Ray Leventhal wrote: > mailadmin@xxxxxxxxxxxxxx wrote: >> Dear All, >> >> I have centos 4.5 final and when i installed it there is a openssl version >> openssl-0.9.7a-43.16 .. >> >> i need to upgrade it to openssl 0.9.8 .. >> also when i try to uninstall it it gives me a failed dependency errror >> >> actually i did a nodeps and uninstalled openssl ver 0.9.8 but when my >> sendmail was restatered compalined saying libssl.so.4 missing or error >> >> actually i found that thaere was libssl.so.6 in /lib directory. >> >> if i say yum update openssl or yum install openssl it searches the >> repositories and says nothin to do. >> >> How can i upgrade my openssl... >> >> apprecite if u can guide me >> > HI Simon, > > I'm no expert, but when I've run into this type of issue with an > installed component on CentOS 5, I've learned here that performing: > > yum clean > yum update > > often does the trick. > In this case he wants a version of openssl that is not in CentOS-4.5 ... probably because some lame "vulnerability checker" says that he needs "greater than version 0.9.8 of openssl" to fix a specific vulnerability. Checkers like that do not take into account that Red Hat will fix CVE's by the backport method in their enterprise software: http://www.redhat.com/advice/speaks_backport.html So ... if the problem is a vulnerability checker, then what you need is the CVE number of the problem and look for it here: https://rhn.redhat.com/errata/rhel4as-errata.html (go into openssl updates and look for that CVE) You should also (if the problem is fixed) tell the maker of your scanner that it does not take into account the Enterprise software used in 85% of enterprise linux deployments ... and that it probably should do so if it expects to be taken seriously in the enterprise. Thanks, Johnny Hughes
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos