is there any 100% working method to update openssl to the non vulnerable version on Debian Wheezy. I do not want to upgrade the whole OS, nor would I like to install a non official package.
Is there any solution right now ?
Thanks
Asked
Active
Viewed 4,831 times
1 Answers
3
from DSA-2896-1 openssl -- security update :
For the stable distribution (wheezy), this problem has been fixed in version 1.0.1e-2+deb7u5.
so, assuming you have:
deb http://security.debian.org/ wheezy/updates main contrib non-free
in your /etc/apt/sources.list file
apt-get update
apt-cache policy openssl
apt-get install openssl
apt-cache policy openssl will show you candidate updates
apt-get install openssl will upgrade to last openssl version
run again apt-cache policy openssl and check version at Installed: line is equal or superior to: 1.0.1e-2+deb7u5
upgrading openssl package should upgrade libssl1.0.0 as it's a dependency
exeral
- 1,609
- 9
- 19
-
I did exactly that but it seems I needed a reboot. Thanks ! – Patrick Apr 09 '14 at 12:21
-
reboot is the safe way. you can avoid reboot by identifying which processes use outdated libs and restart them specifically. `lsof +aL1 /usr | grep ssl` should help you in this quest – exeral Apr 09 '14 at 12:43