Hi Shruti, As per openssl, version 0.98e is not infected with hearbleed issue. You can check on below link. http://www.openssl.org/news/secadv_20140407.txt
Regards, Lokesh Jangir On Thu, Apr 24, 2014 at 6:47 PM, Shruti Palshikar <shr...@buysidefx.com>wrote: > Thanks everyone for the help, does anybody know if RHEL5 with version > 0.98e of openssl has a fix for TLS/SSL renegotiation vulnerability? > > > On Thu, Apr 24, 2014 at 7:40 AM, Hubert Kario <hka...@redhat.com> wrote: > >> ----- Original Message ----- >> >> > From: "Shruti Palshikar" <shr...@buysidefx.com> >> > To: openssl-dev@openssl.org >> > Sent: Wednesday, 23 April, 2014 5:50:45 PM >> > Subject: Upgrading OpenSSL on RHEL5 >> >> > Hello, >> >> > I am trying to upgrade my openSSL version on RHEL5. WHen I tried to >> update it >> > using yum commad (it kept pausing with the messages - No packages >> marked for >> > update) I found out that this was not installed from the source but was >> > present along with RHEL in the /usr directory. Following are some >> helpful >> > commands to give you an idea of the machine and openSSL I am using >> >> OpenSSL version shipped in RHEL 5 is the newest version that's compatible >> with >> other applications and tools shipped in this RHEL version. It does have >> all >> the important bug fixes and security fixes backported (if you think it is >> missing something, please contact us through Customer Portal). >> >> If you want to have a newer openssl version (e.g. to have support for >> AES-GCM or >> TLS1.2), you will have to upgrade to newer RHEL release (6.5). >> >> If you need only a single application to support newer cryptography, you >> shouldn't replace the system version of openssl with version 1.0.x or >> you will most likely break your install. >> >> -- >> Regards, >> Hubert Kario >> BaseOS QE Security team >> Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> Development Mailing List openssl-dev@openssl.org >> Automated List Manager majord...@openssl.org >> > > > > -- > Thanks, > Shruti Palshikar > 617 784 8358 > BuysideFX<https://app.getsignals.com/link?url=http%3A%2F%2Fwww.buysidefx.com%2F&ukey=agxzfnNpZ25hbHNjcnhyFAsSC1VzZXJQcm9maWxlGLr_3AMM&k=a1b9ff13b42c4509a0ed70bae764a41a> > *Solving foreign exchange problems * > *for institutional money managers* > >
