docker images --tree should show the ancestry similar to:
…
│ └─7fbcf08c75da Virtual Size: 804.8 MB
│ └─610a44f81f75 Virtual Size: 1.124 GB Tags: samsaffron/discourse:0.2.0
│ ├─656cc0013dad Virtual Size: 1.916 GB Tags: discourse/test:latest
1 Like
I ended up running the docker build from your post below and rebuilding. I did this after pulling the latest discourse-docker build.
https://meta.discourse.org/t/patching-the-heartbleed-vuln-in-a-docker-image/14574/10?u=mlapida
Thanks!