update OpenSSL on Debian & DirectAdmin

What versions of the OpenSSL are affected?
Status of different versions:
– OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
– OpenSSL 1.0.1g is NOT vulnerable
– OpenSSL 1.0.0 branch is NOT vulnerable
– OpenSSL 0.9.8 branch is NOT vulnerable
Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.

How to manual upgrading OpenSSL on Debian6 & Directadmin.

openssl version
OpenSSL 0.9.8c 05 Sep 2006

cd /usr/src
wget http://www.openssl.org/source/openssl-1.1.1q.tar.gz
#wget ftp://ftp.openssl.org/source/openssl-1.1.1q.tar.gz
tar -xvzf openssl-1.1.1q.tar.gz
cd openssl-1.1.1q
./config --prefix=/usr no-threads shared
make test
make install

openssl version
OpenSSL 1.1.1q 5 Jul 2022

#for DirectAdmin
cd /usr/local/direcctadmin/custombuild
./build clean
./build update
./build apache
./build php d
./build exim
./build dovecot
./build rewrite_confs
ref: https://forum.directadmin.com/showthread.php?t=163
ref: https://forum.directadmin.com/showthread.php?t=48721

Blog | , , ,
Line it!