openssl 1.0.2o update

General support questions
Post Reply
Park
Posts: 4
Joined: 2018/04/16 03:59:00

openssl 1.0.2o update

Post by Park » 2018/04/16 04:27:15

I'm using centos 7.4.1708
The current openssl version is 1.0.2k
I want to upgrade the openssl version(1.0.2o) through yum.
When I execute the yum update openssl command, the openssl version is displayed as the latest.
How can I update the openssl version with yum?
If we can't do it now, when can we make it?

User avatar
TrevorH
Forum Moderator
Posts: 23500
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: openssl 1.0.2o update

Post by TrevorH » 2018/04/16 06:17:40

You a) cannot b) should not and c) probably don't need to do this.

Why do you think you need to do so?

Please read https://access.redhat.com/security/updates/backporting to discover how security fixes are backported from newer versions to the versions that come as part of RHEL (and thus CentOS).
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Park
Posts: 4
Joined: 2018/04/16 03:59:00

Re: openssl 1.0.2o update

Post by Park » 2018/04/16 06:26:19

The openssl 1.0.2k version has a vulnerability. , I want to upgrade the version.
If the source is installed without yum, there is a lot of work due to dependence on other packages
So I want to upgrade the openssl version through yum

When will openssl 1.0.1o be distributed through yum?
Can't you tell me the distribution plan?

User avatar
TrevorH
Forum Moderator
Posts: 23500
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: openssl 1.0.2o update

Post by TrevorH » 2018/04/16 06:41:36

The openssl 1.0.2k version has a vulnerability. , I want to upgrade the version.
What vulnerability? Got a CVE number? Did you read the RH link about how they handle this? Did you see there that it has doc on how to query the system to find out if that CVE has already been fixed?

1.0.1o will probably not come to CentOS 7. Openssl rebases are few and very far between and there has already been one for CentOS 7.4 which updated it from 1.0.1e to 1.02k. It is very unlikely that there will be another rebase but if there are CVEs then the fixes for those will get backported by RH to the RHEL 1.0.2k copy.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Park
Posts: 4
Joined: 2018/04/16 03:59:00

Re: openssl 1.0.2o update

Post by Park » 2018/04/16 06:56:56

CVE code is CVE-2018-0739

User avatar
TrevorH
Forum Moderator
Posts: 23500
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: openssl 1.0.2o update

Post by TrevorH » 2018/04/16 08:10:55

Current status can be seen on https://access.redhat.com/security/cve/cve-2018-0739 and the linked bugzilla entry.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Park
Posts: 4
Joined: 2018/04/16 03:59:00

Re: openssl 1.0.2o update

Post by Park » 2018/04/16 08:21:43

Where can I confirm the distribution date?

tunk
Posts: 384
Joined: 2017/02/22 15:08:17

Re: openssl 1.0.2o update

Post by tunk » 2018/04/16 09:40:28

Code: Select all

rpm -qi openssl
rpm -qa --last|more

Post Reply