The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

About upgrading openssl

Discussion in 'General Discussion' started by omenix, Aug 26, 2005.

  1. omenix

    omenix Active Member

    Joined:
    Aug 24, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    /dev/null
    Just wondering if I upgrade the openssl will clash with the cpanel ?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    More than likely, yes. It will also probably kill SSH too. What OS are you running and is there a particular reason you want to upgrade it outside of the vendor supplied version?
     
  3. omenix

    omenix Active Member

    Joined:
    Aug 24, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    /dev/null
    Im running CentOS 3.5 and looks like theres a new version of openssl also with the openssh 3.91 if Im not mistaken.. my reason of upgrading is because I have to ensure that my current servers is up to date for security purpose and thank you for the reply.

    Cheeers.
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You do not need to update either. RedHat (and by extension CentOS) back-port fixes into known stable version of applications and libraries. The versions that they provide via up2date or yum contain the latest bug fixes for the vulnerabilities found in such apps. There's no need to upgrade either. In fact, doing so can make your server less secure.

    If, for some reason, you decide to do so, then you should make sure that you never allow yum to update openssl or openssh again as it will likely break them both, so they should be in your exclude list in yum.conf. You then are responsible for maintaining whatever uses the openssl libraries and openssh itself and you have to keep them up to date and watch the security lists constantly and upgrade in a timely manner.

    If you choose to leave them alone, RedHat and CentOS do all that for you and react much more quickly as they are usually forewarned of imminent disclosure and have usually released secured back-ported versions - that's the whole point of an Enterprise OS.
     
  5. omenix

    omenix Active Member

    Joined:
    Aug 24, 2005
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    /dev/null
    Okay thank you for the information but 1 more thing .. the Fantastico is missing on 1 of my servers .. where can I verify this? I've checked the addon scripts but I can't find the Fantastico addon.

    This is my cpanel version without fantastico
    WHM 10.6.0 cPanel 10.6.0-R55
     
    #5 omenix, Aug 26, 2005
    Last edited: Aug 26, 2005
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
Loading...

Share This Page