About upgrading openssl

[omenix]

Just wondering if I upgrade the openssl will clash with the cpanel ?

 

[chirpy]

More than likely, yes. It will also probably kill SSH too. What OS are you running and is there a particular reason you want to upgrade it outside of the vendor supplied version?

 

[omenix]

Im running CentOS 3.5 and looks like theres a new version of openssl also with the openssh 3.91 if Im not mistaken.. my reason of upgrading is because I have to ensure that my current servers is up to date for security purpose and thank you for the reply.

Cheeers.

 

[chirpy]

You do not need to update either. RedHat (and by extension CentOS) back-port fixes into known stable version of applications and libraries. The versions that they provide via up2date or yum contain the latest bug fixes for the vulnerabilities found in such apps. There's no need to upgrade either. In fact, doing so can make your server less secure.

If, for some reason, you decide to do so, then you should make sure that you never allow yum to update openssl or openssh again as it will likely break them both, so they should be in your exclude list in yum.conf. You then are responsible for maintaining whatever uses the openssl libraries and openssh itself and you have to keep them up to date and watch the security lists constantly and upgrade in a timely manner.

If you choose to leave them alone, RedHat and CentOS do all that for you and react much more quickly as they are usually forewarned of imminent disclosure and have usually released secured back-ported versions - that's the whole point of an Enterprise OS.

 

[omenix]

Okay thank you for the information but 1 more thing .. the Fantastico is missing on 1 of my servers .. where can I verify this? I've checked the addon scripts but I can't find the Fantastico addon.

This is my cpanel version without fantastico
WHM 10.6.0 cPanel 10.6.0-R55

 

[chirpy]

That's a fantastico bug which you can get the fix for over in the forums at http://www.netenberg.com/forum