Paul A wrote: > Hi, > > I was compiling a new version of bind on my centos 4.6 server and I > discovered that the openssl version (openssl-0.9.7a-43.17.el4_6.1) has > several exploits associated with it. > I was wondering aside from removing the RPM and compiling a new version of > openssl how can I upgrade my current openssl-0.9.7a-43.17.el4_6.1 to a newer > version that is affected by the exploits. > I know I can yum update openssl as that's is the last version for openssl > for version 4. > > What can I do upgrade openssl? > Is it possible to update the server from 4.6 to 5?, is this something that I > want to do or is there a better way? > > > TIA, Paul Paul, For the record, see this about what backporting is: http://tinyurl.com/r77l2 RedHat backports fixes to all it's enterprise versions to minimize api/abi changes and create seucre software that functions consistently throught it's lifetime without having to rewrite custom software. That is the whole reason to have enterprise software, so you do not have to do major program upgrades every 6 months. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080202/5d7a505d/attachment-0004.sig>