← Back to context

Comment by mfwoods

12 years ago

I just installed update openssl_1.0.1e-2+deb7u5 and libssl1.0.0_1.0.1e-2+deb7u5 on debian wheezy, so it seems the fix is now available.

13 comments

mfwoods

Reply
0x0  12 years ago

You need to manually restart all processes linking libssl, too.

Something like "lsof -n | grep ssl | grep DEL" can identify processes using the DELeted old version of libssl after apt-get upgrading.

josh-wrale  12 years ago

Just saw the following updated when I did an 'apt-get clean; aptitude dist-upgrade' on Debian Wheezy:

libssl1.0.0 openssh-client openssh-server openssl ssh

  • dfc  12 years ago

    I just wanted to point out that you really do not need the `apt-get clean.` Obviously your work flow is your business but I wanted to speak up in case you thought it was needed before upgrading packages.

    • josh-wrale  12 years ago

      I meant to say 'apt-get update'. Thanks for the heads up. I like to be sure I have the latest package metadata.

sjaak_trekhaak  12 years ago

Just received an upgrade on Ubuntu 12.04 LTS as well, apt-get clean issued before updating.

EDIT: If you are using DigitalOcean, the update is not yet on their mirrors. Issue 'sudo sed -i "s/mirrors\.digitalocean/archive.ubuntu/g" /etc/apt/sources.list;sudo apt-get clean;sudo apt-get update;sudo apt-get upgrade' to get the patch. Check the comment by 0x0 above ( https://news.ycombinator.com/item?id=7549842 ) to find any services which need restarting.