How to update mod_ssl
Here's my situation. I have a virtual dedicated server with godaddy:
Linux 2.4.20-021stab028.3.777-en
with Plesk psa v7.5.4_build75051014.16 os_FedoraCore 2
Godaddy informed us that we need to update mod_ssl ("which is called through Apache's mod_proxy module") because it is insecure. As such, mod_proxy is now disabled and this prevents us from authoring pages with frontpage.
I installed yum (which a little help from my friends) and updated things. The mod_ssl version is still the same: mod_ssl-2.0.51-2.9.1.swsof
How do I fix this sitatuion? I will need step 1, 2, 3 . . .
Mark
Linux 2.4.20-021stab028.3.777-en
with Plesk psa v7.5.4_build75051014.16 os_FedoraCore 2
Godaddy informed us that we need to update mod_ssl ("which is called through Apache's mod_proxy module") because it is insecure. As such, mod_proxy is now disabled and this prevents us from authoring pages with frontpage.
I installed yum (which a little help from my friends) and updated things. The mod_ssl version is still the same: mod_ssl-2.0.51-2.9.1.swsof
How do I fix this sitatuion? I will need step 1, 2, 3 . . .
Mark
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
pjedmond
Please note, I'm testing on RHEL, so the concept will be the same, but the actual filenames will be a little different.
ASKER
My version of mod_ssl to begin with was mod_ssl-2.0.51-2.9.1.swsof
yum doesn't seem to be updating things . . .
[servername]# yum install mod_ssl
Gathering header information file(s) from server(s)
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
mod_ssl is installed and is the latest version.
No actions to take
[servername]# rpm -q mod_ssl
mod_ssl-2.0.51-2.9.1.swsof
[servername]#
[servername]# rpm -q httpd
httpd-2.0.51-2.9.1.swsoft
[servername]#
[servername]# yum install apache2_mod_ssl
Gathering header information file(s) from server(s)
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
Cannot find a package matching apache2_mod_ssl
No actions to take
yum doesn't seem to be updating things . . .
[servername]# yum install mod_ssl
Gathering header information file(s) from server(s)
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
mod_ssl is installed and is the latest version.
No actions to take
[servername]# rpm -q mod_ssl
mod_ssl-2.0.51-2.9.1.swsof
[servername]#
[servername]# rpm -q httpd
httpd-2.0.51-2.9.1.swsoft
[servername]#
[servername]# yum install apache2_mod_ssl
Gathering header information file(s) from server(s)
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
Cannot find a package matching apache2_mod_ssl
No actions to take
mod_ssl-2.0.49-4.i386.rpm
is the distributed FC2 mod_ssl.
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/i386/
gives the latest FC2 as:
mod_ssl-2.0.51-2.9.i386.rp
Whatever you've done, then you've successfully updated it!
HTH:)
is the distributed FC2 mod_ssl.
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/i386/
gives the latest FC2 as:
mod_ssl-2.0.51-2.9.i386.rp
Whatever you've done, then you've successfully updated it!
HTH:)
Looks that there is also an issue with the underlying openssl associated with mod_ssl.
rpm -qa | grep openssl
to find the name of your openssl package, and then:
yum install openssl
or
yum install openssl096b
or equivalent - basically the package name is everything before the first "-"
http://www.modssl.org/news/
gives news of issues relating to modssl. The FC updates backport vulnerabilities into the update packages for the FC release concerned.
HTH:)
rpm -qa | grep openssl
to find the name of your openssl package, and then:
yum install openssl
or
yum install openssl096b
or equivalent - basically the package name is everything before the first "-"
http://www.modssl.org/news/
gives news of issues relating to modssl. The FC updates backport vulnerabilities into the update packages for the FC release concerned.
HTH:)
ASKER
It shows openssl as the same version. Is it possible that yum updated it when I previously ran "yum update"? if so, how could I tell?
[servername]# rpm -qa | grep openssl
openssl-0.9.7a-35
openssl-perl-0.9.7a-35
openssl-devel-0.9.7a-35
[servername]#
[servername]# yum install openssl
Gathering header information file(s) from server(s)
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
openssl is installed and is the latest version.
No actions to take
[servername]# rpm -qa | grep openssl
openssl-0.9.7a-35
openssl-perl-0.9.7a-35
openssl-devel-0.9.7a-35
[servername]#
[servername]# yum install openssl
Gathering header information file(s) from server(s)
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
openssl is installed and is the latest version.
No actions to take
Yep - the whole point of yum is that it updates as required - If you ran yum update, then all of teh rpms would have been updated to the latest.
As for openssl - openssl-0.9.7a-35 is the most uptodate. Although it was the version distributed with FC2, there has been no need to upgrade it, whereas 0.7.6 (also distributed with FC2) has had to be updated. Your system is fully up to date with respect to the packages we've discussed.
HTH:)
As for openssl - openssl-0.9.7a-35 is the most uptodate. Although it was the version distributed with FC2, there has been no need to upgrade it, whereas 0.7.6 (also distributed with FC2) has had to be updated. Your system is fully up to date with respect to the packages we've discussed.
HTH:)
ASKER
Does yum log all of its activity? in yum.log, all I see is:
05/04/06 07:31:44 Updated: mod_python 3.1.3-1.fc2.2.i386
05/04/06 07:31:44 Updated: gd 2.0.21-5.20.1.i386
05/04/06 07:31:44 Updated: xorg-x11-libs 6.7.0-14.i386
05/04/06 07:31:44 Updated: xorg-x11-Mesa-libGL 6.7.0-14.i386
05/04/06 07:31:44 Updated: xorg-x11-libs-data 6.7.0-14.i386
Does this mean that these are the only packages that have been updated?
Mark
05/04/06 07:31:44 Updated: mod_python 3.1.3-1.fc2.2.i386
05/04/06 07:31:44 Updated: gd 2.0.21-5.20.1.i386
05/04/06 07:31:44 Updated: xorg-x11-libs 6.7.0-14.i386
05/04/06 07:31:44 Updated: xorg-x11-Mesa-libGL 6.7.0-14.i386
05/04/06 07:31:44 Updated: xorg-x11-libs-data 6.7.0-14.i386
Does this mean that these are the only packages that have been updated?
Mark