LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   upgrade and downgrade of OpenSSL on RHEL 5 (https://www.linuxquestions.org/questions/linux-server-73/upgrade-and-downgrade-of-openssl-on-rhel-5-a-4175501194/)

Selenis 04-10-2014 03:36 AM
upgrade and downgrade of OpenSSL on RHEL 5
 
hi all!

one of our Server runs on Red Hat 3.4.6-11 with openSSL 0.9.7a and the other on Red Hat 4.1.2-51 with openSSL 0.9.8e

I have to upgrade to openSSL 1.0.1g on both Servers.

My Question is:

- will update through yum get me the latest Version?
- How do I downgrade if it turns out that our Scripts/Configurations have trouble with the upgrade?
- Do I only have to restart apache after the upgrade?
- Both Openssl Versions are not vulnerable to Heartbleed and Tests of your sites on the servers confirmed this. Do We still need new SSL Certificates?

Any help will be appreciated! :-)

kirukan 04-10-2014 04:04 AM
RHEL3 and RHEL4 are End of Life, No more support from Redhat. Are you looking to upgrade RHEL5 openssl version?
http://rhn.redhat.com/errata/RHSA-2010-0817.html
https://rhn.redhat.com/errata/RHSA-2012-0073.html

Selenis 04-10-2014 05:50 AM
thanks for your reply

hm this is the output i got from
>cat /proc/version

the contract with our hoster states at least for the second server that it's RHEL5
any other way i can securely get the current OS version?

anyway my question would be for RHEL5

Selenis 04-10-2014 09:14 AM
ok heres what /etc/redhat-release says
1. server with OpenSSL 0.9.7a: Red Hat Enterprise Linux ES release 4
GUess Im out of luck here

2. server with openssl 0.9.8e: Red Hat Enterprise Linux Server release 5.7 (Tikanga)

any Ideas if it would be possible to downgrade back to 0.9.8e once I updated?
And if how?

John VV 04-10-2014 11:52 AM
RHEL 5.10 is the current in the old LEGACY redhat enterprise linux 5
5.7 is 3 minor versions out of date
for security backports to 5.7

contact your RedHat tech support
you ARE paying for this ( paying a lot of cash to keep it at 5.7 )

you might want to use that already paid for support


this will install any available security updates
Code:
su -
yum update

kirukan 04-10-2014 10:14 PM
Quote:
Originally Posted by Selenis (Post 5150095)
any Ideas if it would be possible to downgrade back to 0.9.8e once I updated?
And if how?
I think you don't want to worry for the downgrade because mostly latest versions are bugs free and more stable than the earlier versions.

chrism01 04-14-2014 06:19 AM
General page of lifetimes for RHEL 3, 4, 5 & 6 https://access.redhat.com/site/suppo...pdates/errata/

1. I'd advise replacing the RHEL4 system asap
2. Also, as above, upgrade the RHEL5 to the latest and you'll be protected.

RH issued fixes for the OpenSSL issue very quickly. :)


All times are GMT -5. The time now is 11:48 PM.