Hos*_*bil 9 upgrade updates openssl
您看到的错误消息表明我的系统尚未更新到最新版本的 OpenSSL,其中包括对 CVE-2023-2650 漏洞的修复。如何解决这个问题:
Hit:1 http://us.archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://us.archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 https://dl.google.com/linux/chrome/deb stable InRelease
Hit:4 https://packages.microsoft.com/repos/edge stable InRelease
Hit:5 http://us.archive.ubuntu.com/ubuntu jammy-backports InRelease
Hit:6 https://esm.ubuntu.com/cis/ubuntu jammy InRelease
Hit:7 http://us.archive.ubuntu.com/ubuntu jammy-security InRelease
Hit:8 https://esm.ubuntu.com/apps/ubuntu jammy-apps-security InRelease
Hit:9 https://esm.ubuntu.com/apps/ubuntu jammy-apps-updates InRelease
Hit:10 https://esm.ubuntu.com/infra/ubuntu jammy-infra-security InRelease
Hit:11 https://esm.ubuntu.com/infra/ubuntu jammy-infra-updates InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
4 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
#
# An OpenSSL vulnerability has recently been fixed with USN-6188-1 & 6119-1:
# CVE-2023-2650: possible DoS translating ASN.1 object identifiers.
# Ensure you have updated the package to its latest version.
#
The following packages have been kept back:
libspeechd2 speech-dispatcher speech-dispatcher-audio-plugins speech-dispatcher-espeak-ng
0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded.
openssl 版本:
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
不幸的是,你的假设是错误的。让我为您解读这条消息。
# An OpenSSL vulnerability has recently been fixed with USN-6188-1 & 6119-1:
# CVE-2023-2650: possible DoS translating ASN.1 object identifiers.
# Ensure you have updated the package to its latest version.
这是一条服务消息,告诉您 OpenSSL 有安全更新。这根本不是错误、警告或类似的东西。
The following packages have been kept back:
libspeechd2 speech-dispatcher speech-dispatcher-audio-plugins speech-dispatcher-espeak-ng
0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded.
由于有 4 个软件包被保留,并且没有一个软件包需要升级,因此显然 OpenSSL 已经升级到最新版本。
如果你运行apt policy openssl你会得到:
openssl:
Installed: 3.0.2-0ubuntu1.10
Candidate: 3.0.2-0ubuntu1.10
Version table:
...
这是最新升级版本(截至2023年8月)。
apt消息只是一种服务,称为“APT新闻”。要删除这些消息,请参阅此问答。
这对我来说仍然会出现。如果您知道修补版本(3.0.2-0ubuntu1.10),您可以使用以下命令检查已安装的版本apt list openssl:
openssl/jammy-security,jammy-updates,now 3.0.2-0ubuntu1.10 amd64 [installed]\n当我运行时,我无法让警告消失sudo apt upgrade,但您可以运行sudo pro fix CVE-2023-2650来检查是否有任何其他易受攻击的软件包:
CVE-2023-2650: OpenSSL vulnerability\n - https://ubuntu.com/security/CVE-2023-2650\n\nNo affected source packages are installed.\n\n\xe2\x9c\x94 CVE-2023-2650 does not affect your system.\n| 归档时间: |
|
| 查看次数: |
2884 次 |
| 最近记录: |