Edited by josch at Thu Nov 13, 2014 11:13 |
I was just about to set up a openVPN server on my banana-pi (running bananian) and realized the openSSL Version from the Repositories is version 1.0.1e-2+deb7u13
which is still vulnerable for Heartbleed attacks. Copy the Code
- Package: openssl
- Version: 1.0.1e-2+deb7u13
- Installed-Size: 951
- Maintainer: Debian OpenSSL Team <firstname.lastname@example.org>
- Architecture: armhf
- Depends: libc6 (>= 2.13-28), libssl1.0.0 (>= 1.0.1e-2+deb7u5), zlib1g (>= 1:1.1.4)
- Suggests: ca-certificates
Any suggestions or remarks? Are there some specific ARM repos for important security updated which are not within http://security.debian.org/ wheezy/updates ?
I am not sure what to do right now..
friendly regards ...