kung foo man
8th April 2014, 13:11
Hey all,
since there is a new bug in OpenSSL, every linux admin should update their root.
For Debian Wheezy, this did the job:
apt-get update
apt-get install openssl
To check the update, just run:
# apt-cache policy openssl
openssl:
Installed: 1.0.1e-2+deb7u5
Candidate: 1.0.1e-2+deb7u5
Version table:
*** 1.0.1e-2+deb7u5 0
500 http://mirror.hetzner.de/debian/security/ wheezy/updates/main amd64 Packages
500 http://security.debian.org/ wheezy/updates/main amd64 Packages
100 /var/lib/dpkg/status
1.0.1e-2+deb7u4 0
500 http://mirror.hetzner.de/debian/packages/ wheezy/main amd64 Packages
500 http://cdn.debian.net/debian/ wheezy/main amd64 Packages
The "e-2" is the fixed version. A server restart reloads the buggy library for each process.
You can check the vulnerability of your server with this site: http://possible.lv/tools/hb/
Stay secure! :D
since there is a new bug in OpenSSL, every linux admin should update their root.
For Debian Wheezy, this did the job:
apt-get update
apt-get install openssl
To check the update, just run:
# apt-cache policy openssl
openssl:
Installed: 1.0.1e-2+deb7u5
Candidate: 1.0.1e-2+deb7u5
Version table:
*** 1.0.1e-2+deb7u5 0
500 http://mirror.hetzner.de/debian/security/ wheezy/updates/main amd64 Packages
500 http://security.debian.org/ wheezy/updates/main amd64 Packages
100 /var/lib/dpkg/status
1.0.1e-2+deb7u4 0
500 http://mirror.hetzner.de/debian/packages/ wheezy/main amd64 Packages
500 http://cdn.debian.net/debian/ wheezy/main amd64 Packages
The "e-2" is the fixed version. A server restart reloads the buggy library for each process.
You can check the vulnerability of your server with this site: http://possible.lv/tools/hb/
Stay secure! :D