I am in the process of patching two redhat servers. They are only used for mail no hosted websites, but we are using SSL for mail.
One of the servers is an older version of redhat (Redhat version 16)
Linux version 3.1.0-7.fc16.x86_64 (email@example.com
(gcc version 4.6.2 20111027 (Red Hat 4.6.2-1) (GCC) )
If I do a yum update openssl it will return that it is pulling
1.0.0j-1.fc16 not the most current patched version
The current version on the server.
OpenSSL 1.0.0e-fips 6 Sep 2011
From what I have been reading openssl versions under the 1.0.0 branch are not affected.
With that said is there any way I can test this on the server. From what I am reading this vulnerability does not affect this server due to the version of openssl but I want to be sure.