openssl latest upgrade issue.
Hi,
I am on a ubuntu 14.04 machine. I do apt-get upgrade almost daily and I noticed that in the latest upgrade there was some ca-cert's replaced along with openssl. According to this website : https://www.openssl.org/news/vulnerabilities.html#y2016 there was a high severity fix needed in openssl and its fixed in openssl-1.0.2f as it states. However , when I do : pingu@zi0n$ sudo openssl version OpenSSL 1.0.1f 6 Jan 2014 this is what is shown. Should I be worried ? Is anyone else facing the same issue ? |
You don't follow the OpenSSL advisories, you follow the Ubuntu ones.
From your link, it's CVE-2016-0701. Google "Ubuntu CVE-2016-0701" -> http://people.canonical.com/~ubuntu-...2016-0701.html -> 14.04 is not affected. If it was, you could determine which Ubuntu version you needed to update to. |
oh ok, thanks for that :)
|
All times are GMT -5. The time now is 02:28 AM. |