Solved Installing openssl from Trixie by creating a backport?

Solved issue

CaffeineAddict

Well-Known Member
Joined
Jan 21, 2024
Messages
1,626
Reaction score
1,121
Credits
13,466
There is a bug in openssl that affects my use of osslsigncode command because it fails to verify X509 certs.

My openssl on Debian bookworm is:

Bash:
openssl version
OpenSSL 3.0.14 4 Jun 2024 (Library: OpenSSL 3.0.14 4 Jun 2024)

However to deal with the bug I can manually build and install a backport from Trixie which is version 3.3.1-7 and so it fixes this bug:

I suppose prior to that I need to uninstall current openssl, however there are several installed packages that depend on currently installed openssl package:

Bash:
apt rdepends openssl --installed
openssl
Reverse Depends:
  Suggests: exim4-base
    openssl:i386
  Depends: libtpms0
    openssl:i386
  Suggests: unbound
    openssl:i386
  Depends: swtpm-libs
    openssl:i386
  Depends: openvswitch-common
    openssl:i386
  Depends: libtpms0
    openssl:i386
  Depends: ca-certificates (>= 1.1.1)
    openssl:i386
  Suggests: exim4-base
    openssl:i386
  Enhances: ca-certificates
    openssl:i386

Question is, can I safely purge currently installed openssl and then install manually built Trixie backport without braking currently installed dependent packages?

edit:
Building a backport fails, but nonetheless the question remains open in case I stumble on same issue with other package in the future.
 
Last edited:


No need to uninstall before upgrading a package.
 
No need to uninstall before upgrading a package.
Thanks for reply, so dpkg -i *.deb will auto remove old package and install the new one.
Didn't know that, but I've just run man dpkg out of curiosity and it says so for --install option, thanks.
 

Members online


Top