Skip to content

Instantly share code, notes, and snippets.

@jacksoncage

jacksoncage/HeartBleed-Debian-Wheezy-Update-OpenSSL-1.0.1e-2+deb7u4.sh

Last active September 2, 2015 20:31
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save jacksoncage/10104261 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save jacksoncage/10104261 to your computer and use it in GitHub Desktop.
Download ZIP
HeartBleed-Debian-Wheezy-Update-OpenSSL-1.0.1e-2+deb7u4.sh
Raw
HeartBleed-Debian-Wheezy-Update-OpenSSL-1.0.1e-2+deb7u4.sh
# Debian Wheezy - Fixing HeartBleed
# Installing 1.0.1e-2+deb7u4
# http://www.corsac.net/?rub=blog&post=1565
# https://security-tracker.debian.org/tracker/DSA-2896-1
#
# As pointed out, not the best secured way but fast. Please use 'apt-get && apt-get upgrade' for a more secure system.
MACHINE_TYPE=`uname -m`
if [ ${MACHINE_TYPE} == 'x86_64' ]; then
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0-dbg_1.0.1e-2+deb7u5_amd64.deb
wget http://security.debian.org/pool/updates/main/o/openssl/openssl_1.0.1e-2+deb7u5_amd64.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0_1.0.1e-2+deb7u5_amd64.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_1.0.1e-2+deb7u5_amd64.deb
dpkg -i openssl_1.0.1e-2+deb7u5_amd64.deb
dpkg -i libssl1.0.0_1.0.1e-2+deb7u5_amd64.deb
dpkg -i libssl1.0.0-dbg_1.0.1e-2+deb7u5_amd64.deb
dpkg -i libssl-dev_1.0.1e-2+deb7u5_amd64.deb
else
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0-dbg_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/openssl_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_1.0.1e-2+deb7u5_i386.deb
dpkg -i openssl_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl1.0.0_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl1.0.0-dbg_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl-dev_1.0.1e-2+deb7u5_i386.deb
fi
/etc/init.d/nginx restart
/etc/init.d/ssh restart
@dnet
Copy link
Copy Markdown

dnet commented Apr 8, 2014

Downloading executable code over HTTP, extracting and executing it with root privileges. Nice!
(No, DPKG doesn't perform signature verification, APT does.)

@chennin
Copy link
Copy Markdown

chennin commented Apr 8, 2014

apt-get update && apt-get upgrade

@jacksoncage
Copy link
Copy Markdown
Author

jacksoncage commented Apr 8, 2014

@dnet Hard time demands for fast solutions. But yes, not the most safe way.

@AlucardZweo apt-get repos wasn't up to dated when I fixed my servers.

@DavidToca
Copy link
Copy Markdown

DavidToca commented Apr 8, 2014

For 32bit machines

wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0-dbg_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/openssl_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_1.0.1e-2+deb7u5_i386.deb

dpkg -i openssl_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl1.0.0_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl1.0.0-dbg_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl-dev_1.0.1e-2+deb7u5_i386.deb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment