Updating OpenSSL on CentOS

phpAddict

Active Member
Hey all,

So I have a personal CentOS server I put together for ColdFusion, and OpenSSL only allows yum update to version 1.0.1e which is vulnerable. Why doesn't it allow an upgrade to at least 1.0.1g?!?!? :confused: I see that CentOS servers here at KH are up to date. Anyone know how and where I can safely install the latest version of OpenSSL without crippling my server?

Thanks for your assistance!
 

KH-Jonathan

Director of Managed Services
Staff member
Hey all,

So I have a personal CentOS server I put together for ColdFusion, and OpenSSL only allows yum update to version 1.0.1e which is vulnerable. Why doesn't it allow an upgrade to at least 1.0.1g?!?!? :confused: I see that CentOS servers here at KH are up to date. Anyone know how and where I can safely install the latest version of OpenSSL without crippling my server?

Thanks for your assistance!
RHEL/CentOS backported the security fixes from 1.0.1g to 1.0.1e. You're in good shape :)
 

KH-Jonathan

Director of Managed Services
Staff member
Did you update/restart Apache after installing the updated version from yum? Gotta make sure you've got a version built against the new openssl and not the old.
 

phpAddict

Active Member
I swear I did, but I'm clearing out and reinstalling OpenSSL right now and will restart the whole server, then test again.

Thanks Jonathan.
 

phpAddict

Active Member
Thanks for that too. I have a few domains pointing to this server so I had hoped trying a different domain name would get around the cache issue, but still shows vulnerable.

openssl-1.0.1e-34.el7_0.6.x86_64 which is the same version available from updates. :mad:
 
Top