The recently announced patch for
openssl does a
good thing: it looks for services known to use libssl and offers to
restart them for you.
However, it doesn't seem to notice apache2, which relies heavily on
libssl when mod_ssl is enabled. You can check to see what services
still use the old libraries (as discussed earlier in my weblog
here). If you see
apache2 among that list, you should almost certainly do:
/etc/init.d/apache2 restart
Alternately, if you already know that you're using mod_ssl, you'll
have an opportunity to add apache2 to the list of services to be
restarted during the upgrade of libssl.
Many thanks to the debian security team for publishing this fix and making it so straightforward to restart most of the affected services. Your work is much appreciated!
Tags: security, tip, tip security upgrade, upgrade