Hi all,

I have several production servers running Slackware 14.2. To my knowledge the latest security upgrade Slackware provided for the openssl libs is the one corresponding to the version 1.0.2u. Currently this openssl version is quite old as (released on December 2019) and in the meanwhile several security issues have been addressed in more recent versions.

Is there an easy (and safe!) way to upgrade to the latest 1.0.2 version (in particular the 1.0.2zf released on June 2022)? I'm a little bit afraid to upgrade using a not standard package because these libs are deeply used by the OS as well...

Of course one solution could be to upgrade to Slackware 15 but for several reasons (mainly lack of time and the high number of servers) this is not a valid option for me.

Any suggestion is really welcome!

Thanks a lot!

I suppose you can rebuild the latest 1.0.2 version using the SlackBuild in /patches, but be aware that 1.0.2zf sources are not generally available (only if you pay premium support).

Probably your best way would be to compile source against existing dependencies. I did that for one of the 'sudden-update-required' versions. It's an easy enough job. If you have a pile of 14.2 servers, make the package and spread it around.

Slackbuilds.org may also have a slackbuild for 14.2, which may be some use. I did it by hand.

Thanks for the fast and useful replies.

Actually I didn't notice that all the openssl versions after the 1.0.2u are available only for premium users! That's explain why Slackware did not provide upgrades after this version...

So it seems that my only chance (without paying) is to perform a major upgrade to version 1.1.1 which sounds a quite dangerous things to do...

The suggested solution to compile source against the dipendencies in this case can be quite laborious as the openssl dependencies are quite a lot (and I guess this is the reason why there are no slackbuild available)

Is this really the only option I have? What you suggest to do?

IMHO that's not an option as you have to rebuild (and possibily upgrade) so many things that you will get into a neverending rabbit hole.

the only viable options, IMHO, are:
- upgrade your existing installations to 15.0;
- migrate your services on fresh installs of 15.0.

here I followed (gradually) the second one, as it's cleaner (also on the long run).

Thanks ponce... basically you confirmed all my doubts regarding this upgrade. Migrating to a fresh system running Slackware 15.0 is for sure the best option but it could cost a lot of efforts especially if you have highly customized services to migrate... Anyway (unfortunately!) it seems the only way to go...

I've moved one slackware64-14.2 to openssl-1.1 before, but it's still using both 1.0 and 1.1 internally.
It's because I didn't want to recompile all linked packages, only the few packages that will benefit me.
So, curl, wget, that sort of thing, it'll benefit from 1.1; but you'll have to compile these packages yourself.