Ninefold news & product updates.

Back to news

CVE-2014-0160 (Heartbleed) & You

We just wanted to let everyone know that for our Rails deployment platform, we have automatically upgraded all deployed applications and any new applications automatically include the patched packages that are impacted by CVE-2014-0160 aka Heartbleed.

To ensure that your existing application have accepted the updates, you can perform a code push if you have post-commit hooks enabled, or you can sign in and perform a force redeploy on your application.

Please note: We also recommend deploying updated SSL certificates for your existing apps. You will need to work with your certificate provider to get updated certs and then you can update your apps via the configuration tab. If your app uses any secret tokens you should also update these and perform a redeployment of your application.

If you have any other Linux servers deployed on our platform you should make sure you have the latest OpenSSL package installed.

For example, on Ubuntu you would run:
sudo apt-get update; sudo apt-get upgrade.

If you have any questions, don’t hesitate to contact our support team via live chat below.

Tell us what's what.