Patch OpenSSL CVE-2014-0160 on ubuntu 12.04?

NO, this is not a duplicate of How to patch the Heartbleed bug (CVE-2014-0160) in OpenSSL?. So, read on.

I am seeing conflicting information with respect to Ubuntu 12.04:

1. The Heartbleed page claims Ubuntu 12.04 to be affected and needs to be patched with 1.0.1g
2. The Ubuntu Security Notice USN-2165-1 claims that version 1.0.1-4ubuntu5.12 for the package libssl1.0.0 should fix the issue on Ubuntu 12.04.

Now I do have these packages installed:

# dpkg -l | grep ssl
ii  libssl1.0.0                      1.0.1-4ubuntu5.10                 SSL shared libraries
ii  openssl                          1.0.1-4ubuntu5.10                 Secure Socket Layer (SSL) binary and related cryptographic tools

# lsb_release  -a | grep -i description
Description:    Ubuntu 12.04.3 LTS

So, If I consider above two points, I am not sure which one is true.

Besides, this Heartbleed test page says that my machine is vulnerable.

Has anyone yet been able to fix this issue successfully on Ubuntu 12.04? If yes, then could you provide me the steps you have taken?

Ubuntu has released a patch, you just need to update and upgrade.

sudo apt-get update
sudo apt-get upgrade

To check if you have the latest and patched version, run:

openssl version -a

OpenSSL 1.0.1e 11 Feb 2013
built on: Mon Apr  7 20:33:19 UTC 2014
platform: debian-amd64

Check the "built on:" item, it should be build Apr 7.

Why don't you update? If Ubuntu says you need 5.12, and that heartbleed site says you're vulnerable, what's the problem?

I have the following installed, which was updated yesterday or today on my machine.

ii  openssl                                  1.0.1-4ubuntu5.12