Mageia forum

Hi,

I would like to know/understand if openssl is usefull for my desktop computer. After the vulnerabilty annoucment of openssl last Monday, I update my Mageia 4 and I see that openssl was installed (and of course I accept the update).
But what happen if I disabeld this package (I am not using my PC for a server) ?
I thought it was just usefull for server....

David

You might have trouble connecting to web sites that use ssl, such as this forum. Usually these are sites that are identified as https rather than http.

Jim

jkerr82508 wrote:You might have trouble connecting to web sites that use ssl, such as this forum. Usually these are sites that are identified as https rather than http.

But as far as I know only some browsers are using OpenSSL (firefox is using NSS)...

davidmageia wrote:But what happen if I disabeld this package (I am not using my PC for a server) ?

However, several programs like wget and curl are using openSSL to communicate with server. So you might run into trouble if you are using such program and have openSSL disabled.
I just read it in german tec news so I don't have a link in English available.

Check the following command as root to get a list of processes which are currently using libssl directly or indirectly, you will be surprised.

Code: Select all

grep -l 'libssl.*' /proc/*/maps | tr -cd 0-9\\n | xargs -r ps u

command courtesy of https://www.getpantheon.com/heartbleed-fix