[PLUG] Ubuntu security issues
Ed Sawicki
ed at alcpress.com
Fri Oct 19 19:26:56 UTC 2007
This is related to the thread we had a few weeks ago
about ensuring that our servers are running the latest
versions of software so we'd be as secure as possible.
I have a computer running Ubuntu Server (Dapper - AMD
64-bit version). It's never been used in a production
capacity but will starting Monday. So, I did the usual
apt-get update and apt-get upgrade. I noticed that
openssl was one of the packages updated. So I did this:
# openssl
OpenSSL> version
OpenSSL 0.9.8a 11 Oct 2005
Thinking that something went wrong and I now have two
copies of openssl installed, I searched for all occurrences
of openssl. There was only one. Version 0.9.8a is ancient
- circa 2005. Version 0.9.8g was announced today.
Then I checked openssh. It was version 4.2p1 - another
2005 vintage program.
I realize that Dapper is not the latest Ubuntu but shouldn't
important programs like openssl and openssh be kept current
regardless?
Ed
More information about the PLUG
mailing list