Brad Spry
Results
2
comments of
Brad Spry
Tool reports red fail against Debian openssl 1.0.1e-2+deb7u6 But Debian security tracker reports openssl 1.0.1e-2+deb7u6 status as FIXED: https://security-tracker.debian.org/tracker/CVE-2014-0160 Please advise.
Where I went wrong was using the 'apt-get install --only-upgrade openssl' method, which did not upgrade package 'libssl1.0.0'. Updating package 'openssl' was not enough... You must also update package 'libssl1.0.0'.