On Sun, 20 Apr 2014 05:57:57 +0000 Jimmy Wu <[email protected]> wrote:
> On Sun, Apr 20, 2014 at 5:39 AM, Steve Litt > <[email protected]> wrote: > > Hi all, > > > > I installed Wheezy on my backup server, then did this: > > > > apt-get update > > apt-get upgrade > > > > root@bupserv:/backupserver/stevebup# openssl version > > OpenSSL 1.0.1e 11 Feb 2013 > > root@bupserv:/backupserver/stevebup# > > Wheezy is the current stable so they aren't going to update an > important library to a new upstream version. Instead they backport > security patches to the current version. Check your package version. > > dpkg -l openssl > > According to the changelog [1], wheezy openssl got the heartbleed > patch on 1.0.1e-2+deb7u5 on April 7. The latest version as of this > email is 1.0.1e-2+deb7u7. > > [1] > http://metadata.ftp-master.debian.org/changelogs//main/o/openssl/openssl_1.0.1e-2+deb7u7_changelog Thanks Jimmy, Yes! Once I checked it with the dpkg command, it told me 1.0.1e-2+deb7u7, which is the documented fixed version for Wheezy. So my new backup server is Heartbleed free, and I can go on to other things. Thanks for this info! SteveT Steve Litt * http://www.troubleshooters.com/ Troubleshooting Training * Human Performance -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/20140420025235.604c2751@mydesk
