Security Advisory: Whonix and the OpenSSL Heartbleed bug

On Whonix-Gateway and Whonix-Workstation,
due to the Heartbleed bug in OpenSSL, you are advised to run:

sudo apt-get update && sudo apt-get dist-upgrade

as fast as possible.

Additionally, on Whonix-Gateway restart Tor:

sudo service tor restart

(or simply reboot).

(You only have to do this once. Otherwise do just regular upgrades.)

Hidden Services:
If you are using hidden services (TorChat, hidden web server, etc.), you should also create a new hidden service domain name, for more information, see:
https://blog.torproject.org/blog/openssl-bug-cve-2014-0160

Patrick Schleizer on sabtwitterPatrick Schleizer on sabgithubPatrick Schleizer on sabfacebookPatrick Schleizer on sabemailPatrick Schleizer on sabblogger
Patrick Schleizer
Developer and maintainer at Whonix
Patrick started developing Whonix, the Anonymous Operating System in 2012, when quickly others joined efforts. He collected experiences working pseudonymous on Whonix for two years, enjoys collaboratively working on privacy preserving software.

Patrick started developing Whonix, the Anonymous Operating System in 2012, when quickly others joined efforts. He collected experiences working pseudonymous on Whonix for two years, enjoys collaboratively working on privacy preserving software.

Posted in Whonix archived blog posts
0 comments on “Security Advisory: Whonix and the OpenSSL Heartbleed bug
    2 Pings/Trackbacks for "Security Advisory: Whonix and the OpenSSL Heartbleed bug"
    1. […] – updated Debian packages including Heartbleed OpenSSL bug fix – Whonix’s Tor Browser updater: download from torproject’s clearnet domain instead […]

    2. […] – fixed Tor restart bug when updated by apt-get – updated Debian packages including Heartbleed OpenSSL bug fix – VirtualBox version: no longer recommending to use VirtualBox’s snapshot feature in […]

    Legal

    Archives

    Contribute

    Would you like to contribute to the Whonix project?

    Contributing can be as easy as sharing the blog over social media, volunteering, or making a monetary donation.

    For more ideas on how to get involved see the "Contribute" and "Testers-Wanted" categories.

    Thanks!

    - Whonix Staff