Results 1 to 2 of 2

Thread: OpenSSL Heartbleed Update

  1. #1
    Assadministrator kung foo man's Avatar
    Join Date
    Jun 2012
    Location
    trailerpark
    Posts
    2,010
    Thanks
    2,102
    Thanked 1,084 Times in 753 Posts

    OpenSSL Heartbleed Update

    Hey all,

    since there is a new bug in OpenSSL, every linux admin should update their root.

    For Debian Wheezy, this did the job:

    Code:
    apt-get update
    apt-get install openssl
    To check the update, just run:

    Code:
    # apt-cache policy openssl
    openssl:
      Installed: 1.0.1e-2+deb7u5
      Candidate: 1.0.1e-2+deb7u5
      Version table:
     *** 1.0.1e-2+deb7u5 0
            500 http://mirror.hetzner.de/debian/security/ wheezy/updates/main amd64 Packages
            500 http://security.debian.org/ wheezy/updates/main amd64 Packages
            100 /var/lib/dpkg/status
         1.0.1e-2+deb7u4 0
            500 http://mirror.hetzner.de/debian/packages/ wheezy/main amd64 Packages
            500 http://cdn.debian.net/debian/ wheezy/main amd64 Packages
    The "e-2" is the fixed version. A server restart reloads the buggy library for each process.

    You can check the vulnerability of your server with this site: http://possible.lv/tools/hb/

    Stay secure!
    timescale 0.01

  2. The Following 4 Users Say Thank You to kung foo man For This Useful Post:

    BlancO (8th April 2014),Mitch (8th April 2014),RobsoN (8th April 2014),smect@ (9th April 2014)

  3. #2
    Private First Class RobsoN's Avatar
    Join Date
    Jan 2013
    Location
    /home/cod2/
    Posts
    230
    Thanks
    119
    Thanked 95 Times in 64 Posts
    I've got Debian 6, and I couldn't update openssl..

    apt-get update (nothing special happens)
    PHP Code:
    [...]
    Fetched 453 kB in 4s (107 kB/s)
    Reading package lists... Done 
    apt-get install openssl

    PHP Code:
    Reading package lists... Done
    Building dependency tree
    Reading state information
    ... Done
    openssl is already the newest version
    .
    0 upgraded0 newly installed0 to remove and 2 not upgraded
    apt-cache policy openssl

    PHP Code:
    openssl:
      
    Installed0.9.8o-4squeeze14
      Candidate
    0.9.8o-4squeeze14
      Version table
    :
     *** 
    0.9.8o-4squeeze14 0
            500 http
    ://ftp.debian.org/debian/ squeeze/main amd64 Packages
            
    500 http://security.debian.org/ squeeze/updates/main amd64 Packages
            
    100 /var/lib/dpkg/status 
    This patch hasnt been released on squeeze?
    "Don't worry if your code doesn't work correctly - if everything worked, you would not work" ~Mosher's right

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •