[LON-CAPA-admin] Re: [LON-CAPA-dev] Fwd: [suse-security-announce] OpenSSH Vulnerability

Guy Albertelli II guy at albertelli.com
Wed Jul 3 16:32:48 EDT 2002

Hi Martin

> > The big problem is RedHat 6.2:
> > openssh-3.3p1 requires openssl-0.9.6 or later. RedHat 6.2 uses
> > openssl-0.9.5a. The only option I see right now is to upgrade openssl
> > (e.g., by recompiling a RedHat 7.x src rpm). However, openssl is used
> > by apache and others. Has anybody tried to run apache under RedHat 6.2
> > with openssl-0.9.6 or later? Does it break everything? Is there somewhere
> > a development/test LON-CAPA box running RH6.2 where this could be tested?
> Yes I have 2 rh6.2 boxes I can test this out on. I will try it out
> tommorrow.

As far as I can tell a standard apache install under RedHat 6.2
doesn't care what version of openssl is installed.

I was able to upgrade the openssl to 0.9.6 and apache worked fine.

However I needed to downgrade back to openssl-0.9.5.a to run your pached ssh
server on the machine, and the standard RH ssh servers won't install
due to the dependency on the newer libc

guy at albertelli.com          BM: n^20 t20 z20 qS 
Guy Albertelli -7-8-4-  O-
    Only a lack of imagination saves me from immobilizing myself with
    imaginary fears.   

More information about the LON-CAPA-admin mailing list