Hello Linux Geeksters. As you may know, LibreSSL is an open-source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, being forked from the OpenSSL 1.0.1g branch, after the discovery of the Heartbleed bug in OpenSSL.
LibreSSL is developed and maintained by the OpenBSD developers and has become available also for Linux systems. The latest stable version available is LibreSSL 2.1.6, which has been released recently, coming with fixes for the below issues:
- Segmentation fault in ASN1_TYPE_cmp
- ASN.1 structure reuse memory corruption
- PKCS7 NULL pointer dereferences
- Use After Free following d2i_ECPrivatekey error
- X509_to_X509_REQ NULL pointer deref
Also worth mentioning, Google has also started their own OpenSSL fork under the name of BoringSSL and promised to exchange fixes with LibreSSL.
In this article I will show you how to install LibreSSL 2.1.6 on the most popular Linux systems, including: Ubuntu, Linux Mint, Pinguy OS, Elementary OS, LXLE, Peppermint, Deepin, Linux Lite, Debian, Kwheezy, Crunchbang, SparkyLinux, Fedora, CentOS, OpenSUSE, Mageia, OpenMandriva, Arch Linux and Manjaro.
LibreSSL 2.1.6 is available via the OpenBSD ports and has to be installed from sources. Follow the instructions exactly, in order to get a successful installation.
Download the archive, extract it and cd to the extracted folder:
$ wget http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.1.6.tar.gz
$ tar -xzvf libressl-2.1.6.tar.gz
$ cd libressl-2.1.6
Configure, build and install:
$ sudo make install
$ sudo ldconfig