Re: Upgrading OpenSSL on RHEL5

2014-04-24 Thread Shruti Palshikar 
Thanks Hubert


On Thu, Apr 24, 2014 at 10:20 AM, Hubert Kario hka...@redhat.com wrote:

 - Original Message -
 
  From: Shruti Palshikar shr...@buysidefx.com
  To: openssl-dev@openssl.org
  Sent: Thursday, 24 April, 2014 3:33:50 PM
  Subject: Re: Upgrading OpenSSL on RHEL5
 
  I was referring to the TLS/SSL renegotiation vulnerability. Do you know
 if
  the 0.98e version has the fix?

 Yes, CVE-2009-3555 is fixed in the openssl package as shipped in RHEL-5:

 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3555#c105

 --
 Regards,
 Hubert Kario
 BaseOS QE Security team
 Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
 __
 OpenSSL Project http://www.openssl.org
 Development Mailing List   openssl-dev@openssl.org
 Automated List Manager   majord...@openssl.org




-- 
Thanks,
Shruti Palshikar
617 784 8358
BuysideFXhttps://app.getsignals.com/link?url=http%3A%2F%2Fwww.buysidefx.com%2Fukey=agxzfnNpZ25hbHNjcnhyFAsSC1VzZXJQcm9maWxlGLr_3AMMk=a1b9ff13b42c4509a0ed70bae764a41a
*Solving foreign exchange problems *
*for institutional money managers*

Upgrading OpenSSL on RHEL5

2014-04-23 Thread Shruti Palshikar 
 M
 Repo   : installed
 Summary: Files for development of applications which will use OpenSSL
 URL: http://www.openssl.org/
 License: BSDish
 Description: OpenSSL is a toolkit for supporting cryptography. The
openssl-devel
: package contains static libraries and include files
needed to develop
: applications which support various cryptographic algorithms and
: protocols.

 Available Packages
 Name   : openssl-devel
 Arch   : i386
 Version: 0.9.8e
 Release: 27.el5_10.1
 Size   : 1.9 M
 Repo   : rhel-x86_64-server-5
 Summary: Files for development of applications which will use OpenSSL
 License: BSDish
 Description: OpenSSL is a toolkit for supporting cryptography. The
openssl-devel
: package contains static libraries and include files
needed to develop
: applications which support various cryptographic algorithms and
: protocols.

How can I upgrade from 0.98e version to the latest one without using yum
from  the source? Should I replace this installation?

-- 
Thanks,
Shruti Palshikar
617 784 8358
BuysideFXhttps://app.getsignals.com/link?url=http%3A%2F%2Fwww.buysidefx.com%2Fukey=agxzfnNpZ25hbHNjcnhyFAsSC1VzZXJQcm9maWxlGLr_3AMMk=a1b9ff13b42c4509a0ed70bae764a41a
*Solving foreign exchange problems *
*for institutional money managers*

Re: Upgrading OpenSSL on RHEL5

2014-04-23 Thread Shruti Palshikar 
Hi Paul,

I misunderstood the community for being a discussion thread for common
issues faced.
Thank you for the help. The yum command does not run as expected


On Wed, Apr 23, 2014 at 4:02 PM, Paul Vander Griend 
paul.vandergri...@gmail.com wrote:

 Shruti,

  This is probably not the right list to ask that question but i'm
 going to help you anyways.

   OpenSSL is a library and you can't simply upgrade it across your
 entire RHEL installation. What you need is for the packages that you
 have installed who have dependencies on OpenSSL to update their
 packages to have a dependency on the newer version. I believe there is
 a yum update or yum upgrade command which will attempt to update any
 packages that are out of date. You are at the mercy of the package
 owners and the RHEL repository folk.

 -Paul


 On Wed, Apr 23, 2014 at 10:50 AM, Shruti Palshikar shr...@buysidefx.com
 wrote:
  Hello,
 
  I am trying to upgrade my openSSL version on RHEL5. WHen I tried to
 update
  it using yum commad (it kept pausing with the messages - No packages
 marked
  for update) I found out that this was not installed from the source but
 was
  present along with RHEL in the /usr directory. Following are some helpful
  commands to give you an idea of the machine and openSSL I am using
 
  1. yum search openSSL
 
  Loaded plugins: downloadonly, replace, rhnplugin, security
   This system is receiving updates from RHN Classic or RHN Satellite.
   drivesrvr
  |951 B 00:00
   rhel-raxmon
  |951 B 00:00
   Excluding Packages from Red Hat Enterprise Linux (v. 5 for 64-bit
 x86_64)
   Finished
 
 ==
  Matched: openssl
 
 ==
  easy-rsa.noarch : Simple shell based CA utility
  globus-gsi-openssl-error.i386 : Globus Toolkit - Globus OpenSSL Error
  Handling
  globus-gsi-openssl-error.x86_64 : Globus Toolkit - Globus OpenSSL Error
  Handling
  globus-gsi-openssl-error-devel.i386 : Globus Toolkit - Globus OpenSSL
 Error
  HandlingDevelopment Files
  globus-gsi-openssl-error-devel.x86_64 : Globus Toolkit - Globus OpenSSL
  Error Handling Development Files
  globus-gsi-openssl-error-doc.x86_64 : Globus Toolkit - Globus OpenSSL
 Error
  Handling Documentation Files
  globus-openssl-module.i386 : Globus Toolkit - Globus OpenSSL Module
 Wrapper
  globus-openssl-module.x86_64 : Globus Toolkit - Globus OpenSSL Module
  Wrapper
  globus-openssl-module-devel.i386 : Globus Toolkit - Globus OpenSSL Module
  Wrapper Development Files
  globus-openssl-module-devel.x86_64 : Globus Toolkit - Globus OpenSSL
 Module
  Wrapper Development Files
  globus-openssl-module-doc.x86_64 : Globus Toolkit - Globus OpenSSL Module
  Wrapper Documentation Files
  globus-openssl-module-progs.x86_64 : Globus Toolkit - Globus OpenSSL
 Module
  Wrapper Programs
  libssh.i386 : A library implementing the SSH2 protocol (0xbadc0de
 version)
   libssh.x86_64 : A library implementing the SSH2 protocol (0xbadc0de
  version)
   lua-sec.x86_64 : Lua binding for OpenSSL library
   m2crypto.x86_64 : Support for using OpenSSL in python scripts
   mingw32-openssl.noarch : MinGW port of the OpenSSL toolkit
   openscada-Transport-SSL.x86_64 : Open SCADA transports
   openssl.i686 : The OpenSSL toolkit
   openssl.x86_64 : The OpenSSL toolkit
   openssl-devel.i386 : Files for development of applications which will
 use
  OpenSSL
   openssl-devel.x86_64 : Files for development of applications which will
 use
  OpenSSL
   openssl-perl.x86_64 : Perl scripts provided with OpenSSL
   openssl097a.i386 : The OpenSSL toolkit
   openssl097a.x86_64 : The OpenSSL toolkit
   openvpn.x86_64 : A full-featured SSL VPN solution
   perl-Crypt-OpenSSL-AES.x86_64 : Perl interface to OpenSSL for AES
   perl-Crypt-OpenSSL-Bignum.x86_64 : Perl interface to OpenSSL for Bignum
   perl-Crypt-OpenSSL-DSA.x86_64 : Perl interface to OpenSSL for DSA
   perl-Crypt-OpenSSL-RSA.x86_64 : Perl interface to OpenSSL for RSA
   perl-Crypt-OpenSSL-Random.x86_64 : Perl interface to OpenSSL for Random
   perl-Crypt-OpenSSL-X509.x86_64 : Perl interface to OpenSSL for X509
   perl-Crypt-SMIME.x86_64 : S/MIME message signing, verification,
 encryption
  and  decryption
   perl-Crypt-SSLeay.x86_64 : Crypt::SSLeay - OpenSSL glue that provides
 LWP
  https support
   perl-Net-SSLeay.x86_64 : Perl extension for using OpenSSL
   pkcs11-helper.i386 : A library for using PKCS#11 providers
   pkcs11-helper.x86_64 : A library for using PKCS#11 providers
   pyOpenSSL.x86_64 : Python wrapper module around the OpenSSL library
   python-socksipychain.noarch : A Python SOCKS/HTTP Proxy module
   python26-m2crypto.x86_64 : Support for using OpenSSL in python 2.6
 scripts
   tomcat-native.x86_64 : Tomcat native library
   tomcatjss.noarch : JSSE implementation using JSS for Tomcat
   xmlsec1.i386 : Library providing support