On Fri, 1 Feb 2008 12:49:10 -0500 "Paul A" razor@meganet.net took out a #2 pencil and scribbled:
Hi,
I was compiling a new version of bind on my centos 4.6 server and I discovered that the openssl version (openssl-0.9.7a-43.17.el4_6.1) has several exploits associated with it. I was wondering aside from removing the RPM and compiling a new version of openssl how can I upgrade my current openssl-0.9.7a-43.17.el4_6.1 to a newer version that is affected by the exploits. I know I can yum update openssl as that's is the last version for openssl for version 4.
What can I do upgrade openssl? Is it possible to update the server from 4.6 to 5?, is this something that I want to do or is there a better way?
TIA, Paul
Security fixes are backported, so the version number is not a good indicator of security vulnerabilities. You may wish to look at the change log associated with the rpm.
rpm -q --changelog openssl
HTH