Updating OpenSSL on CentOS

Discussion in 'Linux VPS/Dedicated - General' started by phpAddict, Dec 17, 2014.

  1. phpAddict

    phpAddict Active Member

    Hey all,

    So I have a personal CentOS server I put together for ColdFusion, and OpenSSL only allows yum update to version 1.0.1e which is vulnerable. Why doesn't it allow an upgrade to at least 1.0.1g?!?!? :confused: I see that CentOS servers here at KH are up to date. Anyone know how and where I can safely install the latest version of OpenSSL without crippling my server?

    Thanks for your assistance!
     
  2. KH-Jonathan

    KH-Jonathan Director of Managed Services Staff Member

    RHEL/CentOS backported the security fixes from 1.0.1g to 1.0.1e. You're in good shape :)
     
  3. KH-Jonathan

    KH-Jonathan Director of Managed Services Staff Member

  4. phpAddict

    phpAddict Active Member

  5. KH-Jonathan

    KH-Jonathan Director of Managed Services Staff Member

    Did you update/restart Apache after installing the updated version from yum? Gotta make sure you've got a version built against the new openssl and not the old.
     
  6. phpAddict

    phpAddict Active Member

    I swear I did, but I'm clearing out and reinstalling OpenSSL right now and will restart the whole server, then test again.

    Thanks Jonathan.
     
  7. KH-Jonathan

    KH-Jonathan Director of Managed Services Staff Member

    Be wary, that site does say it caches results for up to 6 hours.
     
  8. phpAddict

    phpAddict Active Member

    Thanks for that too. I have a few domains pointing to this server so I had hoped trying a different domain name would get around the cache issue, but still shows vulnerable.

    openssl-1.0.1e-34.el7_0.6.x86_64 which is the same version available from updates. :mad:
     

Share This Page