Thanks Alex. I'm assuming that if another security exploit is found that the openssl version number who change on the repo correct, if not how would yum know to update? Thanks, Paul P.A > -----Original Message----- P.A > From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On P.A > Behalf Of Alex White P.A > Sent: Friday, February 01, 2008 1:13 PM P.A > To: CentOS mailing list P.A > Subject: Re: centos 4.6 and openssl P.A > P.A > On Fri, 1 Feb 2008 12:49:10 -0500 P.A > "Paul A" <razor@xxxxxxxxxxx> took out a #2 pencil and scribbled: P.A > P.A > > Hi, P.A > > P.A > > I was compiling a new version of bind on my centos 4.6 server and P.A > > I discovered that the openssl version P.A > > (openssl-0.9.7a-43.17.el4_6.1) has several exploits associated P.A > > with it. I was wondering aside from removing the RPM and P.A > > compiling a new version of openssl how can I upgrade my current P.A > > openssl-0.9.7a-43.17.el4_6.1 to a newer version that is affected P.A > > by the exploits. I know I can yum update openssl as that's is the P.A > > last version for openssl for version 4. P.A > > P.A > > What can I do upgrade openssl? P.A > > Is it possible to update the server from 4.6 to 5?, is this P.A > > something that I want to do or is there a better way? P.A > > P.A > > P.A > > TIA, Paul P.A > P.A > Security fixes are backported, so the version number is not a good P.A > indicator of security vulnerabilities. You may wish to look at the P.A > change log associated with the rpm. P.A > P.A > rpm -q --changelog openssl P.A > P.A > HTH P.A > P.A > -- P.A > ethericalzen@xxxxxxxxx P.A > Life is a prison, death is a release P.A > _______________________________________________ P.A > CentOS mailing list P.A > CentOS@xxxxxxxxxx P.A > http://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos