I am already using openssl 1.0.1-4ubuntu5.16
# dpkg -l openssl
ii openssl 1.0.1-4ubuntu5.16 Secure Socket Layer (SSL) binary and related cryptographic tools
But still have the alert
Experimental: This server is vulnerable to the OpenSSL CCS vulnerability
(CVE-2014-0224) and exploitable. Grade set to F.
Is it a false alarm?
(I have reboot my server several time to confirm)