SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have several production servers running Slackware 14.2. To my knowledge the latest security upgrade Slackware provided for the openssl libs is the one corresponding to the version 1.0.2u. Currently this openssl version is quite old as (released on December 2019) and in the meanwhile several security issues have been addressed in more recent versions.
Is there an easy (and safe!) way to upgrade to the latest 1.0.2 version (in particular the 1.0.2zf released on June 2022)? I'm a little bit afraid to upgrade using a not standard package because these libs are deeply used by the OS as well...
Of course one solution could be to upgrade to Slackware 15 but for several reasons (mainly lack of time and the high number of servers) this is not a valid option for me.
I suppose you can rebuild the latest 1.0.2 version using the SlackBuild in /patches, but be aware that 1.0.2zf sources are not generally available (only if you pay premium support).
Probably your best way would be to compile source against existing dependencies. I did that for one of the 'sudden-update-required' versions. It's an easy enough job. If you have a pile of 14.2 servers, make the package and spread it around.
Slackbuilds.org may also have a slackbuild for 14.2, which may be some use. I did it by hand.
Actually I didn't notice that all the openssl versions after the 1.0.2u are available only for premium users! That's explain why Slackware did not provide upgrades after this version...
So it seems that my only chance (without paying) is to perform a major upgrade to version 1.1.1 which sounds a quite dangerous things to do...
The suggested solution to compile source against the dipendencies in this case can be quite laborious as the openssl dependencies are quite a lot (and I guess this is the reason why there are no slackbuild available)
Is this really the only option I have? What you suggest to do?
So it seems that my only chance (without paying) is to perform a major upgrade to version 1.1.1 which sounds a quite dangerous things to do...
The suggested solution to compile source against the dipendencies in this case can be quite laborious as the openssl dependencies are quite a lot (and I guess this is the reason why there are no slackbuild available)
Is this really the only option I have? What you suggest to do?
IMHO that's not an option as you have to rebuild (and possibily upgrade) so many things that you will get into a neverending rabbit hole.
the only viable options, IMHO, are:
- upgrade your existing installations to 15.0;
- migrate your services on fresh installs of 15.0.
here I followed (gradually) the second one, as it's cleaner (also on the long run).
Thanks ponce... basically you confirmed all my doubts regarding this upgrade. Migrating to a fresh system running Slackware 15.0 is for sure the best option but it could cost a lot of efforts especially if you have highly customized services to migrate... Anyway (unfortunately!) it seems the only way to go...
I've moved one slackware64-14.2 to openssl-1.1 before, but it's still using both 1.0 and 1.1 internally.
It's because I didn't want to recompile all linked packages, only the few packages that will benefit me.
So, curl, wget, that sort of thing, it'll benefit from 1.1; but you'll have to compile these packages yourself.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.