openssl again -- zypper up or patch

Was looking for the update, didn’t see it but upon closer inspection my systems updated openSSL before I realized it was needed.

Yes, Virginia…
Although not as serious as Heartbleed another fairly serious openssl vulnerability was just patched (as well as a number of others)
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00008.html

Inspecting my systems, it looks like updating or patching will install the necessary security fix

zypper up

or

zypper patch

The link above describes the openssl version you want to see if you run the following
Version: 1.0.1h-11.48.1

zypper info openssl

Congrats to our Developers who pushed a patch within hours

TSU

Well, as

zypper patch

(or YaST > Softwarer > Online update) will install all that is on the Update repos (when you have the package of course and when there is a security or recommended update) and because that is all you get (and need) during the lifetime of an openSUSE version, it is logical to me that you get such an update. The more because it is anouinced on the News and Anouncements > Security anouncemenats on our forums https://forums.opensuse.org/forumdisplay.php/666-Security-Announcements

And as

zypper update

incorporates zypper patch, I am not amazed that it installs the same security update (when not already installed).

But I fail to see the question you have.

Not a question(note the light bulb icon), but something important enough people should know to do because of the unusual serious consequesnces if you don’t.

Since openSUSE normally updates or patches on bootup, this warning/advisory applies mainly to anyone who runs the machine 24/7. These people wouldn’t automatically get the patch so need to do something manually.

TSU

Does it? I have never seen that happen.

Apper runs at or soon after a new boot.

But if you run Apper you will normally get notified of updates anyway.

Yes, but it does not update. It just notifies you that there are updates.

True unless you have auto-update set on

I guess that everybody that runs a system, 24/7 or not, has his policy for updates in place.

On 2014-06-07 22:46, tsu2 wrote:

> Since openSUSE normally updates or patches on bootup, this
> warning/advisory applies mainly to anyone who runs the machine 24/7.
> These people wouldn’t automatically get the patch so need to do
> something manually.

The same as those that get the update on boot, which is not really boot,
but desktop session start, via apper. Apper runs periodically.

But people running machines 24/7, like me, disable apper. We use other
strategies, typically.


Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)