OpenStack and Heartbleed

From DocWiki

Revision as of 01:03, 11 April 2014 by Mvoelker (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

This page describes how the Heartbleed OpenSSL vulnerability affects OpenStack deployments made with the Cisco OpenStack Installer.

Ubuntu uses OpenSSL. Distributions of Ubuntu that were available when Heartbleed was announced are vulnerable.
OpenStack clouds running on Ubuntu (including those installed by Cisco OSI) are therefore vulnerable.
Ubuntu has already been patched to close the vulnerability, and Cisco OpenStack Installer automatically updates to the newest patch when installed.

Therefore:

Deployments made on or after April 7, 2014 using Cisco OpenStack Installer are safe from the vulnerability.

Deployments installed before April 7, 2014 are vulnerable. For older deployments, Cisco recommends that administrators:
1. Patch Ubuntu on all affected servers;
2. Rekey their entire public-key infrastructure and create new certificates for all services that use OpenSSL (including Puppet); and
3. Change all passwords.

The following links provide more information about Heartbleed and:

Currently 0.00/5
1
2
3
4
5

Rating: 0.0/5 (0 votes cast)

Retrieved from "http://docwiki.cisco.com/wiki/OpenStack_and_Heartbleed"

Category: OpenStack

Views

Personal tools

Log in

Search

Toolbox