0

I have run a security check and it came back with 6 high vulnerabilities.

OpenSSL Running Version Prior to 1.0.1t
OpenSSL Running Version Prior to 1.0.1t
OpenSSL Running Version Prior to 1.0.1o
OpenSSL Running Version Prior to 1.0.1o
OpenSSL Running Version Prior to 1.0.1s (DROWN)
OpenSSL Running Version Prior to 1.0.1s (DROWN)

I am here as a last result (i have googled) so many conflicting articles on updating i was really hoping the cmd.

yum update openssl

Would solve my issue but no help i get.

Loaded plugins: priorities, update-motd, upgrade-helper
amzn-main/latest                                         | 2.1 kB     00:00     
amzn-updates/latest                                      | 2.3 kB     00:00     
1521 packages excluded due to repository priority protections
No packages marked for update

I have seen a few articles about building from src and then articles saying you should definitively not do this what is right I really want to make sure my server is secure.

My openssl version is: OpenSSL 1.0.1k-fips 8 Jan 2015

I am running centos on AWS ec2 any idea how to update? this does not help https://aws.amazon.com/premiumsupport/knowledge-center/openssl/

Please help.

user1503606
  • 111
  • 2
  • 1
    Your system is almost certainly up-to-date with security fixes due to the major vendors backporting bug fixes into their releases. You can check this out by obtaining the detail of each vulnerability listed and looking in the relevant package changelog. There is a changelog plugin for yum to help with this. – user9517 Sep 07 '16 at 16:06
  • hi lain thanks for the reply ill take a look at the plugin. – user1503606 Sep 07 '16 at 16:30
  • Similar to [this Q&A](http://serverfault.com/a/604277/37681) run `rpm -q --changelog openssl` to see which vulnerabilities have been patched – HBruijn Sep 07 '16 at 16:33

0 Answers0