TailsOS Version 5.13 from 2023-05-15 uses OpenSSL version 1.1.1n from 2022-03-15 \ stacker news ~tech

TailsOS Version 5.13 from 2023-05-15 uses OpenSSL version 1.1.1n from 2022-03-15 imgprxy.stacker.news/v8m-J5Xf7-Jk2yzbXJ_8sQOIJKgoffVijSLXdRGUQRc/rs:fit:600:500:0/g:no/aHR0cHM6Ly9pLnBvc3RpbWcuY2MvcnNYYnBnYzcvdGFpbHMtb3BlbnNzbC12ZXJzaW9uLnBuZw

30 sats \ 7 comments \ @ek 30 Jul 2023 tech

view all related items

100 sats \ 0 replies \ @final 31 Jul 2023

Debian upstream had froze the openssl/libssl package to 1.1.1n. You are right that it is out of date, it's just Linux distributions like Debian deliberately don't roll releases.

https://packages.debian.org/search?keywords=libssl1.1

10 sats \ 1 reply \ @beorange 30 Jul 2023

It should be a nice contribution for tails, go for it.

0 sats \ 0 replies \ @ek OP 8 Aug 2023

Maybe I will!

0 sats \ 1 reply \ @maths 30 Jul 2023

How is OpenSSL used in Tails? What are some examples of how this effects end-users?

0 sats \ 0 replies \ @ek OP 8 Aug 2023

For one, I need to use this version of OpenSSL if I want to use Tails in airgapped mode.

0 sats \ 0 replies \ @ek OP 30 Jul 2023

Maybe I should use gpg instead of openssl for encrypting files anyway

0 sats \ 0 replies \ @ek OP 30 Jul 2023

How? Was an outdated OpenSSL version installed at the time of build? Or am I misunderstanding something?

For example, on wikipedia, I can see that the LTS version of OpenSSL is indeed 1.1.1u from 2023-05-30:

https://imgprxy.stacker.news/nTsrB3Uqc9v98ZFGinw9xAUa6Uu85tbCUwH6XAjwiuc/rs:fit:600:500:0/g:no/aHR0cHM6Ly9pLnBvc3RpbWcuY2MvVmtkM0RKN0cvMjAyMy0wNy0zMC0xODI4NTctMjg3eDYwNC1zY3JvdC5wbmc

so maybe this is not outdated? But it says n in TailOS, not u. And it still shows the date from last year, not this year.

I am confused.

And maybe I should still use OpenSSL 3.1.1 instead of 1.1.1x?