Hi Lokesh, I was referring to the TLS/SSL renegotiation vulnerability. Do you know if the 0.98e version has the fix?
On Thu, Apr 24, 2014 at 9:29 AM, LOKESH JANGIR <[email protected]>wrote: > Hi Shruti, > > As per openssl, version 0.98e is not infected with hearbleed issue. You > can check on below link. > http://www.openssl.org/news/secadv_20140407.txt > > Regards, > Lokesh Jangir > > > On Thu, Apr 24, 2014 at 6:47 PM, Shruti Palshikar <[email protected]>wrote: > >> Thanks everyone for the help, does anybody know if RHEL5 with version >> 0.98e of openssl has a fix for TLS/SSL renegotiation vulnerability? >> >> >> On Thu, Apr 24, 2014 at 7:40 AM, Hubert Kario <[email protected]> wrote: >> >>> ----- Original Message ----- >>> >>> > From: "Shruti Palshikar" <[email protected]> >>> > To: [email protected] >>> > Sent: Wednesday, 23 April, 2014 5:50:45 PM >>> > Subject: Upgrading OpenSSL on RHEL5 >>> >>> > Hello, >>> >>> > I am trying to upgrade my openSSL version on RHEL5. WHen I tried to >>> update it >>> > using yum commad (it kept pausing with the messages - No packages >>> marked for >>> > update) I found out that this was not installed from the source but was >>> > present along with RHEL in the /usr directory. Following are some >>> helpful >>> > commands to give you an idea of the machine and openSSL I am using >>> >>> OpenSSL version shipped in RHEL 5 is the newest version that's >>> compatible with >>> other applications and tools shipped in this RHEL version. It does have >>> all >>> the important bug fixes and security fixes backported (if you think it is >>> missing something, please contact us through Customer Portal). >>> >>> If you want to have a newer openssl version (e.g. to have support for >>> AES-GCM or >>> TLS1.2), you will have to upgrade to newer RHEL release (6.5). >>> >>> If you need only a single application to support newer cryptography, you >>> shouldn't replace the system version of openssl with version 1.0.x or >>> you will most likely break your install. >>> >>> -- >>> Regards, >>> Hubert Kario >>> BaseOS QE Security team >>> Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> Development Mailing List [email protected] >>> Automated List Manager [email protected] >>> >> >> >> >> -- >> Thanks, >> Shruti Palshikar >> 617 784 8358 >> BuysideFX<https://app.getsignals.com/link?url=http%3A%2F%2Fwww.buysidefx.com%2F&ukey=agxzfnNpZ25hbHNjcnhyFAsSC1VzZXJQcm9maWxlGLr_3AMM&k=a1b9ff13b42c4509a0ed70bae764a41a> >> *Solving foreign exchange problems * >> *for institutional money managers* >> >> > -- Thanks, Shruti Palshikar 617 784 8358 BuysideFX<https://app.getsignals.com/link?url=http%3A%2F%2Fwww.buysidefx.com%2F&ukey=agxzfnNpZ25hbHNjcnhyFAsSC1VzZXJQcm9maWxlGLr_3AMM&k=a1b9ff13b42c4509a0ed70bae764a41a> *Solving foreign exchange problems * *for institutional money managers*
