Paul A wrote:
Hi,I was compiling a new version of bind on my centos 4.6 server and I discovered that the openssl version (openssl-0.9.7a-43.17.el4_6.1) has several exploits associated with it. I was wondering aside from removing the RPM and compiling a new version of openssl how can I upgrade my current openssl-0.9.7a-43.17.el4_6.1 to a newerversion that is affected by the exploits. I know I can yum update openssl as that's is the last version for openssl for version 4. What can I do upgrade openssl? Is it possible to update the server from 4.6 to 5?, is this something that Iwant to do or is there a better way? TIA, Paul
Paul, For the record, see this about what backporting is: http://tinyurl.com/r77l2RedHat backports fixes to all it's enterprise versions to minimize api/abi changes and create seucre software that functions consistently throught it's lifetime without having to rewrite custom software.
That is the whole reason to have enterprise software, so you do not have to do major program upgrades every 6 months.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
