Upgrade Openssl

[Matt Grant]

I want to update my openssl on my CentOS 6.2 with Plesk 11.09 MU#60 server, but when I run yum update I get 173MB of downloads. With past CentOS/Plesk servers I have owned, when I just updated everything via yum, something would break on my server/Plesk.

Is it safe to update everything on the server using yum update? I do not have any exotic settings in Plesk or CentOS.

Thanks in advance!

 

[Kroptokin]

My ISP gave me this link which runs through the steps to build OpenSSL from source on CentoOS: http://cloudishvps.com/linux/openss...ion-on-the-recent-security-issue-and-the-fix/

It is about half-way down the page "Installing OpenSSL 1.0.1g on CentOS"

I just did this on CentOS 6.4 with Plesk 11.5 and it worked fine.

I did have to install gcc though. yum install gcc

hth

--Justin Wyllie

 

[atomicturtle]

Good news here, this is not necessary on a CentOS 6 system. The update openssl-1.0.1e-16.el6_5.7 resolves the issue, however you would be advised to regenerate the certificates on the system:

* Mon Apr 07 2014 Tomáš Mráz <[email protected]> 1.0.1e-16.7
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

 

[Kroptokin]

oops. Sorry. Posted to wrong thread. Post removed.