Follow

VisibleThread Security Update OpenSSL (September 2016)

A number of vulnerabilities have been discovered and patched in the OpenSSL library over the last number of days. The OpenSSL library is used by servers and other devices all over the world to manage securing communications.

For more information on the vulnerabilities see http://www.ubuntu.com/usn/usn-3087-2/

 

VisibleThread and Clarity Grader cloud customers

Our cloud servers including both VisibleThread Docs and Clarity Grader have already been patched with the latest OpenSSL fixes. Our cloud users are not affected by this issue.

VisibleThread on-premise customers

Note: Your VisibleThread on-premise installation is self-contained and running behind your corporate firewall, so there is very little actual risk of being impacted by this issue

VisibleThread on-premise customers running the Ubuntu 12.04 LTS operating system can patch their systems following the steps below.

As with any update, its a good idea to snapshot or backup your VisibleThread VM before applying this. Note this update requires restarting the Apache web server, so while no application downtime is required some users may experience a small interruption in service.

 

If your VisibleThread VM has access to the internet to download Ubuntu updates, all that is required is:

sudo apt-get update

sudo apt-get install openssl libssl1.0.0

sudo service apache2 restart

 

If  your VisibleThread server does not have access to the Ubuntu repositories, we have provided the necessary package updates as attachments to this post.

1. Upload the attached .deb files to your VisibleThread server using ftp.

2. On the VisibleThread server command line type the following:

sudo dpkg -i libssl1.0.0_1.0.1-4ubuntu5.38_amd64.deb

sudo dpkg -i openssl_1.0.1-4ubuntu5.38_amd64.deb

sudo service apache2 restart

 

Once you have completed the steps above you should type the following to verify:

sudo dpkg -s libssl1.0.0

 

This should output a version number which should read '1.0.1-4ubuntu5.38'

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.