libssl is the portion of OpenSSL which supports TLS ( SSL and TLS Protocols), and depends on libcrypto. d folder: stable. sudo apt-get update && sudo apt-get install git cmake make gcc g++ clang libmysqlclient-dev libssl1. I have created a c++ app on Debian Jessie 8. yum install openssl openssl-devel # for Redhat/Centos/openSUSE. 0 release, and later releases derived from that, the Apache License v2 applies. 2, then libssl1. I think the most sustainable solution is to upgrade the crates to depend on openssl 0. Unused code was removed, and support for obsolete operating systems was removed. Predictable PRNG In The Vulnerable Debian OpenSSL Package The What And The How Luciano Bello1;2 Maximiliano Bertacchini2 luciano at debian. It assumes that you are setting up a full Xymon server - i. Steam is a proprietary content delivery and launcher application for video games, creative tools, and multimedia such as movies and soundtracks. If you have newer archives or archives for platforms not already present in this table, we'd like to add them to this table with a pointer to your location. There will be many situations where you have to deal with OpenSSL in various ways, and here I have listed them for you as a handy cheat sheet. 2 (whatever the best version found is, on a Linux system). I'm trying to find the location of my ssl directory after installing debian. 0-openjdk-devel package. # Update system repositories sudo apt-get update -y sudo apt-get upgrade -y # Install dependencies sudo apt-get install git libopus-dev libffi-dev libsodium-dev ffmpeg -y sudo apt-get install build-essential libncursesw5-dev libgdbm-dev libc6-dev zlib1g-dev libsqlite3-dev tk-dev libssl-dev openssl -y # If using Debian Stretch or lower, you need to install Python too using sudo apt-get. If you still have problems I might setup a Docker file with Debian 9 later tonight to check myself. sudo apt-get install dpkg-dev sudo apt-get build-dep squid3 sudo apt-get build-dep openssh sudo apt-get install libssl-dev libcrypto++-dev sudo apt-get build-dep openssl sudo apt-get source squid3 sudo apt-get install devscripts build-essential fakeroot sudo apt-get install squid-langpack apache2 cd squid3-3. list and installed OpenSSL 1. 0 is capable of utilizing OpenSSL 1. Yes it is related to the Debian OpenSSL "bug". one would also have to manually add the otherwise not needed libssl*-dev dependency. rpm: Files for development of applications which will use OpenSSL: IUS Community Packages Archive x86_64: openssl10-devel-1. I have installed videlibri on Debian-Sid, 64Bit ans also installed openssl-dev, but there is stilkl a message, that openssl isnt installed. However, I believe there is a solid argument that the current implementation satisfies that. Mail-followup-to: [email protected]
libssl installations on debian wheezy. Qt is the faster, smarter way to create innovative devices, modern UIs & applications for multiple screens. How to install openssl-devel on Ubuntu using apt-get ? Debian OpenSSL Team. I am copying this blog over to my own VPS at Code Ghar. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). In order to compile NGinx in need to install openssl and openssl-dev (I'am following a book guide). It have nothing to do with AUTHENTICATING a user, it just gives us a way to encrypt traffic to/from the LDAP server. 0 release, and later releases derived from that, the Apache License v2 applies. 2k but apt-cache policy openssl says installed is 1. Prerequisites. Ask Question Asked 3 years, 9 months ago. I have created a c++ app on Debian Jessie 8. If you can't update your software, there is also libssl1. pyOpenSSL - Python interface to the OpenSSL library Attention. Double check to make sure you really installed the file libmysqlclient-dev_5. This situation will probably result in Debian not being able to package crates which have openssl 0. x and older are not compatible with latest openssl 1. list and installed OpenSSL 1. Let’s see how it works out. There are a couple of different ways to use this repository:. sudo apt-get install libssl-dev. Starting with El Capitan (10. On Debian'ish Linux systems, you can install OpenSSL with: $ apt-get install libssl-dev. A set of environment variables can be used to point openssl-sys towards an OpenSSL installation. The plain OpenSSL package (libssl) doesn't include the. One of the reasons why you may want to do this is to install a software package that is not available in CentOS repositories. Download libcurl4-openssl-dev_7. After doing so, curl -V is not indicating any OpenSSL, but it works fine even with ALPN support, why I originally did all of this. Change vmware profile settings to force TLSv1. deb for Debian 10 from Debian Main repository. key files should be kept confidential. OpenSSL This project offers OpenSSL for Windows (static as well as shared). 0-dev to help apt find solutions. We offer two Linux distros: - CentOS Linux is a consistent, manageable platform that suits a wide variety of deployments. Hi, I live in Shanghai and due to the latest evens, I am trying to learn and build my own sever. For this page, we discuss use of the Apache server, but you can use nginx or another. 2 issues skipped by the security teams: CVE-2019-1543: ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. Files for development of applications which will use OpenSSL: CentOS Updates x86_64: openssl-devel-1. Current Description. 0-dev; This package is part of the OpenSSL project's implementation of the SSL and TLS cryptographic protocols for secure. About 50% of the comments on my post point to this conversation on the openssl-dev mailing list. ar 1Debian Project 2Si6. I tried to remove with apt, dpk, remove everything with locate + rm commands Still have this f**** reference to openssl 1. d folder: stable. list and testing. Name: CVE-2015-4000: Description: The TLS protocol 1. 6 or older; versions prior to 7. Pythonista, Gopher, and speaker from Berlin/Germany. This is a Debian-specific vulnerability which does not affect other operating systems which are not based on Debian. 1 as default version while Hadoop expects OpenSSL 1. Package: libssl-dev Version: 0. OpenSSL_version_num() returns the version number. 1 is available, the SslStream and HttpClient types will use TLS 1. Perhaps Debian requires a -devel package like the RH variants do, I am not sure as I stick to RH and SuSE and their variants for my work and hosting. org mailing list. 0f-5 Distribution: unstable Urgency: medium Maintainer: Debian OpenSSL Team p. t openssl on DEBIAN. It's not an embedded Linux Distribution, It creates a custom one for you. # macOS $ brew install [email protected]
On the command line, type: $ sudo apt-get install openjdk-7-jre. (or other Debian. org Hi, I've just uploaded a version of OpenSSL to unstable that disables the TLS 1. Binary Packages. 2 and finally libcurl4-openssl-dev. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1. Lessons from the Debian/OpenSSL Fiasco Posted on Wednesday, May 21, 2008. After a long period of development, wxWidgets 3. deb from the Oracle repo. But for simplicity let's just focus on the latter (most severe) one. Because of some security problems I am moving to Apache 7 from Apache 6. This service lets you follow the evolution of Debian both with email updates and a comprehensive web interface. This tutorial walks you through the steps to set up a complete web hosting solution on an Debian 9 server with ISPConfig 3. dpkg -L If you're ever looking for a specific list of files included with one of the packages on your Ubuntu/Debian/Mint Linux setup, here's how you can do it. libcurl4-openssl-dev I am using LinuxMint Debian 64bit and my sources are not compatible. Debian Linux install GNU GCC compiler - Explains how to install GNU GCC compiler and other tools such as GNU make, g++ and headers files to compiler software or write code using C / C++. Debian Bug report logs - #863367 libssl-dev: declare conflict with libssl1. 0 (they are not fully API compatible). h files - you need to install the development package as well. Fixed in OpenSSL 1. kernel_image: This target produces a Debian package of the Linux kernel source image, and any modules configured in the kernel configuration file. Each vulnerability is given a security impact rating by the Apache security team - please note that this rating may well vary from platform to platform. web server certificates) potentially vulnerable. The openssl package openssl contains two vulnerabilities: CVE-2016-7052 & CVE-2016-6309. Prerequisites. 1t-1+deb8u9. Other Packages Related to libcurl4-openssl-dev. A full system reboot resolves that problem, but sometimes that is not possible. To use it you need to include (at least) openssl/ssl. I am not able to find. And there is the problem - i have upgraded from SPDY to http2 and in few days, i will have to turn off http2 and cannot use SPDY because this version of nignx have only http2. 2 issues skipped by the security teams: CVE-2019-1543: ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. 04 (Precise Pangolin) is as easy as running the following command on terminal: sudo apt-get update sudo apt-get install libcurl4-openssl-dev libcurl4-openssl-dev package information. 0, as used in OpenSSL through 1. 0 Secure Sockets Layer toolkit - shared libraries libssl1. It must be used in conjunction with a FIPS capable version of OpenSSL (1. The GPL (including > version > N: 3) is incompatible with some terms of the OpenSSL license, and > therefore > N: Debian does not allow GPL-licensed code linked with OpenSSL > libraries > N: unless there is a license exception explicitly permitting this. For a list of vulnerabilities, and the releases in which they were found and fixes, see our Vulnerabilities page. Package: libssl-dev (1. Starting with El Capitan (10. dpkg -L If you're ever looking for a specific list of files included with one of the packages on your Ubuntu/Debian/Mint Linux setup, here's how you can do it. 0 explicitly. Bug #844018. About 50% of the comments on my post point to this conversation on the openssl-dev mailing list. 0-dev to help apt find solutions. The ssl3getkeyexchange function in s3clnt. Debian, the popular Linux distribution, has just been shown to have made an all-time stupid security goof-up. 1 libcrypto1. Ask Question grep openssl ii libcurl4-openssl-dev 7. libmosquitto - MQTT version 3. The package libssl-dev provides header files to compile against OpenSSL 1. But I get tons of errors: * installing *source* package 'curl' ** package 'curl' successfully unpacked and MD5 sums checked Package libcurl was not. xx) on Thu 18 Oct 2012 at 13:44 The command apache2-ssl-certificate is not being found in Ubuntu/Debian. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. I am fairly new to raspberry pi's and Linux so forgive me if my question is trivial. An update for openssl is now available for Red Hat Enterprise Linux 6. Debian Wheezy (stable), OpenSSL 1. This page lists all security vulnerabilities fixed in released versions of Apache HTTP Server 2. I got around the issue by installing all dependencies manually (something like: apt install libyaml-dev libxml2-dev libssl1. Simply specify the size and location of your worker nodes. Another mail about a year later clearly says that a patch commenting out those lines made it into Debian, again with no feedback, so even the "If OpenSSL had known that this should go into Debian" argument is. Backports are packages taken from the next Debian release (called "testing"), adjusted and recompiled for usage on Debian stable. 2, then libssl1. Description A security vulnerability was discovered in OpenSSL, the Secure Sockets Layer toolkit. This package is part of the OpenSSL project's implementation of the SSL and TLS cryptographic protocols for secure communication over the Internet. However, Ubuntu "snapshots" a specific version of PostgreSQL that is then supported throughout the lifetime of that Ubuntu version. Download libssl-dev_1. As usual, along with sources and documentation, we provide binaries for the selected Windows compilers (Microsoft Visual C++ and MinGW-TDM). On Debian or Ubuntu use libssl-dev and libsasl2-dev: sudo apt-get install -y libssl-dev libsasl2-dev. 0 release, and later releases derived from that, the Apache License v2 applies. This is the complete repository of all manpages contained in Debian. In Debian Stretch, it can be done by executing the following command: # ln -s openssl-1. 0-dev libreadline-dev zlib1g zlib1g-dev libbison-dev libxslt1-dev libxml2-dev) before running the ruby install telling it to NOT install dependencies, like so ruby-install ruby --no-install-deps 2. Spin up a managed Kubernetes cluster in just a few clicks. This module provides strong cryptography for the Apache 1. If you only need the OpenSSL library, and if version 1. 0-dev package must be used instead. OpenSSL Insecure Protocol Negotiation Weakness Solution: The vendor has released new versions of OpenSSL to address this issue. 1, OpenSSL 1. This document will guide you on how to rebuild a Source RPM (SRPM) package on your CentOS distribution. Description of software in the Debian Linux distribution under maintenance of the Debian Edu team. The original query of the Debian Developer resulted in an unfortunate answer of an OpenSSL team member, and other than that ignorance. 1 openssl is a lot of work. 1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle. The OpenSSL FIPS Object Module 2. We protect your website and your customers. 5 rvm install 2. easy-to-use client-side URL transfer library (OpenSSL flavour) sug: libcurl4-doc documentation for libcurl sug: libidn11-dev Development files for GNU Libidn, an IDN library sug: libkrb5-dev headers and development libraries for MIT Kerberos sug: libldap2-dev OpenLDAP development libraries sug: librtmp-dev. Some of the most important updates are: i18n for French, Spanish, Chinese and Japanese. 1a (Affected 1. SSL support is provided by OpenSSL. 509 certificate. For example, "OpenSSL 1. Solved, turns out in my environment Mac/Linux clients had to use TLSv1. org removed it. Some of the most important updates are: i18n for French, Spanish, Chinese and Japanese. Download libcurl4-openssl-dev_7. OSUOSL © 2019 © 2019. The kernel is based on Linux kernel v3. SERVER-OTHER SSL request for export grade cipher suite attempt. 2, then libssl1. apt-get install -y --no-install-recommends \ libargon2-0-dev \ libcurl4-openssl-dev \ libedit-dev \ libsqlite3-dev \ libssl-dev \ It wrong repo for this issue? Sorry I am nube in linux make command - build libssl-dev for debian stretch package. Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things. FreeSWITCH is an open source telephony platform designed to facilitate the creation of voice and chat driven products scaling from a soft-phone up to a soft-switch. None (system default protocols), assuming both the client and server support TLS 1. 0-dbg Secure Sockets Layer toolkit - debug information openssl. 0i-dev (Affected 1. pem -encrypt -in my-message. Supporting dual-stack 1. If I have a web crawler (using a non-patched version of OpenSSL) that can be coaxed to connect to an evil https-site, can they get everything from my process memory?. Ruby Version Manager (RVM) RVM is a command-line tool which allows you to easily install, manage, and work with multiple ruby environments from interpreters to sets of gems. Right now, SecureRandom. Similar packages: libssl-doc; libssl1. 5 rvm install 2. OpenSSL is a widely used crypto library that implements SSL and TLS protocols for secure communication over computer networks. 2 is appropriate, then you can install libssl1. There is an overview of the changes. It currently uses the static libcrypto, which fails linking shared libs at least on hppa. ### Client configuration file for OpenVPN # Specify that this is a client client # Bridge device setting dev tap # Host name and port for the server (default port is 1194) # note: replace with the correct values your server set up remote your. I have installed all necessary libs using [code] aptitude install libpcre3 libpcre3-dev libpcrecpp0 zlib1g-dev libssl-dev libgd2-xpm-dev [/code] This. 1e-2+deb7u20. As a result, cryptographic key material may be guessable. Fixed in OpenSSL 1. The Debian Project is an association of individuals who have made common cause to create a free operating system. 0 or later, openssl list-public-key-algorithms will output a list of supported algorithms, see also the note below about limitations of OpenSSL versions prior to 1. Install libcurl4-openssl-dev. 7 - openssl But like scsi said it's dangerous to uninstall openssl, but in my case I had to reinstall it because PHP didn't function anylonger on both of my servers because of openssl problems. The OpenSSL FIPS Object Module 2. 8 Date: Tue, 08 Aug 2017 16:13:54 +0200 Source: openssl Binary: openssl libssl1. Some of the packages we distribute are under the GPL. 3 dev libssl-dev libbz2-dev libjpeg-dev libpng-dev libxpm-dev libfreetype6-dev libgmp-dev libgmp3-dev libmcrypt-dev. list to the /etc/apt/sources. OpenSSL is an open source implementation of the SSL protocol. This is/was an issue for me using debian stretch (v9). Debian said the flaw arises for a change it alone made in the OpenSSL package, suggesting that Linux distributions not derived from Debian are free from the bug. The Yocto Project. 2 (whatever the best version found is, on a Linux system). 1 and beta versions of 1. The process is very simple. Openssl upgrade in debian. The EVP api is implemented by a lower level Diffie Hellman API. As of September 2019, over 60% of sites on the web using PHP are still on discontinued/"EOLed" version 5. The most common usecase for completely and irrevocably wiping a device will be when the device is going to be given away or sold. The following page is a combination of the INSTALL file provided with the OpenSSL library and notes from the field. 0-dbg; openssl; libssl1. 0f 25 May 2017 (Library: OpenSSL 1. Last week, Debian announced that in September 2006 they accidentally broke the OpenSSL pseudo-random number generator while trying to silence a Valgrind warning. exe (32-bit installation) Use the setup program to perform a fresh install or to update an existing installation. NAME¶ curl-config - Get information about a libcurl installation SYNOPSIS¶ curl-config [options] DESCRIPTION¶ curl-config displays information about the curl and libcurl installation. Ask Question Asked 3 years, 9 months ago. Download libssl-dev_1. Who are we? debian-cd is a small team of people working on creating, testing and distributing Debian images for you. I’m trying out a static blog/site generator, Nikola, as the platform to create and manage this content. OpenSSL Debian 5 - Learn how to install OpenSSL on Debian 5 and how to configure OpenSSL on Debian 5 using our tutorials and documentation or download a virtual appliance. Your donation powers our service to the FOSS community. Download libcurl4-openssl-dev_7. OpenSSL is used by many programs like Apache Web server, PHP, Postfix and many others. Thus the information here is of little interest the package is going to disappear unless someone takes it over and reintroduces it. An attacker could use variations in the signing algorithm to recover the private key. 0 (they are not fully API compatible). If you are interested in this package, please consider helping out. Is there a way I can install it completely unattended without the prompts for overwriting config files?. The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2. 6) linux deb package for VPS using sbuild (for Debian 6 & 7) ” Andrew W Lee February 4, 2015 at 9:53 am. 8c-1 up to versions before 0. version script patch from Debian. 4 amd64 GNU TLS library - OpenSSL wrapper ii openssl 1. これは Debian 固有の openssl への誤った修正 (CVE-2008-0166) が原因です。この結果として、暗号に使う鍵 の材料が予測可能です。 これは Debian 固有の欠陥であり、Debian 派生ではない他の OS には影響があ りません。. 2p-dev (Affected 1. 04 LTS from Ubuntu Updates Main repository. 1k allows remote SSL servers to conduct RSA-to-EXPORTRSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the. (Also note that these 'dev' packages all have their corresponding binary packages as dependencies, so installing a dev package will ensure that its binary package is also installed. The flaw has been traced back to an. Download libssl-dev_1. Ask Question grep openssl ii libcurl4-openssl-dev 7. Locating openssl on Debian. Development of pyOpenSSL has moved to github. - libssl-dev - libssl0. For more information about the team and how it all works, see the Debian wiki page about us. I am not moving or deleting this blog from here because that would cause many links to be broken. – jww Feb 2 '17 at 2:21. The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. 04 and even after performing the latest updates still it remains the same. libressl-doc: development documentation. About 50% of the comments on my post point to this conversation on the openssl-dev mailing list. OpenSSL: open Secure Socket Layer protocol Version. For apt-get distributions (Debian and derivatives such as Ubuntu), issue the following to locate the package name and install the package. one would also have to manually add the otherwise not needed libssl*-dev. 0-dbg Secure Sockets Layer toolkit - debug information openssl. In this thread, the Debian maintainer states his intention to remove for debugging purposes a couple of lines that are "adding an unintialiased buffer to the pool". 1e system:ARMv5 Now i have to. A set of environment variables can be used to point openssl-sys towards an OpenSSL installation. Description. 1 and only debian stretch will have openssl 1. Both times I know I mostly understood the issue, but not entirely, so I inevitably forgot the details in pretty short order. [2019-07-26 16:37 UTC] rg dot viza at gmail dot com IMHO distro specific issues belong in their distro It'd unreasonable to expect the configure/php people to keep up with every cockamamie place distro maintainers decide to put things. 2 as the only supported SSL/TLS protocol version. i'm going to go on a limb and bet that most "regressions" we'll see in libressl will be of two kind. Use: sudo apt-get install libssl-dev Also see What is “openssl binaries” and “openssl development package”? on the Ubuntu Stack Exchange. 2 (whatever the best version found is, on a Linux system). I am copying this blog over to my own VPS at Code Ghar. Download libcurl4-openssl-dev_7. If I check the Oracle DEB file for Debian 9, it seems they do use the name libmysqlclient. 1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. It contains development libraries, header files, and manpages for libssl and libcrypto. 이번 핫 이슈는 openssl 심장출혈(heartbleed) 버그가 있습니다. Solved, turns out in my environment Mac/Linux clients had to use TLSv1. deb for Debian 10 from Debian Main repository. I am not moving or deleting this blog from here because that would cause many links to be broken. @@ -2,6 +2,8 @@ openssh (1:7. We currently only support Airpcap; other adapters may be supported but require development of your own DLL so the different tools can interact with it. Download openssl packages for ALTLinux, Arch Linux, CentOS, Debian, Fedora, FreeBSD, Mageia, Mint, NetBSD, OpenMandriva, openSUSE, PCLinuxOS, ROSA, RPM Universal. Each vulnerability is given a security impact rating by the Apache security team - please note that this rating may well vary from platform to platform. 0 Secure Sockets Layer toolkit - shared libraries libssl1. Secure Sockets Layer toolkit - development files packages Skip to content package names descriptions source package names package contents all options. Also note that openSSL 1. apt-get install -y --no-install-recommends \ libargon2-0-dev \ libcurl4-openssl-dev \ libedit-dev \ libsqlite3-dev \ libssl-dev \ It wrong repo for this issue? Sorry I am nube in linux make command - build libssl-dev for debian stretch package. The OpenSSL library also has additional requirements for normal operation at run-time. Install openssl-dev on Ubuntu server. If you want to compile ZNC with OpenSSL support, you need the OpenSSL development package. h and to link your program with libssl library. sudo apt-get --no-install-recommends -y install build-essential openssl libreadline6 libreadline6-dev curl git-core zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt-dev autoconf libc6-dev libgdbm-dev ncurses-dev automake libtool bison subversion pkg-config libffi-dev Install Ruby v. I ran into this problem with the OpenSSL 1. pem -x509 -days 36500 -out certificate. Predictable PRNG In The Vulnerable Debian OpenSSL Package The What And The How Luciano Bello1;2 Maximiliano Bertacchini2 luciano at debian. Hi i want to install the VMware-vSphere-Perl-SDK-4. Solved, turns out in my environment Mac/Linux clients had to use TLSv1. We recommend that you upgrade your openssl packages. but the response is: Reading package lists Done Building dependency tree Reading state information Done Calculating upgrade Done openssl is already the newest version. 1+deb9u4: Hugo Lefeuvre. xx) on Thu 18 Oct 2012 at 13:44 The command apache2-ssl-certificate is not being found in Ubuntu/Debian. Configure HAProxy to Load Balance Site with SSL PassThrough. By default, PHP's packages are distributed with --with-openssl=[defaultpath]. Debian package for LibreSSL. OPENSSL_VERSION_TEXT is the text variant of the version number and the release date. Current Description. I think the most sustainable solution is to upgrade the crates to depend on openssl 0. An attacker could use variations in the signing algorithm to recover the private key. For apt-get distributions (Debian and derivatives such as Ubuntu), issue the following to locate the package name and install the package. 8 - libssl0. It means you only have to install openssl (or any other variant) e. pref and testing. It contains a list of of all DSA-1024 and RSA-2048 keys generated by a Debian sabotaged OpenSSL PRNG. list and make sure the lines ending with universe are not commented out. Do you know if -partial_chain is relatively new? Thanks a ton!. sudo apt-get install dpkg-dev sudo apt-get build-dep squid3 sudo apt-get build-dep openssh sudo apt-get install libssl-dev libcrypto++-dev sudo apt-get build-dep openssl sudo apt-get source squid3 sudo apt-get install devscripts build-essential fakeroot sudo apt-get install squid-langpack apache2 cd squid3-3. I am not able to find. d folder: stable. On Fedora, CentOS or RHEL use openssl-devel and cyrus-sasl-devel: sudo yum install openssl-devel cyrus-sasl-devel. Whether debian legal see this as enough though is a matter for them there's that whole dynamic linking ickyness. This not only duplicates code and development effort, but has the potential to create security vulnerabilities when plugin developers stray from best practices, for example, when recreating the AJAX add term functionality. 1e is susceptible to the Heartbleed bug , if this is significant to what you are building you may want to upgrade somehow (there's a 1. In fact, the first line he quotes is the first one I described above, i.