<http://rhn.redhat.com/errata/RHSA-2002-160.html> contain the latest patches. Back patching was required by RedHat for compatibility with existing software. The "openssl-0.9.6e" version that everyone is talking about is the tarball version from openssl.org. I can see how many RedHat users may be confused on first glance...
Here is a list of the latest patched versions from RedHat: openssl-0.9.6b-28 openssl095a-0.9.5a-18 openssl096-0.9.6-13 openssl-0.9.5a-29 openssl-0.9.6-13 Do a "rpm -qa | grep openssl" and compare your redhat package version to one of these. After installing the latest openssl rpm... you can check for yourself to see that the patches have been applied: "rpm -q --changelog openssl | more" Trevor <www.gnuguy.com> > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of S Peram > Sent: Monday, September 23, 2002 10:49 AM > To: [EMAIL PROTECTED] > Subject: Slapper worm > If I need to upgrade my machines to the latest version of OpenSSL 0.9.6e with respect to vulnerabilities of the slapper worm, I'm kind of confused on how to do that, since I've downloaded and compiled OpenSSL. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
