Re: Can't patch Heartbleed bug?
On Thursday 10 April 2014 14:18:00 Brad Alexander wrote:
> I don't believe that Wheezy was vulnerable to Heartbleed. It was
> only the 1.0.1f (committed 31 Dec 2011) that incorporated the
> vulnerable heartbeat feature. My wheezy box has 1.0.1e:
>
> ii libssl1.0.0:i386 1.0.1e-2+deb7u6
> i386 SSL shared libraries
> ii openssl 1.0.1e-2+deb7u6
> i386 Secure Socket Layer (SSL) binary and related
> cryptographic tools
I have:
lisi@Tux-II:~$ dpkg-query -l openssl
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-================-=============-=============-===============================
ii openssl 1.0.1e-2+deb7 amd64 Secure Socket Layer
(SSL) binar
lisi@Tux-II:~$
No u-anything. I take it that that is still alright since it is
anyway Wheezy?
Lisi
Reply to: