[kwlug-disc] Heartbleed OpenSSL bug

L.D. Paniak ldpaniak at fourpisolutions.com
Tue Apr 8 21:18:50 EDT 2014


Ubuntu applies security patches to the version of the package native to
your distribution.  In order to preserve continuity you are still
running 1.0.1e - just a repaired version:

https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.2


On 04/08/2014 09:01 PM, CrankyOldBugger wrote:
> I've done the update twice now and still I get:
>
> dpkg -l | grep openssl
> ii  libgnutls-openssl27:amd64                 2.12.23-1ubuntu4.2      
>                amd64        GNU TLS library - OpenSSL wrapper
> ii  openssl                                   1.0.1e-3ubuntu1.2      
>                 amd64        Secure Socket Layer (SSL) binary and
> related cryptographic tools
> ii  python-openssl                            0.13-2ubuntu4          
>                 amd64        Python 2 wrapper around the OpenSSL library
>
> This is the same on two of my 13.10 systems.
>
>
>
>
> On 8 April 2014 19:44, Khalid Baheyeldin <kb at 2bits.com
> <mailto:kb at 2bits.com>> wrote:
>
>
>
>
>     On Tue, Apr 8, 2014 at 7:38 PM, Bob Jonkman <bjonkman at sobac.com
>     <mailto:bjonkman at sobac.com>> wrote:
>
>
>         On 14-04-08 12:09 PM, CrankyOldBugger wrote:
>         > I just ran apt-get update && apt-get dist-upgrade on my Ubuntu
>         > 13.10 laptop and saw both openSSL client and server in the
>         mix, so,
>         > as stated by the OP, fixes are out there...
>
>         I too saw OpenSSL patches come in before I even knew there was a
>         problem. But I still get this, even after a reboot:
>
>         > Ubuntu 12.04.4:
>         >> openssl version
>         > OpenSSL 1.0.1 14 Mar 2012
>         >
>         > Ubuntu 13.10, Linux Mint 16 Petra, and Linux Mint Debian Edition
>         >> openssl version
>         > OpenSSL 1.0.1e 11 Feb 2013
>
>
>     /var/log/aptitude has this:
>
>     Aptitude 0.6.6: log report
>     Mon, Apr  7 2014 20:25:30 -0400
>
>     ...
>     [UPGRADE] libssl-dev:amd64 1.0.1-4ubuntu5.11 -> 1.0.1-4ubuntu5.12
>     [UPGRADE] libssl-doc:amd64 1.0.1-4ubuntu5.11 -> 1.0.1-4ubuntu5.12
>     [UPGRADE] libssl1.0.0:amd64 1.0.1-4ubuntu5.11 -> 1.0.1-4ubuntu5.12
>     ...
>     [UPGRADE] openssl:amd64 1.0.1-4ubuntu5.11 -> 1.0.1-4ubuntu5.12
>
>     $ dpkg -l | grep openssl
>     Shows the following:
>     ii  openssl                               1.0.1-4ubuntu5.12
>
>     Which means the update is applied.
>     -- 
>     Khalid M. Baheyeldin
>     2bits.com <http://2bits.com>, Inc.
>     Fast Reliable Drupal
>     Drupal optimization, development, customization and consulting.
>     Simplicity is prerequisite for reliability. --  Edsger W.Dijkstra
>     Simplicity is the ultimate sophistication. --   Leonardo da Vinci
>     For every complex problem, there is an answer that is clear,
>     simple, and wrong." -- H.L. Mencken
>
>     _______________________________________________
>     kwlug-disc mailing list
>     kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
>     http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140408/82cc3801/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140408/82cc3801/attachment.bin>


More information about the kwlug-disc mailing list