間違いがあったら教えて欲しい
関連リンク:
- Heartbleed ~ OpenSSL脆弱性 (CVE-2014-0160) まとめ - Qiita
- CVE-2014-0160 の OpenSSL の脆弱性対応 - @znz blog
- OpenSSLのHeartbleedバグの対応 - Qiita
- Debian - くくく……OpenSSLがやられたか、の次に考えたこと - Qiita
- opensslのバージョン確認とアップデート - Qiita
- AWS - EC2インスタンスのOpenSSLのHartbleed Bug対応 - Qiita
- OpenSSL の脆弱性対策について(CVE-2014-0160) :IPA 独立行政法人 情報処理推進機構
$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=12.04
DISTRIB_CODENAME=precise
DISTRIB_DESCRIPTION="Ubuntu 12.04.1 LTS"
$ sudo aptitude show openssl
Package: openssl
New: yes
State: installed
Automatically installed: no
Version: 1.0.1-4ubuntu5.10
Priority: optional
Section: utils
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Architecture: amd64
Uncompressed Size: 923 k
Depends: libc6 (>= 2.15), libssl1.0.0 (>= 1.0.1)
Suggests: ca-certificates
Conflicts: openssl
Description: Secure Socket Layer (SSL) binary and related cryptographic tools
This package contains the openssl binary and related tools.
It is part of the OpenSSL implementation of SSL.
You need it to perform certain cryptographic actions like:
* Creation of RSA, DH and DSA key parameters;
* Creation of X.509 certificates, CSRs and CRLs;
* Calculation of message digests;
* Encryption and decryption with ciphers;
* SSL/TLS client and server tests;
* Handling of S/MIME signed or encrypted mail.
$ sudo aptitude show libssl1.0.0
Package: libssl1.0.0
New: yes
State: installed
Automatically installed: yes
Multi-Arch: same
Version: 1.0.1-4ubuntu5.10
Priority: important
Section: libs
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Architecture: amd64
Uncompressed Size: 2,991 k
Depends: libc6 (>= 2.14), zlib1g (>= 1:1.1.4), debconf (>= 0.5) | debconf-2.0
PreDepends: multiarch-support
Breaks: openssh-client (< 1:5.9p1-4), openssh-client (< 1:5.9p1-4), openssh-server (< 1:5.9p1-4), openssh-server (< 1:5.9p1-4), libssl1.0.0 (!= 1.0.1-4ubuntu5.10)
Replaces: libssl1.0.0 (< 1.0.1-4ubuntu5.10)
Description: SSL shared libraries
libssl and libcrypto shared libraries needed by programs like apache-ssl, telnet-ssl and openssh.
It is part of the OpenSSL implementation of SSL.
sudo apt-get update
sudo apt-get install openssl libssl1.0.0
↑パッケージを部分的にアップグレードするときは install を使う
SSHの再起動はいらないかも
sudo service ssh restart
sudo service apache2 restart
sudo service nginx restart
$ sudo aptitude show openssl
Package: openssl
New: yes
State: installed
Automatically installed: no
Version: 1.0.1-4ubuntu5.12
Priority: standard
Section: utils
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Architecture: amd64
Uncompressed Size: 923 k
Depends: libc6 (>= 2.15), libssl1.0.0 (>= 1.0.1)
Suggests: ca-certificates
Conflicts: openssl
Description: Secure Socket Layer (SSL) binary and related cryptographic tools
This package contains the openssl binary and related tools.
It is part of the OpenSSL implementation of SSL.
You need it to perform certain cryptographic actions like:
* Creation of RSA, DH and DSA key parameters;
* Creation of X.509 certificates, CSRs and CRLs;
* Calculation of message digests;
* Encryption and decryption with ciphers;
* SSL/TLS client and server tests;
* Handling of S/MIME signed or encrypted mail.
$ sudo aptitude show libssl1.0.0
Package: libssl1.0.0
New: yes
State: installed
Automatically installed: yes
Multi-Arch: same
Version: 1.0.1-4ubuntu5.12
Priority: required
Section: libs
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Architecture: amd64
Uncompressed Size: 2,991 k
Depends: libc6 (>= 2.14), zlib1g (>= 1:1.1.4), debconf (>= 0.5) | debconf-2.0
PreDepends: multiarch-support
Breaks: openssh-client (< 1:5.9p1-4), openssh-client (< 1:5.9p1-4), openssh-server (< 1:5.9p1-4), openssh-server (< 1:5.9p1-4), libssl1.0.0 (!= 1.0.1-4ubuntu5.12)
Replaces: libssl1.0.0 (< 1.0.1-4ubuntu5.12)
Description: SSL shared libraries
libssl and libcrypto shared libraries needed by programs like apache-ssl, telnet-ssl and openssh.
It is part of the OpenSSL implementation of SSL.