You may have heard of the recently announced openssl security vulnerability nicknamed “Heartbleed (CVE-2014-0160).” You can read more about it directly from OpenSSL’s site here:
Eucalyptus has issued our security advisory as well here: https://www.eucalyptus.com/resources/security/advisories/esa-17
Some of the images in our EuStore collection contained versions of openssl carrying the vulnerability. They have since been patched and replaced in EuStore.
However, you must take action in order to update your own images and currently running instances, should you be using one of those found to be vulnerable. To test your image, you may test servers using the following:
Please ensure you have updated any Eucalyptus installs on EL6.5 to the
latest openssl package: