?
Solved

Debian OpenSSL Heartbleed, new openssl version?

Posted on 2014-04-09
3
Medium Priority
?
695 Views
Last Modified: 2014-04-09
I have openssl version 1.0.1e on my Debian distro. I've done `apt-get install openssl libssl1.0.0` and 1.0.1.e appears to be the latest openssl version for Debian and is vulnerable. As I understand it, 1.0.1.g fixes the Heartbleed bug. Do we know when that package will be available for Debian?
0
Comment
Question by:jmarkfoley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 35

Accepted Solution

by:
Seth Simmons earned 1200 total points
ID: 39990697
this should answer your question

DSA-2896-1 openssl -- security update
http://www.debian.org/security/2014/dsa-2896
0
 
LVL 30

Assisted Solution

by:serialband
serialband earned 800 total points
ID: 39990747
Just update your server.  Debian released patches yesterday.

You can test it here
http://filippo.io/Heartbleed/

You could check for the heartbeat variable to see if you're vulnerable.  The patches just compile without the heartbeat.
egrep dtls1_process_heartbeat libssl.so.1.0.0

http://www.howtoforge.com/find_out_if_server_is_affected_from_openssl_heartbleed_vulnerability_cve-2014-0160_and_how_to_fix

http://www.experts-exchange.com/OS/Linux/Q_28402987.html#a39987838
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 39990753
Thanks! That is good info. I upgraded my openssl package, but it still had version 1.0.1e, so I thought it was vulnerable. However, your link says that 1.0.1e-2+deb7u5 is fixed. I have 1.0.1e+deb7u6, so I guess I'm OK. I did, however, already download and install the 1.0.1g sources from https://www.openssl.org/source on one of my Debian systems already.
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month7 days, 23 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question