While the popular media have jumped on the Heartbleed Bug as if the sky were falling causing mass panic, it is actually quick and easy to fix for us CentOS users.
Red Hat released a patched version of OpenSSL on 8th April and it has already filtered down to the CentOS updates repository, so all you need to do is:
[[email protected]ocalhost ~]$ sudo yum update openssl [[email protected] ~]$ sudo service httpd restart
Check you’ve installed openssl-1.0.1e-16.el6 (or a more recent one) and restart any other processes that use OpenSSL under the hood.
Now you’ve fixed that, you should consider replacing your SSL certificate and resetting any of your (or your users) passwords as a precautionary measure — the chances they’ve been compromised are vanishingly small, but they are not zero!