OpenSSL version question

Support for webhosts that use CentOS
Post Reply
teleute
Posts: 3
Joined: 2007/02/05 03:02:07

OpenSSL version question

Post by teleute » 2007/02/05 03:09:47

A couple of questions about the OpenSSL version on CentOS 3.8. I just did an upgrade, and it's showing 0.9.7a-33.21. First, I thought -43 something was the newest? Second, I have a client on the webserver who subscribes to the Security Metrics service, and it's showing a bunch of high alerts because the OpenSSL version is below 0.9.7b. I understand that CentOS is backporting the update, so theoretically it's still secure, but I don't have a way of telling Security Metrics that, and the client is freaking out. Does anyone have any suggestions? Thank you!

pjwelsh
Posts: 2589
Joined: 2007/01/07 02:18:02
Location: Central IL USA

OpenSSL version question

Post by pjwelsh » 2007/02/05 13:51:53

http://centos.org/modules/news/index.php?storytopic=7
will be a good start for that kind of info for your CentOS 3.8

teleute
Posts: 3
Joined: 2007/02/05 03:02:07

Re: OpenSSL version question

Post by teleute » 2007/02/06 08:10:35

I'm sorry...I'm not sure I understand where I should be looking in that link. I went through every entry under it and didn't see a mention of OpenSSL. Did I miss something? Thanks!

pjwelsh
Posts: 2589
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Re: OpenSSL version question

Post by pjwelsh » 2007/02/06 16:21:30

Sorry, my bad. I thought the advisories were reposted here. For RHEL 3.x (and thus CentOS 3.x) items looks at:
https://rhn.redhat.com/errata/rhel3as-errata.html
For a better idea of what was changed and why.

teleute
Posts: 3
Joined: 2007/02/05 03:02:07

Re: OpenSSL version question

Post by teleute » 2007/02/06 19:05:37

Ah...so it looks like it's just -33 because it's for v.3, instead of -43 which is for v.4. That makes sense - thanks.

Any ideas on how to get automated systems to recognise we're up to update, even though they're looking for a higher version number? I've seen a few people on various forums with this problem with the RH variants (since most other OSs appear not to use a custom version of this, and therefore have different version numbers), but no solution yet...:-(

It'd be nice if they changed the version numbers to stay the same as the standard version when they made changes, instead of their own numbering system - it can cause issues.

Post Reply