Laravel Forge Ubuntu Update and Upgrade Manual with OpenSSL bugfixes

Be careful: Not all commands have been fully tested, you use these instructions with care and on your own risk. To repeat, as goes for all our articles, using our instructions is on your own risk!
This article primarily focuses on Ubuntu 14.04 and 16.04 servers that are working with Laravel Forge, but it can be useful for all Ubuntu (server) users.

As mentioned, OpenSSL recently had a security vulnerability with code CVE-2016-2107. This vulnerability is fixed in OpenSSL 1.0.2h – 3 May 2016. Check your current version by entering the command:

openssl version -v 

Only updating OpenSSL?

Then you can run:

sudo apt-get install --only-upgrade libssl1.0.0 openssl

Then restart Nginx:

sudo service nginx restart

Check if the version is upgrade by entering the command:

openssl version -v 

If it is all right you should see the version:

OpenSSL 1.0.2h 3 May 2016

Or newer of course.

Doing an update or upgrade within the same version

As instructed by DigitalOcean, you can update or upgrade Ubuntu by updating the package list:

sudo apt-get update

Then, upgrade installed packages to their latest available versions:

sudo apt-get upgrade

You will be shown a list of upgrades, and prompted to continue. Answer y for yes and press Enter. Then, the packages are updated and upgraded

Error: Unmet dependencies?

While upgrading, the following error may occur:

The following packages have unmet dependencies:
linux-image-extra-3.13.0-66-generic: Depends: linux-image-3.13.0-66-generic but it is not installed
linux-image-extra-3.13.0-79-generic: Depends: linux-image-3.13.0-79-generic but it is not installed
linux-image-generic: Depends: linux-image-3.13.0-79-generic but it is not installed"

Therefore you can install the missing images by entering the command:

sudo apt-get install -f

It could be that you get this message:

Unpacking linux-image-3.13.0-79-generic (3.13.0-79.123) ...
dpkg: error processing archive /var/cache/apt/archives/linux-image-3.13.0-79-generic_3.13.0-79.123_amd64.deb (--unpack):
 cannot copy extracted data for './boot/vmlinuz-3.13.0-79-generic' to '/boot/vmlinuz-3.13.0-79-generic.dpkg-new': failed to write (No space left on device)
No apport report written because the error message indicates a disk full error
                                                                              dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)

In that case read the next paragraph.

Full /boot directory?

When installing missing dependencies and running the command:

sudo apt-get install

There might occur an error as described in the previous paragraph. This can be solved by following the following steps as described on Stack Overflow.
When you command:

df -h

You probably would see that the /boot directory is 100% filled. In that case:

First, identify the space to be used,

cd /boot
du -sk *|sort -n

There might be a lot of kernels. Then run:

uname -a

to get the running kernel. The user on Stack Overflow: identified that I was on Linux alternate 2.6.32-43-server and did a tar of 6 of the versions that were not running, and were old.

tar -cvf ~username/boot.tar *2.6.32-44-server *2.6.32-45-server *2.6.32-46-server *2.6.32-47-server *2.6.32-48-server *2.6.32-49-server

Then do a rm -rf of what is backed up:

rm -rf *2.6.32-44-server *2.6.32-45-server *2.6.32-46-server *2.6.32-47-server *2.6.32-48-server *2.6.32-49-server

I am showing these commands as examples, you will have to decide what you will work with for your situation.

Now that you have some space on /boot, you are able to run

apt-get -f install 

To clean up the failed install of 2.6.32-56-server.

Then do:

apt-get remove linux-headers-2.6.32-38 linux-headers-2.6.32-38-server linux-image-2.6.32-38-server
apt-get remove linux-headers-2.6.32-39 linux-headers-2.6.32-39-server linux-image-2.6.32-39-server

This gives room to put back what I had backed up.

tar -xf ~username/boot.tar
rm  ~username/boot.tar    

To clean up, you could could run:

apt-get autoremove

Then reboot and you will see you are using a very small percentage of /boot.

>> Doesn’t that work? You can also try this Stack Overflow-answer, which also worked for me.

Release upgrading from 14.04 to 16.04

Be careful! As “zachleigh” mentions on Laracasts: “If you’re already using php7 in 14.04, then there really isnt much point in upgrading now I guess. 14.04 is supported until spring 2018 so you still have a couple years before you have to do anything. May as well wait until the next long term support release, 18.04, comes out in 2018.”

If you still would like to do this, read the guide by DigitalOcean and run:

sudo do-release-upgrade

Leave a Reply

Your email address will not be published.