EPICS Home EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

Format page
for printing


Search Tech-talk
1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  <2024 Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  <2024
<== Date ==> <== Thread ==>
Subject: Re: OpenSSL vulnerability epics
From: Michael Davidsaver via Tech-talk <tech-talk at aps.anl.gov>
To: "Hermann, Raphael P." <hermannrp at ornl.gov>
Cc: "tech-talk at aps.anl.gov" <tech-talk at aps.anl.gov>
Date: Fri, 26 Jan 2024 14:33:11 -0500 
On 1/26/24 10:29, Hermann, Raphael P. via Tech-talk wrote:

Dear colleagues,

I’m running epics on a lab computer and ORNL IT safety flags a few vulnerabilities related to OpenSSL:

/opt/epics/extensions/lib/linux-x86_64/libcrypto.so.1.1 Reported version : 1.1.1 Fixed version : 1.1.1a

/opt/epics/extensions/lib/linux-x86_64/libcrypto.so.1.0.0 Reported version : 1.0.1d Fixed version : 1.0.1g

I’ve recompile the latest base distribution after updating OpenSSL, but it seems this library is not pulled from the system.

Do you have any advice on patching this?


I would suggest first finding if any running process has actually loaded
this library.

fyi. a google search for something like "linux find process using library"
should lead you to the 'lsof' and/or 'fuser' CLI commands.

For example.  fuser shows many processes on my laptop which have loaded
libcrypt.so from the system location.  cf. "man fuser" for the significance
of the trailing 'm'.


sudo fuser /usr/lib/x86_64-linux-gnu/libcrypt.so.1.1.0
/usr/lib/x86_64-linux-gnu/libcrypt.so.1.1.0:     1m   659m   822m  1015m  1177m  1220m  1222m  1225m  1227m  1229m  1230m  1231m  1232m  1628m  1630m  1631m  2554m  2555m  2931m  2932m  3537m  3539m  3673m  3685m 14161m 14162m 24017m 24018m 37014m 37015m
References:
OpenSSL vulnerability epics Hermann, Raphael P. via Tech-talk
Navigate by Date:
Prev: Re: areaDetector monthly meeting Marco A. Barra Montevechi Filho via Tech-talk
Next: RE: MAXnet ld:Can't open "omsAsyn.munch": No such file or directory. Mark Rivers via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  <2024
Navigate by Thread:
Prev: Re: [EXTERNAL] OpenSSL vulnerability epics Hartman, Steven via Tech-talk
Next: known problem with the reccaster on Windows? Heinz Junkes via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  <2024
ANJ, 11 Sep 2024 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·