On Thu, 2005-06-16 at 16:56 -0700, Peter Loron wrote:
I'm running a CentOS 3.4 box. According to yum, the OpenSSL 0.9.7a-33.15 package I have installed is the latest available. A check of the OpenSSL website shows 0.9.7g source being the latest.
Is the CentOS 0.9.7a package patched to cover the same isues that the generic 0.9.7 source covers?
If not, what's my recourse? Build it by hand? If I need to build it, has anybody crossed that bridge?
Read this concerning backporting:
http://www.redhat.com/advice/speaks_backport.html
If you have a specific CAN number you are concerned about, do this:
rpm --changelog -q openssl | grep CAN-xxxx
(or just grep CAN to see all security issues)
RedHat is very proactive at doing security updates...and CentOS is very quick to push them as soon as RedHat does.