About upgrading openssl

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
More than likely, yes. It will also probably kill SSH too. What OS are you running and is there a particular reason you want to upgrade it outside of the vendor supplied version?
 

omenix

Active Member
Aug 24, 2005
38
0
156
/dev/null
Im running CentOS 3.5 and looks like theres a new version of openssl also with the openssh 3.91 if Im not mistaken.. my reason of upgrading is because I have to ensure that my current servers is up to date for security purpose and thank you for the reply.

Cheeers.
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
You do not need to update either. RedHat (and by extension CentOS) back-port fixes into known stable version of applications and libraries. The versions that they provide via up2date or yum contain the latest bug fixes for the vulnerabilities found in such apps. There's no need to upgrade either. In fact, doing so can make your server less secure.

If, for some reason, you decide to do so, then you should make sure that you never allow yum to update openssl or openssh again as it will likely break them both, so they should be in your exclude list in yum.conf. You then are responsible for maintaining whatever uses the openssl libraries and openssh itself and you have to keep them up to date and watch the security lists constantly and upgrade in a timely manner.

If you choose to leave them alone, RedHat and CentOS do all that for you and react much more quickly as they are usually forewarned of imminent disclosure and have usually released secured back-ported versions - that's the whole point of an Enterprise OS.
 

omenix

Active Member
Aug 24, 2005
38
0
156
/dev/null
Okay thank you for the information but 1 more thing .. the Fantastico is missing on 1 of my servers .. where can I verify this? I've checked the addon scripts but I can't find the Fantastico addon.

This is my cpanel version without fantastico
WHM 10.6.0 cPanel 10.6.0-R55
 
Last edited: