Score:0

How to update from OpenSSL 1.1.1 to OpenSSL 3.0.9?

ro flag

I've just noticed that there's a recent OpenSSL vulnerability.

An OpenSSL vulnerability has recently been fixed with USN-6188-1 & 6119-1:
CVE-2023-2650: possible DoS translating ASN.1 object identifiers.
Ensure you have updated the package to its latest version.

What are the correct steps to update from version 1.1.1 to version 3.0.9? I am specially interested in the configuration phase of OpenSSL 3.

This is for a Ubuntu 20.04 LTS environment.

Currently by running apt update & apt upgrade, no new OpenSSL versions are installed by the system.

Artur Meinild avatar
vn flag
Hello. Ubuntu 22.04 already uses OpenSSL 3.0.2, and the latest vulnerabilities are patched.
Alex avatar
ro flag
When running `openssl version` I get `OpenSSL 1.1.1f 31 Mar 2020`
Alex avatar
ro flag
My bad, the environment is Ubuntu 20.04 LTS - I've just updated the initial post.
Artur Meinild avatar
vn flag
In this case, stay on version 1.1.1. It's still patched.
us flag
In my case: $ openssl version OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022) what then to do if two packages are blocked: gjs libgjs0g
user535733 avatar
cn flag
Exactly which CVE are you concerned about? Did you check the [Ubuntu CVE Tracker](https://ubuntu.com/security/cves) to see which version of OpenSSL 1.1.1 is appropriate, safe, and already-patched for you? 'Cause there is one.....
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.