Re: Why still heartbleed on Wheezy
On Sun, Apr 20, 2014 at 5:39 AM, Steve Litt <firstname.lastname@example.org> wrote:
> Hi all,
> I installed Wheezy on my backup server, then did this:
> apt-get update
> apt-get upgrade
> root@bupserv:/backupserver/stevebup# openssl version
> OpenSSL 1.0.1e 11 Feb 2013
Wheezy is the current stable so they aren't going to update an
important library to a new upstream version. Instead they backport
security patches to the current version. Check your package version.
dpkg -l openssl
According to the changelog , wheezy openssl got the heartbleed
patch on 1.0.1e-2+deb7u5 on April 7. The latest version as of this
email is 1.0.1e-2+deb7u7.