Timeline
- Oct 9, 2019 CVE Published
- Apr 11, 2025 PoC Published
June 5, 2014 Update: 2014/06/10 9:00 AM PDT All AWS services that were impacted by CVE-2014-0224 have been updated. The following services that have been updated for CVE-2014-0224 will require steps from our customers to complete the update processes. Amazon Linux AMI – An updated version of OpenSSL has been made available in our package repository. The updated package is openssl-1.0.1g-1.70.amzn1. Package openssl-1.0.1h-1.72.amzn1 has also been updated. Run “sudo yum update openssl” to update your Amazon Linux AMI Instance. Once the new package is installed, it is required that you either manually restart all services that are using openssl, or that you reboot your instance. AWS Elastic Beanstalk – Updates completed. Please see the Elastic Beanstalk forum announcement ( https://forums.aws.amazon.com/ann.jspa?annID=2509 ) for specific steps to finalize the update process. Amazon Elastic MapReduce (EMR) – Updates completed. Customers using AMI 3.0 or later who wish to install the patch should run “sudo yum update openssl” on their cluster and restart any dependent services. Clusters launched after 06/05/2014 6:00 PDT will get the update automatically. Amazon Relational…