• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1298
  • Last Modified:

How to update mod_ssl

Here's my situation.  I have a virtual dedicated server with godaddy:
Linux 2.4.20-021stab028.3.777-enterprise
with Plesk psa v7.5.4_build75051014.16 os_FedoraCore 2

Godaddy informed us that we need to update mod_ssl ("which is called through Apache's mod_proxy module") because it is insecure.  As such, mod_proxy is now disabled and this prevents us from authoring pages with frontpage.

I installed yum (which a little help from my friends) and updated things.  The mod_ssl version is still the same: mod_ssl-2.0.51-2.9.1.swsoft

How do I fix this sitatuion?  I will need step 1, 2, 3 . . .

Mark
0
msibley
Asked:
msibley
  • 5
  • 3
1 Solution
 
pjedmondCommented:
As root (su), install the update as follows:

yum install mod_ssl

If that doesn't work, there is also:

yum install apache2_mod_ssl

I'm presuming that you're after the mod_ssl for apache2?

rpm -q httpd

should give something like:

httpd-2.0.46-32.ent

Hope that helps:)
0
 
pjedmondCommented:
Please note, I'm testing on RHEL, so the concept will be the same, but the actual filenames will be a little different.
0
 
msibleyAuthor Commented:
My version of mod_ssl to begin with was mod_ssl-2.0.51-2.9.1.swsoft

yum doesn't seem to be updating things . . .

[servername]# yum install mod_ssl
Gathering header information file(s) from server(s)
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
mod_ssl is installed and is the latest version.
No actions to take
[servername]# rpm -q mod_ssl
mod_ssl-2.0.51-2.9.1.swsoft
[servername]#
[servername]# rpm -q httpd
httpd-2.0.51-2.9.1.swsoft
[servername]#
[servername]# yum install apache2_mod_ssl
Gathering header information file(s) from server(s)
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
Cannot find a package matching apache2_mod_ssl
No actions to take
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
pjedmondCommented:
mod_ssl-2.0.49-4.i386.rpm

is the distributed FC2  mod_ssl.

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/i386/

gives the latest FC2 as:

mod_ssl-2.0.51-2.9.i386.rpm

Whatever you've done, then you've successfully updated it!

HTH:)
0
 
pjedmondCommented:
Looks that there is also an issue with the underlying openssl associated with mod_ssl.

rpm -qa | grep openssl

to find the name of your openssl package, and then:

yum install openssl

or

yum install openssl096b

or equivalent - basically the package name is everything before the first "-"

http://www.modssl.org/news/

gives news of issues relating to modssl. The FC updates backport vulnerabilities into the update packages for the FC release concerned.

HTH:)

0
 
msibleyAuthor Commented:
It shows openssl as the same version.  Is it possible that yum updated it when I previously ran "yum update"?  if so, how could I tell?

[servername]# rpm -qa | grep openssl
openssl-0.9.7a-35
openssl-perl-0.9.7a-35
openssl-devel-0.9.7a-35
[servername]#
[servername]# yum install openssl
Gathering header information file(s) from server(s)
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
openssl is installed and is the latest version.
No actions to take
0
 
pjedmondCommented:
Yep - the whole point of yum is that it updates as required - If you ran yum update, then all of teh rpms would have been updated to the latest.

As for openssl - openssl-0.9.7a-35 is the most uptodate. Although it was the version distributed with FC2, there has been no need to upgrade it, whereas 0.7.6 (also distributed with FC2) has had to be updated. Your system is fully up to date with respect to the packages we've discussed.

HTH:)
0
 
msibleyAuthor Commented:
Does yum log all of its activity?  in yum.log, all I see is:

05/04/06 07:31:44 Updated: mod_python 3.1.3-1.fc2.2.i386
05/04/06 07:31:44 Updated: gd 2.0.21-5.20.1.i386
05/04/06 07:31:44 Updated: xorg-x11-libs 6.7.0-14.i386
05/04/06 07:31:44 Updated: xorg-x11-Mesa-libGL 6.7.0-14.i386
05/04/06 07:31:44 Updated: xorg-x11-libs-data 6.7.0-14.i386

Does this mean that these are the only packages that have been updated?

Mark
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now