Skip to content

Instantly share code, notes, and snippets.

@jacksoncage

jacksoncage/HeartBleed-Debian-Wheezy-Update-OpenSSL-1.0.1e-2+deb7u4.sh

Last active September 2, 2015 20:31
Show Gist options
  • Star 6 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save jacksoncage/10104261 to your computer and use it in GitHub Desktop.
Save jacksoncage/10104261 to your computer and use it in GitHub Desktop.
Download ZIP
HeartBleed-Debian-Wheezy-Update-OpenSSL-1.0.1e-2+deb7u4.sh
Raw
HeartBleed-Debian-Wheezy-Update-OpenSSL-1.0.1e-2+deb7u4.sh
# Debian Wheezy - Fixing HeartBleed
# Installing 1.0.1e-2+deb7u4
# http://www.corsac.net/?rub=blog&post=1565
# https://security-tracker.debian.org/tracker/DSA-2896-1
#
# As pointed out, not the best secured way but fast. Please use 'apt-get && apt-get upgrade' for a more secure system.
MACHINE_TYPE=`uname -m`
if [ ${MACHINE_TYPE} == 'x86_64' ]; then
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0-dbg_1.0.1e-2+deb7u5_amd64.deb
wget http://security.debian.org/pool/updates/main/o/openssl/openssl_1.0.1e-2+deb7u5_amd64.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0_1.0.1e-2+deb7u5_amd64.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_1.0.1e-2+deb7u5_amd64.deb
dpkg -i openssl_1.0.1e-2+deb7u5_amd64.deb
dpkg -i libssl1.0.0_1.0.1e-2+deb7u5_amd64.deb
dpkg -i libssl1.0.0-dbg_1.0.1e-2+deb7u5_amd64.deb
dpkg -i libssl-dev_1.0.1e-2+deb7u5_amd64.deb
else
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0-dbg_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/openssl_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_1.0.1e-2+deb7u5_i386.deb
dpkg -i openssl_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl1.0.0_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl1.0.0-dbg_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl-dev_1.0.1e-2+deb7u5_i386.deb
fi
/etc/init.d/nginx restart
/etc/init.d/ssh restart
@dnet
Copy link

dnet commented Apr 8, 2014

Downloading executable code over HTTP, extracting and executing it with root privileges. Nice!
(No, DPKG doesn't perform signature verification, APT does.)

@chennin
Copy link

chennin commented Apr 8, 2014

apt-get update && apt-get upgrade

@jacksoncage
Copy link
Author

@dnet Hard time demands for fast solutions. But yes, not the most safe way.

@AlucardZweo apt-get repos wasn't up to dated when I fixed my servers.

@DavidToca
Copy link

For 32bit machines

wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0-dbg_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/openssl_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl1.0.0_1.0.1e-2+deb7u5_i386.deb
wget http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_1.0.1e-2+deb7u5_i386.deb

dpkg -i openssl_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl1.0.0_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl1.0.0-dbg_1.0.1e-2+deb7u5_i386.deb
dpkg -i libssl-dev_1.0.1e-2+deb7u5_i386.deb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment