LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-28-2015, 01:41 PM   #1
Basher52
Member
 
Registered: Mar 2004
Location: .SE
Distribution: Arch
Posts: 402

Rep: Reputation: 22
Angry Fix SSL for HeartBleed & vulnerable prior to 1.0.1i in Kernel 2.6.35?


First, this may be the wrong place for the post, but since the main thing is for software, I figured it was OK

I need to get this fixed in a very old version of Fedora... F14
due to that some drivers for a RAID Controller won't run on a newer kernel.

Also seen that there is a vulnerability in unzip: http://www.securityfocus.com/bid/71790

Is there a way to fix these in F14 with kernel v 2.6.3x without trashing something else?
If so, how do I do it, I tried without luck and can't find any solution for it.

PS. Do NOT tell me to get a newer version of Fedora!!
If you feel like doing that start reading this post from start again and
again until you get it

Last edited by Basher52; 03-31-2015 at 03:52 AM.
 
Old 03-28-2015, 08:17 PM   #2
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,824

Rep: Reputation: 615Reputation: 615Reputation: 615Reputation: 615Reputation: 615Reputation: 615
compile openssl latest from source
 
1 members found this post helpful.
Old 03-28-2015, 11:22 PM   #3
veerain
Senior Member
 
Registered: Mar 2005
Location: Earth bound to Helios
Distribution: Custom
Posts: 2,524

Rep: Reputation: 319Reputation: 319Reputation: 319Reputation: 319
The openssl and zip software has nothing to do with kernel.

You can grab the sources of appropriate version of openssl from openssl.org and install. Be careful in picking correct version. There are many stable series. Within a series we can hope that the newer version is abi compatible with your current version.

Same for unzip.

Also you can see sources of F14 rpm's to see how they are built.
 
1 members found this post helpful.
Old 03-29-2015, 12:23 AM   #4
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,627

Rep: Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651
the "hair pulling "fun" of Unsupported OS's and with fedora's extremely short 13 month lifetime

the foreveryday security holes that will never be fixed

have you thought about using CentOS 6.6 or 7.0
 
1 members found this post helpful.
Old 03-31-2015, 03:49 AM   #5
Basher52
Member
 
Registered: Mar 2004
Location: .SE
Distribution: Arch
Posts: 402

Original Poster
Rep: Reputation: 22
I'll try the source and see if I can get it working, thx

@John VV, no didn't think of those I'll check them out, although CentOS 7 has kernel 3.10.x so that is out.
and yes in this case the kernel version is important due to the RAID controller drivers which won't compile on newer kernel version and is also unsupported.

Last edited by Basher52; 03-31-2015 at 04:03 AM.
 
  


Reply

Tags
fedora 14, kernel 2.6.35, ssl, vulnerability


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how do I fix heartbleed on my computers rob.rice Slackware 3 04-20-2014 07:31 AM
[SOLVED] I think my version of SSL isn't vulnerable to Heartbleed, but I want to make sure nerdofdarkness Linux - Newbie 6 04-13-2014 07:38 PM
LXer: Can You Get Private SSL Keys Using Heartbleed? LXer Syndicated Linux News 0 04-13-2014 11:23 AM
LXer: Can You Get Private SSL Keys Using Heartbleed? LXer Syndicated Linux News 0 04-13-2014 10:30 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:47 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration