Paul A wrote:
Hi,
I was compiling a new version of bind on my centos 4.6 server and I discovered that the openssl version (openssl-0.9.7a-43.17.el4_6.1) has several exploits associated with it. I was wondering aside from removing the RPM and compiling a new version of openssl how can I upgrade my current openssl-0.9.7a-43.17.el4_6.1 to a newer version that is affected by the exploits. I know I can yum update openssl as that's is the last version for openssl for version 4.
What can I do upgrade openssl? Is it possible to update the server from 4.6 to 5?, is this something that I want to do or is there a better way?
TIA, Paul
Paul,
For the record, see this about what backporting is:
RedHat backports fixes to all it's enterprise versions to minimize api/abi changes and create seucre software that functions consistently throught it's lifetime without having to rewrite custom software.
That is the whole reason to have enterprise software, so you do not have to do major program upgrades every 6 months.