Ubuntu
openssl package

Ubuntu 12.04_5 LTS and openSSL 1.0.1 EOL

Bug #1596831 reported by Anestis
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openssl (Ubuntu)
Won't Fix
Undecided
Unassigned

Bug Description

With OpenSSL 1.0.1 EOL in December this year, openSSL needs to be upgraded to version 1.0.2.

This affects :

Description: Ubuntu 12.04.5 LTS
Release: 12.04

Lib:
apt-cache policy openssl
openssl:
  Installed: 1.0.1-4ubuntu5.36
  Candidate: 1.0.1-4ubuntu5.36
  Version table:
 *** 1.0.1-4ubuntu5.36 0
        500 http://nl.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages
        100 /var/lib/dpkg/status
     1.0.1-4ubuntu3 0
        500 http://nl.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages

Revision history for this message
Manfred Hampl (m-hampl) wrote :

From https://www.openssl.org/policies/releasestrat.html

Support for version 1.0.1 will cease on 2016-12-31. No further releases of 1.0.1 will be made after that date. Security fixes only will be applied to 1.0.1 until then.

How is Ubuntu going to deal with that? Both Precise and Trusty currently have 1.0.1 versions, and both Ubuntu releases have a target life time beyond that date.

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Ubuntu doesn't typically update to newer software versions. Like most other Linux distros, we backport security patches to the versions of software we ship, whether or not there is still upstream support for it.

Changed in openssl (Ubuntu):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Related questions

Remote bug watches

Bug watches keep track of this bug in other bug trackers.