Page tree
Skip to end of metadata
Go to start of metadata

The HeartBleed Bug Affects EuStore EMIs



The HeartBleed Bug Affects EuStore EMIs

Severity LevelCRITICAL
Issue Date2014-04-09
Last Updated2014-04-10
Affected ProductsEuStore EMI 2714641871 (Fedora 18), EMI 0355237665 (Fedora 20), 1424900416 (OpenSUSE 12.2), 3550541955 (Debian Wheezy)
CVE NumberCVE-2014-0160




The HeartBleed Bug is a very serious vulnerability found in OpenSSL 1.0.1 before 1.0.1g. This vulnerability affects some of the images that are provided as a part of the Eucalyptus EuStore. We recommend that you immediately replace the affected EMIs with the newest versions.


The HeartBleed Bug is a very serious issue in OpenSSL cryptographic software library. This bug allows unauthenticated attackers to steal secret information from the process memory of remote servers. Several distributions are affected. For more information, refer to:

We identified that the following EuStore EMIs are potentially affected by the bug:

2714641871fedorax86_64starter kvmFedora 18 1.7GB root
0355237665fedorax86_64starter kvmFedora 20 2GB root
3550541955debianx86_64starter kvmDebian 7 1.7GB root
1424900416opensusex86_64starter kvmOpenSUSE 12.2 x86_64 - KVM image


We strongly advise to immediately update OpenSSL packages on all images/virtual machines installed from the affected EMIs.


To update to the latest OpenSSL package, run the command that corresponds to your distribution.

On Fedora:

# yum upgrade openssl


On Debian:


# apt-get update
# apt-get install openssl

On OpenSUSE:


# zypper update openssl


Updated EMIs are available in the EuStore:

Contact and help

Contact the Eucalyptus security team at