Article ID: 120990, created on Apr 9, 2014, last review on Jun 17, 2016

  • Applies to:
  • Web Presence Builder 11.5
  • Plesk for Linux/Unix


The OpenSSL group issued a vulnerability alert on April 7, 2014. You can find more information about CVE-2014-0160 at the Open SSL website and at

This vulnerability affects almost all services (especially Apache-based) in a system which depends on OpenSSL and those systems created using one of the following distributions:

  • Debian Wheezy (stable) (vulnerable OpenSSL 1.0.1e-2+deb7u4, fixed in OpenSSL 1.0.1e-2+deb7u5)
  • Ubuntu 12.04.4 LTS (vulnerable OpenSSL 1.0.1-4ubuntu5.11, fixed in OpenSSL 1.0.1-4ubuntu5.12)

    Your Debian/Ubuntu package version can be checked using this command:

    ~# dpkg -l openssl
  • RedHat, CentOS, CloudLinux 6.5 (vulnerable OpenSSL 1.0.1e-16.el6_5.4, fixed in OpenSSL 1.0.1e-16.el6_5.7)
  • OpenSUSE 12.2 (vulnerable OpenSSL 1.0.1c, fixed in OpenSSL 1.0.1e-1.44.1)
  • OpenSUSE 13.1 (fixed in OpenSSL 1.0.1e-11.32.1)

    Your Redhat/CentOS and OpenSUSE package versions can be checked using this command:

    ~# rpm -q openssl

OpenSSL 0.97a and 0.98e (in RedHat/CentOS 5) are not vulnerable. According to RHSA-2014-0376, only RedHat 6.5 has a vulnerable version of OpenSSL.

  • On RedHat/CentOS/CloudLinux 5.x, Parallels Plesk is shipped with custom builds of Apache/SNI and Nginx compiled with updated OpenSSL libraries (0.98y). These are not vulnerable.

Debian Squeeze is not vulnerable, as stated in Debian Security Advisory DSA-2896.

Plesk does not support Ubuntu 13.10 and 12.10, which has an updated version of OpenSSL. Other supported Ubuntu releases are not vulnerable, as per Ubuntu Security Notice USN-2165-1.

Fixes for OpenSUSE are provided in OpenSUSE Security Announcement openSUSE-SU-2014:0492-1.


Operating system vendors have issued fixes, which have been incorporated by all major distributions. You must install the OpenSSL update using your operating system update process.

As an example for CentOS 6, RHEL6 and CloudLinux 6, this can be done using the commands:

~# yum clean all; yum update

After the OpenSSL update is installed, we recommend rebooting your operating system.

If a reboot is undesirable for some reason, restart all the services that depend on OpenSSL:

  • Web server (Apache or NGINX)
  • Plesk psa service:

    ~# service psa restart
  • WPB sw-engine service:

    ~#/etc/init.d/sw-engine restart
  • Mail (IMAP/POP3/SMPT services like Qmail/CourierIMAP/Postfix/Sendmail)
  • Databases (MySQL/PostgreSQL)
  • Any other services which rely on SSL and authorization. If you are unsure whether a service depends on SSL, we recommend restarting it.

Password Changes

It is highly recommended that you change passwords for administrative staff after the update is finished.

SSL Certificate Revocations

We encourage all customers to revoke and reissue SSL certificates. The procedure for revocation and reinstallation of SSL certificates is out of the scope of this document.

Additional Checks

After updating, please check all public HTTPS endpoints of the server using the SSLLabs service:

The output of the test should include a row similar to this: This server is not vulnerable to the Heartbleed attack. (Experimental)

See also

  • KB #121016 - summary article for all Parallels products

Search Words




Heartbleed Vulnerability

yum update openssl

yum update openssl


yum update openssl



Could not connect to server


56797cefb1efc9130f7c48a7d1db0f0c a914db3fdc7a53ddcfd1b2db8f5a1b9c 29d1e90fd304f01e6420fbe60f66f838 9305481d3bd31663b68451e3bfdec5a5 18f5eb2d7a7972323627b40f015d5a19

Email subscription for changes to this article
Save as PDF