Rpm upgradation problem

sachinh · 06-30-2007, 10:55 AM

hi,

Running Redhat Linux 2.1 . With openssh-3.5 . Need to upgrade it to 3.8 version. Now when we try to upgrade the same using RPM -Uvh ....it panics giving glibc errors/dependancies. Now question is should I go for upgradation of glibc packages ?? The system is in production with Live Applications on it.
Or is there any way out to this ....like installing/upgrading openssh using SRPMS or so ?
I heard SRPM can be installaed to suit your own system. Please suggest.
Thanx in advance.

pixellany · 06-30-2007, 08:21 PM

RedHat went up to version 9 or so, and it is now called RedHat Enterprise Linux, which is now on version 5. I would think it would be counterproductive to upgrade to something that is still obsolete.
If you don't want to pay for the current RedHat, there is CentOS (a clone), and Fedora.

sachinh · 07-23-2007, 12:00 AM

Till now I was trying to upgrade the openssh package as we discovered openssh vulnerability in one of the security tools.
Now the only solution to this vulnerability is to upgrade or apply patch.
upgradation like we talked , will create N no. of dependancies...which we are reluctant to go ahead with. Also up2date requires valid subscription to redhat ?? Please comment on this.

The details:-

Vulnerability

http://www.cert.org/advisories/CA-2003-24.html

Solution
http://www.openssh.com/txt/buffer.adv

Now the above patch needs to be applied (and my long awaited problem can be resolved ..atleast I hope so).
But now the problem is how to apply it in the system?? When I referred to this link , found that its a some kind of C- code.
Can you help me in this case ?? And do you people also think that this patch would resolve the issue??????????????