6 years ago
Linux Mint 17.1 comes with OpenSSL v. 1.0.1.f, which is vulnerable to the Heartbleed bug. To upgrade OpenSSL to the latest version (or version that is not vulnerable), simply follow the commands/steps below.
Use 'sudo' in front of the commands where you get permissions errors, if you have root access to your machine, and substitute
'openssl-1.0.1j.tar.gz' for whatever version of OpenSSL you wish to download and install, making sure that the version is at least 1.0.1g or above.
$ cd /usr/src $ wget https://www.openssl.org/source/openssl-1.0.1j.tar.gz -O openssl-1.0.1j.tar.gz $ tar -zxf openssl-1.0.1j.tar.gz $ cd openssl-1.0.1j $ ./config $ make $ make test $ make install
$ mv /usr/bin/openssl /root/ $ ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl$ openssl version
Make sure that you get the new version showing when you type the last command, "openssl version", i.e. "OpenSSL 1.0.1j 15 Oct 2014".
remoulder perhaps it's true for others, but not for me. As ConorCork mentioned, I have updated LM 17.1 64-bit, and afterwards, typing 'openssl version' in a console still brought 1.0.1f.
Thank you fuzzyanalysis. Clear useful tutorial to get Ver 1.0.1j 15-Oct2014.
At 29-Dec-2014 checked using Linux Mint 17.1 Rebecca x86 / 64 bit Cinnamon 2.4 Kernel 3.13.0 -24 and indeed the Software Manager indicates older Version 1.0.1f-1ubuntu2.5 installed on this machine. And check in Synaptic Package Manager confirms same older version installed and "latest Version" reposited in Synaptic is 1.0.1f-ubuntu2.7 which I believe is older than 1.0.1j.
That version is already updated via the repos.