Blargh

The wonder of UNIX is that you can delete running binaries and loaded shared libraries. The drawback is that you get no warning that you're still actually running old versions. E.g. old heartbleed -vulnerable OpenSSL. Server binaries are often not forgotten by upgrade scripts, but client binaries almost certainly are. Did you restart your irssi? PostgreSQL client? OpenVPN client ? Find processes running with deleted OpenSSL libraries: $ sudo lsof | grep DEL.*libssl apache 17179 root DEL REG 8,1 24756 /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 Or if you're extra paranoid, and want to make sure everything is using the right OpenSSL version: !/bin/sh set -e LIB="/usr/lib/x86_64-linux-gnu/libssl.so.1.0.0" if [ ! "$1" = "" ]; then LIB="$1" fi INODE="$(ls -i "$LIB" | awk '{print $1}')" lsof | grep libssl.so | grep -v "$INODE" A few...