On Fri, 1 Feb 2008 12:49:10 -0500
"Paul A" <razor@xxxxxxxxxxx> took out a #2 pencil and scribbled:
> Hi,
>
> I was compiling a new version of bind on my centos 4.6 server and
> I discovered that the openssl version
> (openssl-0.9.7a-43.17.el4_6.1) has several exploits associated
> with it. I was wondering aside from removing the RPM and
> compiling a new version of openssl how can I upgrade my current
> openssl-0.9.7a-43.17.el4_6.1 to a newer version that is affected
> by the exploits. I know I can yum update openssl as that's is the
> last version for openssl for version 4.
>
> What can I do upgrade openssl?
> Is it possible to update the server from 4.6 to 5?, is this
> something that I want to do or is there a better way?
>
>
> TIA, Paul
Security fixes are backported, so the version number is not a good
indicator of security vulnerabilities. You may wish to look at the
change log associated with the rpm.
rpm -q --changelog openssl
HTH
--
ethericalzen@xxxxxxxxx
Life is a prison, death is a release
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
