On Tue, Apr 05, 2005 at 10:50:55AM +1000, Erik de Castro Lopo wrote:
> On Tue, 5 Apr 2005 09:09:31 +1000 (EST)
> "Voytek" <[EMAIL PROTECTED]> wrote:
>
> > I have RH73 with
> >
> > # openssl version
> > OpenSSL 0.9.6b [engine] 9 Jul 2001
>
> OK, its pretty safe to assume that if this machine has been connected
> to the internet for anything more that about 15 seconds it has been fully
> compromised and rootkitted.
Not necessarily. Redhat/fedora backport security fixes and don't change
the release number.
Note Voytek's mail:
# yum update openssl
Gathering package information from servers
Getting headers from: Red Hat Linux 7.3 base
Getting headers from: Fedora Legacy utilities for Red Hat Linux 7.3
^^^
So I think he's ok.
That said, Voytek, I'd follow Howards advice and upgrade.
Legacy support will only so much longer -- 7.2 is already gone, 7.3
can't be far behind.
Matt
PS. You didn't tell us exactly why you wanted to upgrade openssl.
If it's to satisfy some other packages requirements, let us know.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
