Just about 1-2 weeks ago, a list of CVEs for OpenSSL vulnerabilities were released.
Our version of OpenSSL that's bundled with RHEL 6.5's RHUA servers are affected.
Appreciate if anybody can provide the steps to patch it:
a) I suppose we can't just do "yum" to update only OpenSSL or can we?
Don't want the version of the RHEL to get upgraded but only fix the
b) do we just do "rpm -e Current_OpenSSL_Rpm" & then use rpm to
install the newer/patched version of OpenSSL
c) do provide me the link to download the OpenSSL rpm as well, thanks