Raspberry Pi Forums

Posted: **Sun Oct 26, 2014 6:05 am**

Any word on whether a Raspberry Pi Raspbian version of openssl 1.0.1j will be available soon?
I believe this version contains a work-around for the POODLE issue.

Posted: **Sun Oct 26, 2014 6:15 am**

ronb wrote:Any word on whether a Raspberry Pi Raspbian version of openssl 1.0.1j will be available soon?
I believe this version contains a work-around for the POODLE issue.

Yes an openSSL update has been rolled out for Raspbian Wheezy

Code: Select all

sudo apt-get update
sudo apt-get dist-upgrade

openssl 1.0.1e-2+rvt+deb7u13
libssl 1.0.1e-2+rvt+deb7u13

Posted: **Wed Oct 29, 2014 2:47 am**

Thanks for the info. I did the update/upgrade, but openssl reports the same version as before the upgrade.

Code: Select all

openssl version
OpenSSL 1.0.1e 11 Feb 2013

But then a dpkg-query gives:

Code: Select all

libssl1.0.0:armhf       1.0.1e-2+rvt+deb7u13
openssl 1.0.1e-2+rvt+deb7u13

So I guess I have the right version even though the openssl version command give the same as before...

Posted: **Wed Oct 29, 2014 10:56 am**

You do have the right version.

If you check the start of /usr/share/doc/openssl/changelog.Debian.gz you will see

Code: Select all

openssl (1.0.1e-2+deb7u13) wheezy-security; urgency=medium

  * Fixes CVE-2014-3513
  * Fixes CVE-2014-3567
  * Add Fallback SCSV support to mitigate CVE-2014-3566
  * Fixes CVE-2014-3568

 -- Kurt Roeckx <kurt@roeckx.be>  Wed, 15 Oct 2014 19:45:25 +0200

CVE-2014-3566 is the ID of the POODLE vulnerability and adding Fallback SCSV support is one way of stopping it being an issue.

Posted: **Wed Oct 29, 2014 3:49 pm**

Thanks!

Ron

Raspberry Pi Forums

New Openssl 1.0.1j to work-around POODLE issue

New Openssl 1.0.1j to work-around POODLE issue

Re: New Openssl 1.0.1j to work-around POODLE issue

Re: New Openssl 1.0.1j to work-around POODLE issue

Re: New Openssl 1.0.1j to work-around POODLE issue

Re: New Openssl 1.0.1j to work-around POODLE issue