Solaris 10 x86 OpenSSL patch/package to address vulnerabilities
Posted on 2015-02-23
There's been quite a number of OpenSSL vulnerabilities lately & even SSLv3 is now vulnerable;
I guess only TLS of a certain ciphers is now non-vulnerable (perhaps shd be called OpenTLS?)
What's the latest patch/package for Solaris 10 (for x86) that is non-vulnerable?
Kindly provide the Oracle link to download it as well as all pre-requisite packages. I have
subscription to Oracle but last login to sunsolve a couple of years before Oracle acquired
Sun, so I've lost touch.
Do provide brief Solaris commands (I last recall it's something like 'pkgadd -d ./...' or 'patchadd ..."
to install the pre-requisite packages & this non-vulnerable OpenSSL
I guess OpenSSL is only used in web servers, so how do I verify it has taken effect (ie using TLS
& not SSL) & if breaks anything? If I could browse the webpage & load certain apps, is this good