How to Fix DROWN security bug in OpenSSL


A new security hole DROWN has been discovered in the OpenSSL library which is used by websites to offer https versions of their sites.

The attack named DROWN or Decrypting RSA with Obsolete and Weakened encryption enables an old security protocol SSLv2 to be used for attacking https websites.

OpenSSL 1.0.2g now available with DROWN bugfix

The OpenSSL team has issued new versions of their library. We recommend to upgrade as soon as possible to OpenSSL version 1.0.2g
The latest version of OpenSSL can be downloaded from

Here are the commands you need to execute on your server via your Secure Shell access (SSH):

$ cd ~
$ wget
$ tar xvfz openssl-1.0.2g.tar.gz
$ cd openssl-1.0.2g
$ ./config
$ make depend
$ make
$ sudo make install

The above commands will download OpenSSL, compile and install the newest version of OpenSSL.

To validate the install execute the following commands:

$ openssl
OpenSSL> version
OpenSSL 1.0.2g  1 Mar 2016
Wim Bervoets
Follow me

Share this Post