升级到安全openssl失败

方法：

在/etc/apt/sources.list中有：

deb http://security.debian.org/ wheezy/updates main contrib non-free

然后做：

 apt-get update apt-cache policy openssl apt-get install openssl apt-cache policy openssl will show you candidate updates apt-get install openssl will upgrade to last openssl version

实际：

 # uname -a Linux XXX 3.10-3-amd64 #1 SMP Debian 3.10.11-1 (2013-09-10) x86_64 GNU/Linux # cat /etc/apt/sources.list | sed '/^#/d' | sed '/^$/d' deb http://security.debian.org/ wheezy/updates main contrib non-free # apt-cache policy openssl openssl: Installed: 1.0.1e-3 Candidate: 1.0.1e-3 Version table: *** 1.0.1e-3 0 100 /var/lib/dpkg/status 1.0.1e-2+deb7u6 0 500 ... <cannot post more than 2 "links"> wheezy/updates/main amd64 Packages 500 ... <cannot post more than 2 "links"> wheezy/updates/main amd64 Packages 1.0.1e-2+deb7u4 0 500 ... <cannot post more than 2 "links"> wheezy/main amd64 Packages 500 ... <cannot post more than 2 "links"> wheezy/main amd64 Packages # apt-get install openssl Reading package lists... Done Building dependency tree Reading state information... Done openssl is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

是什么赋予了？

我不知道你在哪里得到openssl 1.0.1e-3 。但是由于它的版本号比版本库中实际版本更高，因此不会被视为升级候选版本。

通过显式select版本来安装更新：

 apt-get install openssl=1.0.1e-2+deb7u6

如果我没有记错的话Wheezy有一个OpenSSL的1.0.1e版本。它仍然是安全的反对心脏病。

运行openssl version -a应该给出类似于：

 ~# openssl version -a OpenSSL 1.0.1e 11 Feb 2013 built on: Mon Apr 7 20:32:27 UTC 2014 platform: debian-amd64

如果在过去的几天内build成的话，那你还好。