Here you go for Ubuntu: this is the security update that backports this patch to Ubuntu 14.10, Ubuntu 14.04 LTS,Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS: http://www.ubuntu.com/usn/usn-2459-1/ In these cases, don't upgrade your OpenSSL installation.Here's the list of package versions that you should NOT install (that is, the package versions with the backported patch):How to avoid upgrading accidentally? Simply execute:PS: don't trust the version reported byas it does not cover the backports. Executeto see which version you have.

buycoin.cc



Offline



Activity: 28

Merit: 0







NewbieActivity: 28Merit: 0 Re: Users of Bitcoin Core on Linux must not upgrade to the latest version of OpenSSL January 28, 2015, 12:42:41 AM #85 Quote from: theymos on January 10, 2015, 05:58:29 AM

http://sourceforge.net/p/bitcoin/mailman/message/33221963/



Summary:



There is a problem with the most recent release of OpenSSL which will cause issues for some users of Bitcoin Core on Linux. This is not a critical security issue, but everyone using Bitcoin Core on Linux should read the following information, especially if you're automatically processing Bitcoin payments. The worst-case scenario is that you might accept transactions as confirmed which are later reversed.



You are likely to be affected only if:



- You use Linux.

- You installed Bitcoin Core using your distro's package manager or you compiled Bitcoin Core yourself without using gitian. You are not affected if you use the binaries on bitcoin.org.

- You upgrade your system's OpenSSL to 1.0.0p or 1.0.1k. These were security-fix releases, so your package manager might have updated them automatically.



If you are affected, then your client might become stuck at a particular block, and you'll have to reindex the block chain to fix it. In some conceivable but unlikely scenarios, you might see incoming transactions as having 6+ confirmations when the transactions are actually invalid. If you are a pool operator, then you could conceivably start mining on a false chain, which would cause you to lose all of your future blocks until you fix this.



If you are using an affected version of Bitcoin Core, you should either make sure that your system OpenSSL does not get updated or shut down Bitcoin Core until an update fixing this is released in a day or two. If Bitcoin Core is already stuck and showing the "We do not appear to fully agree with our peers!" message, shut it down until an update fixing this is released; when you run that version, you'll have to run it with the -reindex switch.

Greg Maxwell's announcement:Summary:There is a problem with the most recent release of OpenSSL which will cause issues for some users of Bitcoin Core on Linux., but everyone using Bitcoin Core on Linux should read the following information, especially if you're automatically processing Bitcoin payments. The worst-case scenario is that you might accept transactions as confirmed which are later reversed.You are likely to be affected only if:- You use Linux.- You installed Bitcoin Core using your distro's package manager or you compiled Bitcoin Core yourself without using gitian. You are not affected if you use the binaries on bitcoin.org.- You upgrade your system's OpenSSL to 1.0.0p or 1.0.1k. These were security-fix releases, so your package manager might have updated them automatically.If you are affected, then your client might become stuck at a particular block, and you'll have to reindex the block chain to fix it. In some conceivable but unlikely scenarios, you might see incoming transactions as having 6+ confirmations when the transactions are actually invalid. If you are a pool operator, then you could conceivably start mining on a false chain, which would cause you to lose all of your future blocks until you fix this.If you are using an affected version of Bitcoin Core, you should either make sure that your system OpenSSL does not get updated or shut down Bitcoin Core until an update fixing this is released in a day or two. If Bitcoin Core is already stuck and showing the "We do not appear to fully agree with our peers!" message, shut it down until an update fixing this is released; when you run that version, you'll have to run it with the -reindex switch.

Hello,



I am develop a trading platform now, I must to compile the bitcoin source code by myself,

so, which version of the openssl I can use? Thanks.



my other question is, why the bitcoin system don't maintain one correct branch of openssl? Hello,I am develop a trading platform now, I must to compile the bitcoin source code by myself,so, which version of the openssl I can use? Thanks.my other question is, why the bitcoin system don't maintain one correct branch of openssl?