[Pkg-openssl-devel] Bug#743883: CVE-2014-0160 heartbeat read overrun (heartbleed)
Thomas DEBESSE
dev at illwieckz.net
Wed Apr 9 05:30:30 UTC 2014
Warning, openssl=1.0.1e-2+deb7u6 depends on libssl1.0.0>= 1.0.1, so,
updating openssl without updating the whole world does not update
libssl.
It would be an excellent idea if openssl=1.0.1e-2+deb7u6 depends on
libssl1.0.0=1.0.1e-2+deb7u6 if someone wants install this security fix
without installing a non-security update from another package inside
another repository (what happens with apt-get upgrade).
--
Thomas DEBESSE
More information about the Pkg-openssl-devel
mailing list