Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

OpenSSL Upgrade Time

Discussion in 'General Discussion' started by ecoutez, Aug 2, 2002.

  1. ecoutez

    ecoutez Well-Known Member

    Joined:
    May 23, 2002
    Messages:
    152
    Likes Received:
    0
    Trophy Points:
    316
    Don't mean to seem impatient, but it looks like the Apache script on layer1.cpanel.net hasn't yet been updated to include a new or patched version of OpenSSL. I just ran the easyapache and confirmed that it's still using OpenSSL 0.9.6b which has a security vulnerability: http://www.openssl.org/news/secadv_20020730.txt

    Safe to assume an updated buildapache.sea in the works?

    Thanks,
    Jason
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Nadeem

    Nadeem Member

    Joined:
    May 1, 2002
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    301
    how about a patch file for OpenSSL, why dont we have to rebuild apache!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. awsol

    awsol cPanel Test Bitch

    Joined:
    Feb 8, 2002
    Messages:
    591
    Likes Received:
    0
    Trophy Points:
    316
    Location:
    Boston MA
    OpenSSL updates don't require apache updates. OpenSSL will be updated when redhat releases the RPM.
     
  4. ecoutez

    ecoutez Well-Known Member

    Joined:
    May 23, 2002
    Messages:
    152
    Likes Received:
    0
    Trophy Points:
    316
    RedHat released openssl-0.9.6b-24

    Looks like RedHat released a patched 0.9.6 version (b-24) which DarkOrb included in its updates. So my CPanel servers are all updated. :)

    For others wondering, 'rpm -q openssl' from the shell should show this version if you've received the update.

    I'm surprised that Apache doesn't need to be recompiled. I heard that OpenSSL incremented the version number of the shared library, so that anything compiled against it would have to be updated. Maybe this is only the case if you upgrade to the 0.9.6e? Makes sense to me. ;)

    - Jason
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. SHSaeed

    SHSaeed Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    316
    Yes, to update to the new OpenSSL, simply run [b:3ae7526896]/scripts/upcp[/b:3ae7526896]
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice