Any chance on an os 6 update that will get us to openssl 1.1.1 soon? The usage of cloudflare is making 1.0.0 a bit annoying. Debian Jessie was released in 2015 and is pretty officially dead June 30. Is stretch or buster coming soon?
Re: OpenSSL 1.1.1
Agree. Same question from me. I'm running a ReadyNAS 214 with the latest 6.10.3 on it.
# dpkg -l | grep openssl ii openssl 1.0.1t-1+deb8u12 armel Secure Sockets Layer toolkit - cryptographic utility
I am trying to use Python 3.6.9 and am getting the following message. Anyone know how to upgrade OpenSSL manually without borking the entire NAS?
$ python3 -m OpenSSL.debug Traceback (most recent call last): File "/usr/local/lib/python3.6/runpy.py", line 183, in _run_module_as_main mod_name, mod_spec, code = _get_module_details(mod_name, _Error) File "/usr/local/lib/python3.6/runpy.py", line 109, in _get_module_details __import__(pkg_name) File "/usr/local/lib/python3.6/site-packages/OpenSSL/__init__.py", line 8, in <module> from OpenSSL import crypto, SSL File "/usr/local/lib/python3.6/site-packages/OpenSSL/crypto.py", line 15, in <module> from OpenSSL._util import ( File "/usr/local/lib/python3.6/site-packages/OpenSSL/_util.py", line 6, in <module> from cryptography.hazmat.bindings.openssl.binding import Binding File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 205, in <module> _verify_openssl_version(Binding.lib) File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 169, in _verify_openssl_version "You are linking against OpenSSL 1.0.1, which is no longer " RuntimeError: You are linking against OpenSSL 1.0.1, which is no longer supported by the OpenSSL project. You need to upgrade to a newer version of OpenSSL.
Re: OpenSSL 1.1.1
It turns out it wasn't that hard to rebuild ssl and python. I didn't build an rpm, but I have a tarball you can unpack in /usr/local. I kept everything to two folders /usr/local/ssl and /usr/local/python3.6. You have to add one link in /usr/local/bin for the new python. This way it doesn't affect the rest of your system. However, anything besides python that you want to use the new SSL library has to be rebuilt. If someone wants it private message me and I'll send you a link.