Re: OpenSSL 0.9.7a seems to be vulnerable (was: Re: LKM Trojan)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



James Mckenzie wrote:
You are correct. However there were two security releases after this update. I still lean towards installing OpenSSL 0.9.7e directly from the OpenSSL web site. However, there may be a further release through the FC Updates site. In order to properly install the direct download, I would have to rpm -e (or yum remove) the installed rpm from FC and then install (and hope I don't break anything) the OpenSSL code. This is an "advantage" of living on the "Bleeding Edge".

Or: you could build an RPM of openssl 0.9.7e and rpm -Uvh that. You could try getting the SRPM for the FC3 openssl, swapping the 0.9.7e source in in place of the 0.9.7a source and removing the patches, then build it.


Paul.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux