Latest version of Openssl for 6.5

[Solkanar]

Greetings,

A client has Centos 6.5 on multiple machines, with the original openssl-1.0.1e-15.el6.x86_64 installed.

yum info openssl show's an available version:

Available Packages
Name : openssl
Arch : x86_64
Version : 1.0.1e
Release : 30.el6

So my question is, since there are multiple vulnerabilites on 1.0.1e->h, is this the latest version I can get for 6.5?
Perhaps the latest fixes have been backported to it? (unlikely)

Upgrading from 6.5 is not possible atm.

Thanks in advance
Solk

[TrevorH]

If you have a requirement to stick to a particular point release then you should not be using CentOS, you should be using RHEL itself and subscribing to their EUS service. This allows you to stick on the particular point release and still receive security updates. CentOS does not have this option. You either update to the latest all the time, or you have security vulnerabilities. CentOS 6.5 went out of support immediately that 6.6 was released and there are no further updates from that point onwards... well, more accurately 6.6 is the update.

The latest openssl for CentOS 6 is openssl-1.0.1e-48.el6_8.4.x86_64

You need to read the RHEL backporting page https://access.redhat.com/security/updates/backporting/ to discover how updates are handled on RHEL (and thus CentOS).

CentOS 6.5 came out in late 2013 and was superceded by 6.6 in October 2014. That is MORE than enough time to update to a newer version. You should not be sticking on a version without running yum update for 3 *years*. Security updates are released all the time and need to be implemented in a timely manner.

So the answer is yum update and get yourself to 6.8 ASAP. 6.9 is already in beta upstream and will be coming along soon.

[Solkanar]

Trevor,

thank you very much for your fast reply and suggestions, we will certainly take them into consideration.

Solk