[kwlug-disc] Heartbleed OpenSSL bug
L.D. Paniak
ldpaniak at fourpisolutions.com
Tue Apr 8 21:18:50 EDT 2014
Ubuntu applies security patches to the version of the package native to
your distribution. In order to preserve continuity you are still
running 1.0.1e - just a repaired version:
https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.2
On 04/08/2014 09:01 PM, CrankyOldBugger wrote:
> I've done the update twice now and still I get:
>
> dpkg -l | grep openssl
> ii libgnutls-openssl27:amd64 2.12.23-1ubuntu4.2
> amd64 GNU TLS library - OpenSSL wrapper
> ii openssl 1.0.1e-3ubuntu1.2
> amd64 Secure Socket Layer (SSL) binary and
> related cryptographic tools
> ii python-openssl 0.13-2ubuntu4
> amd64 Python 2 wrapper around the OpenSSL library
>
> This is the same on two of my 13.10 systems.
>
>
>
>
> On 8 April 2014 19:44, Khalid Baheyeldin <kb at 2bits.com
> <mailto:kb at 2bits.com>> wrote:
>
>
>
>
> On Tue, Apr 8, 2014 at 7:38 PM, Bob Jonkman <bjonkman at sobac.com
> <mailto:bjonkman at sobac.com>> wrote:
>
>
> On 14-04-08 12:09 PM, CrankyOldBugger wrote:
> > I just ran apt-get update && apt-get dist-upgrade on my Ubuntu
> > 13.10 laptop and saw both openSSL client and server in the
> mix, so,
> > as stated by the OP, fixes are out there...
>
> I too saw OpenSSL patches come in before I even knew there was a
> problem. But I still get this, even after a reboot:
>
> > Ubuntu 12.04.4:
> >> openssl version
> > OpenSSL 1.0.1 14 Mar 2012
> >
> > Ubuntu 13.10, Linux Mint 16 Petra, and Linux Mint Debian Edition
> >> openssl version
> > OpenSSL 1.0.1e 11 Feb 2013
>
>
> /var/log/aptitude has this:
>
> Aptitude 0.6.6: log report
> Mon, Apr 7 2014 20:25:30 -0400
>
> ...
> [UPGRADE] libssl-dev:amd64 1.0.1-4ubuntu5.11 -> 1.0.1-4ubuntu5.12
> [UPGRADE] libssl-doc:amd64 1.0.1-4ubuntu5.11 -> 1.0.1-4ubuntu5.12
> [UPGRADE] libssl1.0.0:amd64 1.0.1-4ubuntu5.11 -> 1.0.1-4ubuntu5.12
> ...
> [UPGRADE] openssl:amd64 1.0.1-4ubuntu5.11 -> 1.0.1-4ubuntu5.12
>
> $ dpkg -l | grep openssl
> Shows the following:
> ii openssl 1.0.1-4ubuntu5.12
>
> Which means the update is applied.
> --
> Khalid M. Baheyeldin
> 2bits.com <http://2bits.com>, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. -- Leonardo da Vinci
> For every complex problem, there is an answer that is clear,
> simple, and wrong." -- H.L. Mencken
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140408/82cc3801/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140408/82cc3801/attachment.sig>
More information about the kwlug-disc
mailing list