I encountered this exact problem, but for libssl-devlibssl3apt-get update && apt-get dist-upgrade && apt-get install libmysqlclient-dev
I had no problem with this same process literally less than 12 hours ago. I went digging through commits and found this wonderful clusterfuck:
If you look closely at the last link, you can see that someone started fooling around with this 8 hours ago, which is why I didn't notice it super early this morning but do now.
I strongly suspect that either a) someone at Canonical broke this, or b) the package servers have not gotten all of their updates in order yet. Simon Chopin is likely on the hook for this, if it's an individual who broke it.
I'm just going to wait it out for 24 hours. If the situation hasn't improved by then, I'll be opening a ticket with Canonical (assuming someone hasn't opened a ticket by then). It is clearly a dependency version-locking problem somewhere in the dependency tree.
Edit: guiverc is correct, 3.0.2-0ubuntu1.4 is what is "the latest" (what happened to 1.2 and 1.3? yikes), but the entire package infrastructure is not 100% aware of that change yet. So we're back to my above paragraph, last line.
It appears that your OpenSSL binary was correctly upgraded to version 3.0.7, but the library is still pointing to the old version 3.0.2. To fix this, you need to update the library path to point to the new version.
First, check where your OpenSSL library is located. Based on your find command output, it seems to be in /usr/local/ssl/lib64/libssl.so.3.
Next, you need to update the library path for the system to look for the new version. You have already added /usr/local/ssl/lib to /etc/ld.so.conf.d/openssl-3.0.7.conf, but you need to also run the ldconfig command to update the library cache with the new path:
sudo ldconfig
This should update the library cache to include the new OpenSSL library path.
Finally, check if the library version has been updated by running:
ldd $(which openssl)
This should show the library path used by openssl. If it still shows the old version, try running ldd with the path to the openssl binary in /usr/local/ssl/bin.
If the library path has been updated, running openssl version should now show the correct version for both the binary and the library.
openssl version -a
I hope this helps!
Even though the versions of OpenSSL in Ubuntu correspond to older versions, they are patched to include fixes for known security issues.
For example, in 20.04 (the latest LTS):
openssl (1.1.1f-1ubuntu2.12) focal-security; urgency=medium
* SECURITY UPDATE: Infinite loop in BN_mod_sqrt()
- debian/patches/CVE-2022-0778-1.patch: fix infinite loop in
crypto/bn/bn_sqrt.c.
- debian/patches/CVE-2022-0778-2.patch: add documentation of
BN_mod_sqrt() in doc/man3/BN_add.pod.
- debian/patches/CVE-2022-0778-3.patch: add a negative testcase for
BN_mod_sqrt in test/bntest.c, test/recipes/10-test_bn_data/bnmod.txt.
- CVE-2022-0778
In 21.10 (the latest release):
openssl (1.1.1l-1ubuntu1.2) impish-security; urgency=medium
* SECURITY UPDATE: Infinite loop in BN_mod_sqrt()
- debian/patches/CVE-2022-0778-1.patch: fix infinite loop in
crypto/bn/bn_sqrt.c.
- debian/patches/CVE-2022-0778-2.patch: add documentation of
BN_mod_sqrt() in doc/man3/BN_add.pod.
- debian/patches/CVE-2022-0778-3.patch: add a negative testcase for
BN_mod_sqrt in test/bntest.c, test/recipes/10-test_bn_data/bnmod.txt.
- CVE-2022-0778
See also the corresponding security notice.
On supported releases of Ubuntu (and other distributions), you shouldn’t ever need to build software yourself to address security issues, as long as you keep your installations updated.