{"id":47,"date":"2014-04-09T10:34:52","date_gmt":"2014-04-09T08:34:52","guid":{"rendered":"https:\/\/jm.garreta.eu\/blog\/?p=47"},"modified":"2014-04-15T15:21:40","modified_gmt":"2014-04-15T13:21:40","slug":"heartbleed-mettez-a-jour-vos-serveurs-ssl-tls","status":"publish","type":"post","link":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/","title":{"rendered":"Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS !"},"content":{"rendered":"

\"heartbleed\"<\/p>\n

Une faille, visiblement tr\u00e8s critique, compromet la s\u00e9curit\u00e9 de nos informations transmises sur Internet, si vous avez des serveurs et que vous les administrez, il y a de grande chance pour que ceux-ci soient vuln\u00e9rables au niveau de SSL\/TLS.<\/p>\n

Pour expliquer rapidement, une attaque de type buffer overflow (d\u00e9passement de tampon) qui consiste \u00e0 envoyer des donn\u00e9es dans une certaine taille et un certain format permet d’acc\u00e9der aux donn\u00e9es qui ont pourtant \u00e9t\u00e9 transmises de mani\u00e8re chiffr\u00e9es sur le serveur.<\/p>\n

Vous pouvez corriger cette faille de mani\u00e8re tr\u00e8s simple, un apt-get update && apt-get upgrade<\/em> ou yum update<\/em> devrait corriger le probl\u00e8me. Pensez \u00e0 red\u00e9marrer les services utilisant les librairies ou dans le doute red\u00e9marrez compl\u00e8tement le serveur avec un reboot<\/em>.<\/p>\n

Et tester finalement votre serveur \u00e0 cette adresse<\/a> pour v\u00e9rifier que vous avez corrig\u00e9 le probl\u00e8me.<\/p>\n

Plus d’informations sur Heartbleed bug<\/a>.<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Une faille, visiblement tr\u00e8s critique, compromet la s\u00e9curit\u00e9 de nos informations transmises sur Internet, si vous avez des serveurs et que vous les administrez, il y a de grande chance pour que ceux-ci soient vuln\u00e9rables au niveau de SSL\/TLS. Pour expliquer rapidement, une attaque de type buffer overflow (d\u00e9passement de tampon) qui consiste \u00e0 envoyer … Continuer la lecture de Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS !<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"blog_gen_system_prompt":"","blog_gen_user_prompt":"","blog_gen_featured_img_prompt":"","blog_gen_inline_img_prompts":"","blog_gen_model":"","blog_gen_image_model":"","blog_gen_timestamp":"","blog_gen_type_article":"","blog_gen_longueur_cible":"","footnotes":""},"categories":[3],"tags":[18,11,10,12,13],"class_list":["post-47","post","type-post","status-publish","format-standard","hentry","category-informatique","tag-heartbleed","tag-linux","tag-serveur","tag-ssl","tag-tls"],"yoast_head":"\nHeartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS ! - Le blog de Jean-Mich<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS ! - Le blog de Jean-Mich\" \/>\n<meta property=\"og:description\" content=\"Une faille, visiblement tr\u00e8s critique, compromet la s\u00e9curit\u00e9 de nos informations transmises sur Internet, si vous avez des serveurs et que vous les administrez, il y a de grande chance pour que ceux-ci soient vuln\u00e9rables au niveau de SSL\/TLS. Pour expliquer rapidement, une attaque de type buffer overflow (d\u00e9passement de tampon) qui consiste \u00e0 envoyer … Continuer la lecture de Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS ! →\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/\" \/>\n<meta property=\"og:site_name\" content=\"Le blog de Jean-Mich\" \/>\n<meta property=\"article:published_time\" content=\"2014-04-09T08:34:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2014-04-15T13:21:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jm.garreta.eu\/blog\/wp-content\/uploads\/2014\/04\/heartbleed.png\" \/>\n<meta name=\"author\" content=\"jeanmich\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"jeanmich\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/\"},\"author\":{\"name\":\"jeanmich\",\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/#\\\/schema\\\/person\\\/5ed151f48f77a878fc9d3868c8a1ed7d\"},\"headline\":\"Heartbleed : mettez \u00e0 jour vos serveurs SSL\\\/TLS !\",\"datePublished\":\"2014-04-09T08:34:52+00:00\",\"dateModified\":\"2014-04-15T13:21:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/\"},\"wordCount\":168,\"commentCount\":2,\"image\":{\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/wp-content\\\/uploads\\\/2014\\\/04\\\/heartbleed.png\",\"keywords\":[\"heartbleed\",\"linux\",\"serveur\",\"ssl\",\"tls\"],\"articleSection\":[\"Informatique\"],\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/\",\"url\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/\",\"name\":\"Heartbleed : mettez \u00e0 jour vos serveurs SSL\\\/TLS ! - Le blog de Jean-Mich\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/wp-content\\\/uploads\\\/2014\\\/04\\\/heartbleed.png\",\"datePublished\":\"2014-04-09T08:34:52+00:00\",\"dateModified\":\"2014-04-15T13:21:40+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/#\\\/schema\\\/person\\\/5ed151f48f77a878fc9d3868c8a1ed7d\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/#primaryimage\",\"url\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/wp-content\\\/uploads\\\/2014\\\/04\\\/heartbleed.png\",\"contentUrl\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/wp-content\\\/uploads\\\/2014\\\/04\\\/heartbleed.png\",\"width\":341,\"height\":413,\"caption\":\"heartbleed\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Heartbleed : mettez \u00e0 jour vos serveurs SSL\\\/TLS !\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/\",\"name\":\"Le blog de Jean-Mich\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/#\\\/schema\\\/person\\\/5ed151f48f77a878fc9d3868c8a1ed7d\",\"name\":\"jeanmich\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/816266d852c4595a2bfa578a991fa68bb8ed5e0217f3565158ca20c139873bda?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/816266d852c4595a2bfa578a991fa68bb8ed5e0217f3565158ca20c139873bda?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/816266d852c4595a2bfa578a991fa68bb8ed5e0217f3565158ca20c139873bda?s=96&d=mm&r=g\",\"caption\":\"jeanmich\"},\"url\":\"https:\\\/\\\/jm.garreta.eu\\\/blog\\\/author\\\/jeanmich\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS ! - Le blog de Jean-Mich","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/","og_locale":"fr_FR","og_type":"article","og_title":"Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS ! - Le blog de Jean-Mich","og_description":"Une faille, visiblement tr\u00e8s critique, compromet la s\u00e9curit\u00e9 de nos informations transmises sur Internet, si vous avez des serveurs et que vous les administrez, il y a de grande chance pour que ceux-ci soient vuln\u00e9rables au niveau de SSL\/TLS. Pour expliquer rapidement, une attaque de type buffer overflow (d\u00e9passement de tampon) qui consiste \u00e0 envoyer … Continuer la lecture de Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS ! →","og_url":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/","og_site_name":"Le blog de Jean-Mich","article_published_time":"2014-04-09T08:34:52+00:00","article_modified_time":"2014-04-15T13:21:40+00:00","og_image":[{"url":"https:\/\/jm.garreta.eu\/blog\/wp-content\/uploads\/2014\/04\/heartbleed.png","type":"","width":"","height":""}],"author":"jeanmich","twitter_misc":{"\u00c9crit par":"jeanmich","Dur\u00e9e de lecture estim\u00e9e":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/#article","isPartOf":{"@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/"},"author":{"name":"jeanmich","@id":"https:\/\/jm.garreta.eu\/blog\/#\/schema\/person\/5ed151f48f77a878fc9d3868c8a1ed7d"},"headline":"Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS !","datePublished":"2014-04-09T08:34:52+00:00","dateModified":"2014-04-15T13:21:40+00:00","mainEntityOfPage":{"@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/"},"wordCount":168,"commentCount":2,"image":{"@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/#primaryimage"},"thumbnailUrl":"https:\/\/jm.garreta.eu\/blog\/wp-content\/uploads\/2014\/04\/heartbleed.png","keywords":["heartbleed","linux","serveur","ssl","tls"],"articleSection":["Informatique"],"inLanguage":"fr-FR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/","url":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/","name":"Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS ! - Le blog de Jean-Mich","isPartOf":{"@id":"https:\/\/jm.garreta.eu\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/#primaryimage"},"image":{"@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/#primaryimage"},"thumbnailUrl":"https:\/\/jm.garreta.eu\/blog\/wp-content\/uploads\/2014\/04\/heartbleed.png","datePublished":"2014-04-09T08:34:52+00:00","dateModified":"2014-04-15T13:21:40+00:00","author":{"@id":"https:\/\/jm.garreta.eu\/blog\/#\/schema\/person\/5ed151f48f77a878fc9d3868c8a1ed7d"},"breadcrumb":{"@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/#primaryimage","url":"https:\/\/jm.garreta.eu\/blog\/wp-content\/uploads\/2014\/04\/heartbleed.png","contentUrl":"https:\/\/jm.garreta.eu\/blog\/wp-content\/uploads\/2014\/04\/heartbleed.png","width":341,"height":413,"caption":"heartbleed"},{"@type":"BreadcrumbList","@id":"https:\/\/jm.garreta.eu\/blog\/heartbleed-mettez-a-jour-vos-serveurs-ssl-tls\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/jm.garreta.eu\/blog\/"},{"@type":"ListItem","position":2,"name":"Heartbleed : mettez \u00e0 jour vos serveurs SSL\/TLS !"}]},{"@type":"WebSite","@id":"https:\/\/jm.garreta.eu\/blog\/#website","url":"https:\/\/jm.garreta.eu\/blog\/","name":"Le blog de Jean-Mich","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jm.garreta.eu\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/jm.garreta.eu\/blog\/#\/schema\/person\/5ed151f48f77a878fc9d3868c8a1ed7d","name":"jeanmich","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/816266d852c4595a2bfa578a991fa68bb8ed5e0217f3565158ca20c139873bda?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/816266d852c4595a2bfa578a991fa68bb8ed5e0217f3565158ca20c139873bda?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/816266d852c4595a2bfa578a991fa68bb8ed5e0217f3565158ca20c139873bda?s=96&d=mm&r=g","caption":"jeanmich"},"url":"https:\/\/jm.garreta.eu\/blog\/author\/jeanmich\/"}]}},"_links":{"self":[{"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/posts\/47","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/comments?post=47"}],"version-history":[{"count":2,"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/posts\/47\/revisions"}],"predecessor-version":[{"id":55,"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/posts\/47\/revisions\/55"}],"wp:attachment":[{"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/media?parent=47"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/categories?post=47"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jm.garreta.eu\/blog\/wp-json\/wp\/v2\/tags?post=47"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}