升级到安全 openssl 失败

升级到安全 openssl 失败

升级到安全 openssl 失败

方法:

/etc/apt/sources.list 中有:

deb http://security.debian.org/ wheezy/updates main contrib non-free

然后做:

apt-get update
apt-cache policy openssl
apt-get install openssl
apt-cache policy openssl will show you candidate updates

apt-get install openssl will upgrade to last openssl version

实际的:

# uname -a
Linux XXX 3.10-3-amd64 #1 SMP Debian 3.10.11-1 (2013-09-10) x86_64 GNU/Linux

# cat /etc/apt/sources.list | sed '/^#/d' | sed '/^$/d'
deb http://security.debian.org/ wheezy/updates main contrib non-free

# apt-cache policy openssl
openssl:
  Installed: 1.0.1e-3
  Candidate: 1.0.1e-3
  Version table:
 *** 1.0.1e-3 0
        100 /var/lib/dpkg/status
     1.0.1e-2+deb7u6 0
        500 ... <cannot post more than 2 "links"> wheezy/updates/main amd64 Packages
        500 ... <cannot post more than 2 "links"> wheezy/updates/main amd64 Packages
     1.0.1e-2+deb7u4 0
        500 ... <cannot post more than 2 "links"> wheezy/main amd64 Packages
        500 ... <cannot post more than 2 "links"> wheezy/main amd64 Packages

# apt-get install openssl
Reading package lists... Done
Building dependency tree
Reading state information... Done
openssl is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

是什么赋予了?

答案1

如果我没记错的话,Wheezy 有一个反向移植的 1.0.1e 版 OpenSSL。它仍然可以抵御 heartbleed 攻击。

运行openssl version -a应该给出类似如下的输出:

~# openssl version -a
OpenSSL 1.0.1e 11 Feb 2013
built on: Mon Apr  7 20:32:27 UTC 2014
platform: debian-amd64

如果它是在过去几天内建成的,那就没问题。

答案2

我不知道您从哪里获得了 openssl 1.0.1e-3。但由于它的发布号高于存储库中实际可用的版本,因此它们不被视为升级候选版本。

通过明确选择版本来安装更新:

apt-get install openssl=1.0.1e-2+deb7u6

相关内容