open ssl heat bleed 漏洞修复

本次收影响的版本：

• 1.0.1

• 1.0.1a

• 1.0.1b

• 1.0.1c

• 1.0.1d

• 1.0.1e

• 1.0.1f

如何查看自己的openssl版本

rpm -qi openssl

或

dpkg-query -W openssl

各个发行版已经patched版本

• If the openssl version is 1.0.1, it needs to be updated. If it is anything lower, this server doesn't need any changes, write it to the email for Jennifer.
• SO if it is 1.0.1, update it with following command. Make sure it gets updated to version 1.0.1e-16.el6_5.7

• If it is Ubuntu server, update with following command. Make sure it gets updated to version 1.0.1-4ubuntu5.12

yum install openssl -y

ubuntu等其他参考升级命令：

apt-get update

apt-get install openssl

• After you updated openssl, services that use it need to be restarted, most importantly the ones which are facing customer. Get a list of these services with following commands (second one possibly giving more processes)

ps uwwp $(find /proc -maxdepth 2 -name maps -exec grep -HE '/libssl\.so.*' {} \; | cut -d/ -f3 | sort -u) ps uwwp $(find /proc -maxdepth 2 -name maps -exec grep -HE '/libcrypto\.so.*' {} \; | cut -d/ -f3 | sort -u) 

• restart these services, if they are on the list: httpd, nginx, php-fpm, tomcat, haproxy. You don't need to restart the rest,