Sunhux G wrote: > Reckoned the script uses OPSWopenssl (though I can't > grep the string OPSWopenssl in the script) : > http://tekknotes.blogspot.sg/2014/04/hp-server-automation-and-heartbleed.html > > We can't wait for our local HP; anyone knows where to download > a non-vulnerable version of this HP Server Automation's Openssl ? > > In my case, yum would not work as this rpm is not from RHN. > Long way to figure this out > Sure it would: yum localinstall, or, if you were on the 'Net, yum install ... --enablerepo=<repo> mark > > SH > > > On Fri, Jun 13, 2014 at 10:14 PM, Sunhux G <sunhux@xxxxxxxxx> wrote: > >> >> Think I figured it out: >> the Opsgw software uses a different rpm *:* >> # rpm -q --qf "%{NAME}-%{VERSION}.%{RELEASE}.%{ARCH}\n" OPSWopenssl >> OPSWopenssl-0.9.8g.1.x86_64 >> >> >> Does RHN has this version? I can't seem to locate it >> >> >> >> On Fri, Jun 13, 2014 at 10:05 PM, Sunhux G <sunhux@xxxxxxxxx> wrote: >> >>> >>> Our network blocks Internet access & Security Gov team >>> disallows. I don't know how to set up a yum repo which >>> I've been enquiring for a while: anyone care to share? >>> >>> David is right that I'll need to use the specific format of the >>> rpm command. I'm curious why on my server (this is my >>> first time in this new environment), the openssl devel is >>> x86_64 while the openssl is i686 : thought they're meant >>> for different architecture? >>> >>> # rpm -q --qf "%{NAME}-%{VERSION}.%{RELEASE}.%{ARCH}\n" openssl-devel >>> openssl-devel-0.9.8e.27.el5_10.3.x86_64 >>> >>> >>> After updating it & restart the service, the *version is still a* >>> *vulnerable* version: Any idea why? >>> >>> # cd /opt/opsware/etc/init.d >>> ./opswgw-cgws1-GCLOUDMAZ start >>> Starting opswgw: [ OK ] >>> >>> # ./ fake-client-early-ccs.pl localhost 443 Got server response, size: >>> 2953 >>> - Handshake - Server Hello >>> - Handshake - Certificate >>> - Handshake - Server Key Exhange >>> - Handshake - Server Hello Done >>> FAIL Remote host is affected >>> # openssl version >>> OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 >>> >>> >>> >>> >>> >>> >>> On Fri, Jun 13, 2014 at 9:42 PM, Jonathan Billings <jsbillin@xxxxxxxxx> >>> wrote: >>> >>>> On Fri, Jun 13, 2014 at 9:23 AM, Sunhux G <sunhux@xxxxxxxxx> wrote: >>>> >>>> > I'll attempt anyway but should I use "rpm -ivh ..." or >>>> > "rpm -Uvh ..." this time? >>>> > >>>> >>>> Why aren't you using 'yum'? Your problem would have been obvious if >>>> you >>>> had just used it. 'yum' was written specifically to help with these >>>> types >>>> of situations. >>>> >>>> If you don't have direct access to RHN (air-gapped system for >>>> example), >>>> you >>>> can always copy the packages into a local yum repo and use yum instead >>>> of >>>> 'rpm'. >>>> >>>> -- >>>> Jonathan Billings <jsbillin@xxxxxxxxx> >>>> College of Engineering - CAEN - Unix and Linux Support >>>> -- >>>> redhat-list mailing list >>>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe >>>> https://www.redhat.com/mailman/listinfo/redhat-list >>>> >>> >>> >> > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
