Fixing OpenSSL Padding Oracle vulnerability (CVE-2016-2107)
This works well on my Ubuntu 14.04 # Based on http://fearby.com/article/update-openssl-on-a-digital-ocean-vm/ Method1: $ sudo apt-get update $sudo apt-get install –only-upgrade libssl1.0.0 openssl #check if it patches successfully. $ zgrep -ie “(CVE-2016-2108|CVE-2016-2107)” /usr/share/doc/libssl1.0.0/changelog.Debian.gz Output should be like this: – debian/patches/CVE-2016-2107.patch: check that there are enough – CVE-2016-2107 – debian/patches/CVE-2016-2108-1.patch: don’t mishandle zero if it is – debian/patches/CVE-2016-2108-2.patch: fix ASN1_INTEGER handling in – CVE-2016-2108 Method2: $ sudo apt-get dist-upgrade $ wget ftp://ftp.openssl.org/source/openssl-1.0.2h.tar.gz $ tar -xvzf openssl-1.0.2h.tar.gz $ cd openssl-1.0.2h $ ./config –prefix=/usr/ $ make depend $ sudo make install $ openssl version # OpenSSL 1.0.2h 3 May 2016 # now restart your nginx or other server $Read More →