OpenSSL 0.9.8k or higher on CentOS 5?

linux centos rpm openssl
11,435

Solution 1

Let me guess - PCI?

What you really want is to look at Red Hat's CVE archives (which CentOS is based on) and verified whether the vulnerability has been fixed based on that list (most of the time, it has been). If you are using a third-party scanner that doesn't recognize your current version, look up the OVAL definitions to see the status of the vulnerabilities as well as whether the fixes were back ported; from there, you can map them to the current "generic" versions of your applications / libraries (in this case, OpenSSL).

Red Hat's link gives more details (which CentOS reference) as their backports policy. You may want to review it and save yourself the trouble of rebuilding OpenSSL.

Solution 2

Be aware that RedHat backports security fixes and such to packages and only increments the package subversion number and not the versioning of the package. Since Centos comes directly from RedHat, I might expect the same from their packaging as well.

Solution 3

Upgrade to Centos 6. It has version 1.0.0 built-in. See the list of packages and RPMs here: http://mirror.centos.org/centos/6/os/i386/Packages/

But it is never a good idea to install two versions of the same software on one system.

Share:
11,435

Related videos on Youtube

davr
Author by

davr

Hello World

Updated on September 17, 2022

Comments

  • davr
    davr over 1 year

    I need to upgrade OpenSSL on my CentOS server to 0.9.8k or higher, however the latest version in the official CentOS repositories is 0.9.8e, much too old. Is there a 3rd party repository I can use that has newer versions of OpenSSL libraries? If not, can someone provide a quick walkthrough of compiling a newer version of OpenSSL for CentOS? I need it to replace the built in version, so the walkthrough would have to explain how to create a CentOS-compatible RPM.

    • Stefan Lasiewski
      Stefan Lasiewski over 12 years
      Myself, I am looking for specific OpenSSL features, such as Server Name Indication. Apparently there are no OpenSSL 1.x RPMs available for EL5, so I'd simply need to compile or roll my own RPMs to install to /opt or elsewhere , and tell specific applications to use those specific OpenSSL libraries.
  • Stefan Lasiewski
    Stefan Lasiewski over 12 years
    Important to note that there is no supported "upgrade" from 5.x to 6.x. RedHat says "Red Hat does not support in-place upgrades between any major versions of Red Hat Enterprise Linux".
  • mailq
    mailq over 12 years
    @StefanLasiewski How bad is that! Says a proud user of Debian (and derivates) where these impediments don't exist.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Repairing replaced OpenSSL installation
Header V3 RSA/SHA1 Signature, key ID c105b9de: BAD
How to download yum packages on windows (or online in browser)
Trying to install libcurl on a Linux RHEL, unable to install openssl
Uninstall / remove RPM
Determining Yum repo URL
How to resolve rpm dependencies
Find where packages have been installed using rpm
How to completely uninstall a package (including all extra files that came with it) using yum (or rpm)?
~/.rpmmacros and how to view/add to it