LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 04-10-2014, 04:36 AM   #1
Selenis
LQ Newbie
 
Registered: Feb 2014
Posts: 11

Rep: Reputation: Disabled
upgrade and downgrade of OpenSSL on RHEL 5


hi all!

one of our Server runs on Red Hat 3.4.6-11 with openSSL 0.9.7a and the other on Red Hat 4.1.2-51 with openSSL 0.9.8e

I have to upgrade to openSSL 1.0.1g on both Servers.

My Question is:

- will update through yum get me the latest Version?
- How do I downgrade if it turns out that our Scripts/Configurations have trouble with the upgrade?
- Do I only have to restart apache after the upgrade?
- Both Openssl Versions are not vulnerable to Heartbleed and Tests of your sites on the servers confirmed this. Do We still need new SSL Certificates?

Any help will be appreciated! :-)
 
Old 04-10-2014, 05:04 AM   #2
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,235

Rep: Reputation: 132Reputation: 132
RHEL3 and RHEL4 are End of Life, No more support from Redhat. Are you looking to upgrade RHEL5 openssl version?
http://rhn.redhat.com/errata/RHSA-2010-0817.html
https://rhn.redhat.com/errata/RHSA-2012-0073.html
 
Old 04-10-2014, 06:50 AM   #3
Selenis
LQ Newbie
 
Registered: Feb 2014
Posts: 11

Original Poster
Rep: Reputation: Disabled
thanks for your reply

hm this is the output i got from
>cat /proc/version

the contract with our hoster states at least for the second server that it's RHEL5
any other way i can securely get the current OS version?

anyway my question would be for RHEL5
 
Old 04-10-2014, 10:14 AM   #4
Selenis
LQ Newbie
 
Registered: Feb 2014
Posts: 11

Original Poster
Rep: Reputation: Disabled
ok heres what /etc/redhat-release says
1. server with OpenSSL 0.9.7a: Red Hat Enterprise Linux ES release 4
GUess Im out of luck here

2. server with openssl 0.9.8e: Red Hat Enterprise Linux Server release 5.7 (Tikanga)

any Ideas if it would be possible to downgrade back to 0.9.8e once I updated?
And if how?
 
Old 04-10-2014, 12:52 PM   #5
John VV
Guru
 
Registered: Aug 2005
Posts: 13,268

Rep: Reputation: 1775Reputation: 1775Reputation: 1775Reputation: 1775Reputation: 1775Reputation: 1775Reputation: 1775Reputation: 1775Reputation: 1775Reputation: 1775Reputation: 1775
RHEL 5.10 is the current in the old LEGACY redhat enterprise linux 5
5.7 is 3 minor versions out of date
for security backports to 5.7

contact your RedHat tech support
you ARE paying for this ( paying a lot of cash to keep it at 5.7 )

you might want to use that already paid for support


this will install any available security updates
Code:
su -
yum update
 
Old 04-10-2014, 11:14 PM   #6
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,235

Rep: Reputation: 132Reputation: 132
Quote:
Originally Posted by Selenis View Post
any Ideas if it would be possible to downgrade back to 0.9.8e once I updated?
And if how?
I think you don't want to worry for the downgrade because mostly latest versions are bugs free and more stable than the earlier versions.
 
Old 04-14-2014, 07:19 AM   #7
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,311

Rep: Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040
General page of lifetimes for RHEL 3, 4, 5 & 6 https://access.redhat.com/site/suppo...pdates/errata/

1. I'd advise replacing the RHEL4 system asap
2. Also, as above, upgrade the RHEL5 to the latest and you'll be protected.

RH issued fixes for the OpenSSL issue very quickly.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Downgrade php from 5.3 to 5.1.6 in RHEL 6.2 hrs.blr89 Linux - Server 4 07-09-2012 07:29 AM
RHEL 4.6 kernel downgrade hophilip Red Hat 5 01-24-2009 10:24 AM
OpenSSL downgrade dicator Linux - Software 2 10-24-2006 02:06 AM
Will 'aptitude upgrade or dist-upgrade' downgrade manually installed deb package? Akhran Debian 3 03-14-2006 03:40 PM
Upgrade becomes downgrade? onelung02 Slackware 5 02-28-2005 05:59 PM


All times are GMT -5. The time now is 03:30 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration