Thanks M.Roth. Any could locate a non-vulnerable OPSWopenssl rpm for my x86_64 RHEL 5.x & 6.x ? I would like to download it On Fri, Jun 13, 2014 at 10:46 PM, <m.roth@xxxxxxxxx> wrote: > Sunhux G wrote: > > Reckoned the script uses OPSWopenssl (though I can't > > grep the string OPSWopenssl in the script) : > > > http://tekknotes.blogspot.sg/2014/04/hp-server-automation-and-heartbleed.html > > > > We can't wait for our local HP; anyone knows where to download > > a non-vulnerable version of this HP Server Automation's Openssl ? > > > > In my case, yum would not work as this rpm is not from RHN. > > Long way to figure this out > > > Sure it would: yum localinstall, or, if you were on the 'Net, yum install > ... --enablerepo=<repo> > > mark > > > > SH > > > > > > On Fri, Jun 13, 2014 at 10:14 PM, Sunhux G <sunhux@xxxxxxxxx> wrote: > > > >> > >> Think I figured it out: > >> the Opsgw software uses a different rpm *:* > >> # rpm -q --qf "%{NAME}-%{VERSION}.%{RELEASE}.%{ARCH}\n" OPSWopenssl > >> OPSWopenssl-0.9.8g.1.x86_64 > >> > >> > >> Does RHN has this version? I can't seem to locate it > >> > >> > >> > >> On Fri, Jun 13, 2014 at 10:05 PM, Sunhux G <sunhux@xxxxxxxxx> wrote: > >> > >>> > >>> Our network blocks Internet access & Security Gov team > >>> disallows. I don't know how to set up a yum repo which > >>> I've been enquiring for a while: anyone care to share? > >>> > >>> David is right that I'll need to use the specific format of the > >>> rpm command. I'm curious why on my server (this is my > >>> first time in this new environment), the openssl devel is > >>> x86_64 while the openssl is i686 : thought they're meant > >>> for different architecture? > >>> > >>> # rpm -q --qf "%{NAME}-%{VERSION}.%{RELEASE}.%{ARCH}\n" openssl-devel > >>> openssl-devel-0.9.8e.27.el5_10.3.x86_64 > >>> > >>> > >>> After updating it & restart the service, the *version is still a* > >>> *vulnerable* version: Any idea why? > >>> > >>> # cd /opt/opsware/etc/init.d > >>> ./opswgw-cgws1-GCLOUDMAZ start > >>> Starting opswgw: [ OK ] > >>> > >>> # ./ fake-client-early-ccs.pl localhost 443 Got server response, size: > >>> 2953 > >>> - Handshake - Server Hello > >>> - Handshake - Certificate > >>> - Handshake - Server Key Exhange > >>> - Handshake - Server Hello Done > >>> FAIL Remote host is affected > >>> # openssl version > >>> OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 > >>> > >>> > >>> > >>> > >>> > >>> > >>> On Fri, Jun 13, 2014 at 9:42 PM, Jonathan Billings <jsbillin@xxxxxxxxx > > > >>> wrote: > >>> > >>>> On Fri, Jun 13, 2014 at 9:23 AM, Sunhux G <sunhux@xxxxxxxxx> wrote: > >>>> > >>>> > I'll attempt anyway but should I use "rpm -ivh ..." or > >>>> > "rpm -Uvh ..." this time? > >>>> > > >>>> > >>>> Why aren't you using 'yum'? Your problem would have been obvious if > >>>> you > >>>> had just used it. 'yum' was written specifically to help with these > >>>> types > >>>> of situations. > >>>> > >>>> If you don't have direct access to RHN (air-gapped system for > >>>> example), > >>>> you > >>>> can always copy the packages into a local yum repo and use yum instead > >>>> of > >>>> 'rpm'. > >>>> > >>>> -- > >>>> Jonathan Billings <jsbillin@xxxxxxxxx> > >>>> College of Engineering - CAEN - Unix and Linux Support > >>>> -- > >>>> redhat-list mailing list > >>>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >>>> https://www.redhat.com/mailman/listinfo/redhat-list > >>>> > >>> > >>> > >> > > -- > > redhat-list mailing list > > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
