

Tell HN: Ubuntu already updated openssl packages - jqueryin

If you&#x27;re on Ubuntu, you can simply run an update to patch the bug:<p><pre><code>    sudo apt-get update
    sudo apt-get upgrade
</code></pre>
Thanks Ubuntu!
======
jqueryin
For those interested, here is a direct link HN user josh-rale had posted in
the other popular thread:

[http://people.canonical.com/~ubuntu-
security/cve/2014/CVE-20...](http://people.canonical.com/~ubuntu-
security/cve/2014/CVE-2014-0160.html)

------
jamesbritt
Is this better (or notably different) than doing

    
    
         sudo apt-get update
         sudo apt-get dist-upgrade
    
    ?

~~~
jqueryin
dist-upgrade can perform unpredictably and can put your servers in a fubar
state. Here's just a quick comparison of the two:

[http://askubuntu.com/questions/194651/why-use-apt-get-
upgrad...](http://askubuntu.com/questions/194651/why-use-apt-get-upgrade-
instead-of-apt-get-dist-upgrade)

~~~
ars
That is not accurate.

dist-upgrade is when you are upgrading from one release to another, i.e. a
major update, some downtime expected. It's main claim to fame is that it is
able to remove a package if necessary for the upgrade (necessary because
packages get outdated and removed).

For normal upgrades you don't need it (but it's harmless if you use it
anyway). A normal security upgrade will never delete any packages, so using it
doesn't make any difference.

~~~
jqueryin
So what you're saying is you don't trust the man pages from apt-get?

~~~
ars
What are you talking about?

The information I wrote is FROM the man page.

