Re: The heartbleed bug

Occasional Visitor

The heartbleed bug

Hi Friends,

Anybody know about impact of a recent disclose vunerability ''Heartbleed" bug to HP-UX? and how to prevent it?

Thanks in advanced.




Patrick Wallek
Honored Contributor

Re: The heartbleed bug

I just wrote an internal whitepaper for my company regarding this.


In a nutshell, you need to check the versions of OpenSSL you are running on your system.  You can do this in a couple of ways.


# openssl version


Will check the version that is in your $PATH.


You should probably also check and see if you have multiple versions installed on the system.


One way to do this is:


# swlist -l product openssl


It is entirely possible that you have a version from HP installed, that was installed by default with the OS, and also a separate version that was installed from the HP-UX porting and archive centre.


HP's latest version of OpenSSL is available here, but it is based on ver 0.9.8y and 0.9.7m of OpenSSL.


The latest OpenSSL from the HP-UX porting and archive centre is here:



Acclaimed Contributor

Re: The heartbleed bug

HP says, HP-UX is not affected:

(unless you installed openssl from another source ...)

Hope this helps!

There are only 10 types of people in the world -
those who understand binary, and those who don't.

No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Honored Contributor

Re: The heartbleed bug

By the way, if you need to explain the Heartbleed bug to a non-technical person, this comic strip can be very helpful: