You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to railsmachin...@googlegroups.com
Actually, you could add the following to a recipe:
package 'openssl',
:ensure => :latest
And that should make sure it's the latest version on every deploy.
On Apr 8, 2014, at 12:50 PM, Jamie Orchard-Hays <jami...@gmail.com> wrote:
Jamie Orchard-Hays
unread,
Apr 8, 2014, 12:58:36 PM4/8/14
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to railsmachin...@googlegroups.com
Thanks, Kevin. Did that and servers report back:
"openssl is already the newest version"
Which obviously is not.
Best way to get apt-get to update the available software?
Cheers,
Jamie
Kevin Lawver
unread,
Apr 8, 2014, 1:02:49 PM4/8/14
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to railsmachin...@googlegroups.com
apt-get update should run at the beginning of each deploy. You should confirm that it didn't already upgrade it (like if you have unattended-upgrades set to automatically install security fixes). SSH into one of the servers, and run: sudo dpkg -l | grep openssl and check the version against the ubuntu security notice about the vulnerability: http://www.ubuntu.com/usn/usn-2165-1/
If it's been upgraded, it should be 1.0.1-4ubuntu5.12 or greater.
Jamie Orchard-Hays
unread,
Apr 8, 2014, 1:26:30 PM4/8/14
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to railsmachin...@googlegroups.com
Thanks for your help, Kevin. I'm confused by what my servers are telling me:
sudo dpkg -l | grep openssl
ii openssl 1.0.1-4ubuntu5.12 Secure Socket Layer (SSL) binary and related cryptographic tools
ii python-openssl 0.12-1ubuntu2.1
But:
openssl version
OpenSSL 1.0.1 14 Mar 2012
I've rebooted. What am I missing here?
Jamie
Kevin Lawver
unread,
Apr 8, 2014, 1:28:34 PM4/8/14
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to railsmachin...@googlegroups.com
You have the correct version installed. Ubuntu doesn't normally change the release date because they backport fixes (so they've fixed just the security bug but haven't upgraded to a new release of OpenSSL).
Jamie Orchard-Hays
unread,
Apr 8, 2014, 1:30:43 PM4/8/14
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to railsmachin...@googlegroups.com
Thanks. I was going nuts wondering why it wasn't installing, but it was. Cheers!