The current rawhide updates include openssh-3.9p1-12 which requires, provided, openssl-0.9.7e. The catch is that this makes 'libssl.so.5' and 'libcrypt.so.5' while most anything on a system which refers to these libraries, and that is a lot, want to see 'libssl.so.4' and 'libcrypt.so.4'. So we have new packages 'openssl097a' which supply these. Rejoice. The catch is that yum is not picking up these packages at all and does not seem to notice the above. I tried different things and no dice. Eventually I ended up with something like yum -c local.conf install openssl097a openssl-0.9.7e With -d5 that produced the following: Reading Local RPMDB No other openssl097a installed, adding to list for potential install reduced installs : openssl097a.x86_64 0:0.9.7a-1 potential updates : openssl.x86_64 0:0.9.7e-2 Setting up Repos Reading repository metadata in from local files Setting up Package Sacks Building updates object Resolving Dependencies 1109719670.63 --> Populating transaction set with selected packages. Please wait. Member: openssl097a.x86_64 0-0.9.7a-1 - u Adding Package openssl097a - 0.9.7a-1.x86_64 in mode u ---> Package openssl097a.x86_64 0:0.9.7a-1 set to be updated Member: openssl.x86_64 0-0.9.7e-2 - u Adding Package openssl - 0.9.7e-2.x86_64 in mode u ---> Package openssl.x86_64 0:0.9.7e-2 set to be updated --> Running transaction check # of Deps = 1 Dep Number: 1/1 --> Processing Conflict: openssl097a conflicts openssl <= 0.9.7a openssl097a conflicts: openssl <= 0.9.7a miss = 0 conf = 1 CheckDeps = 0 --> Finished Dependency Resolution Dependency Process ending Error: openssl097a conflicts with openssl <= 0.9.7a And that was it. So what is an "official" way to get out of that maze? I eventually gave up and did 'rpm -Uvh --nodeps ...' on these packages which allowed me to follow with the rest. Bugs in package dependencies or in yum? Or just the way that it is ...? There is another catch. 'kdelibs', the latest one and obviously also everytning, wants explicitly 'openssl = 0.9.7a' instead of "*.so.4" and is not going to be satisfied with openssl097a. But that is yet another story. Michal