← Back to context

Comment by house9-2

12 years ago

@stormbrew is correct about ubuntu, use -a or -v -b

    openssl version -v -b

    OpenSSL 1.0.1 14 Mar 2012
    built on: Wed Jan  8 20:45:51 UTC 2014

4 comments

house9-2

Reply
spatten  12 years ago

I'm totally confused by this. I'm running ubuntu LTS 12.04 and did

    sudo aptitude update
    sudo aptitude upgrade openssl

and then ran

    openssl version -a

and got the same results as you. How can it be built on January 8th if the patch was just made today?

[EDIT] running

    sudo aptitude upgrade

upgraded properly and now I'm getting a version that was compiled earlier today. I'm guessing I needed to update another package as well. Probably `libssl`?

  • benmmurphy  12 years ago

    upgrade will work because it updates libssl1.0.0 which is the package you want upgraded :) Openssl is the command line package and libssl1.0.0 is the library. i was able to upgrade openssl without upgrading libssl1.0.0.

      ben@ip-10-0-0-76:~$ dpkg -s libssl1.0.0 |grep Version
  Version: 1.0.1e-3ubuntu1

  ben@ip-10-0-0-76:~$ dpkg -s openssl |grep Version
  Version: 1.0.1e-3ubuntu1

  ben@ip-10-0-0-76:~$ sudo apt-get install openssl
  ...
  ben@ip-10-0-0-76:~$ dpkg -s libssl1.0.0 |grep Version
  Version: 1.0.1e-3ubuntu1

  ben@ip-10-0-0-76:~$ dpkg -s openssl |grep Version
  Version: 1.0.1e-3ubuntu1.2

  ben@ip-10-0-0-76:~$ openssl version -a
  OpenSSL 1.0.1e 11 Feb 2013
  built on: Mon Jul 15 12:44:45 UTC 2013
  platform: debian-amd64
  options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx)
  compiler: cc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
  OPENSSLDIR: "/usr/lib/ssl"

  ben@ip-10-0-0-76:~$ sudo apt-get install libssl1.0.0

  ben@ip-10-0-0-76:~$ dpkg -s libssl1.0.0 |grep Version
  Version: 1.0.1e-3ubuntu1.2

  ben@ip-10-0-0-76:~$ openssl version -a
  OpenSSL 1.0.1e 11 Feb 2013
  built on: Mon Apr  7 20:33:19 UTC 2014
  platform: debian-amd64
  options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx)
  compiler: cc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
  OPENSSLDIR: "/usr/lib/ssl"

    i wonder how many people will do apt-get update openssl and assume they have fixed it

    • spatten  12 years ago

      Thank you. That makes more sense now.

      I'm guessing that tons of people will run into this. I bet a blog post would get you some traffic... :)

  • andrewaylett  12 years ago

    The package is called libssl1.0.0 -- it holds the shared libraries, while the openssl package contains utilities.