Vulnerable Openssl version remains & got activated after update

[Sunhux G]

Our network blocks Internet access & Security Gov team
disallows.  I don't know how to set up a yum repo which
I've been enquiring for a while: anyone care to share?

David is right that I'll need to use the specific format of the
rpm command.  I'm curious why on my server (this is my
first time in this new environment), the openssl devel is
x86_64 while the openssl is i686 : thought they're meant
for different architecture?

# rpm -q --qf "%{NAME}-%{VERSION}.%{RELEASE}.%{ARCH}\n" openssl-devel
openssl-devel-0.9.8e.27.el5_10.3.x86_64


After updating it & restart the service, the *version is still a*
*vulnerable* version:   Any idea why?

# cd /opt/opsware/etc/init.d
./opswgw-cgws1-GCLOUDMAZ start
Starting opswgw:                                    [  OK  ]

# ./ fake-client-early-ccs.pl localhost 443 Got server response, size: 2953
- Handshake - Server Hello
- Handshake - Certificate
- Handshake - Server Key Exhange
- Handshake - Server Hello Done
FAIL Remote host is affected
# openssl version
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008






On Fri, Jun 13, 2014 at 9:42 PM, Jonathan Billings <jsbillin at umich.edu>
wrote:

> On Fri, Jun 13, 2014 at 9:23 AM, Sunhux G <sunhux at gmail.com> wrote:
>
> > I'll attempt anyway but should I use "rpm -ivh ..." or
> > "rpm -Uvh ..."   this time?
> >
>
> Why aren't you using 'yum'?  Your problem would have been obvious if you
> had just used it.  'yum' was written specifically to help with these types
> of situations.
>
> If you don't have direct access to RHN (air-gapped system for example), you
> can always copy the packages into a local yum repo and use yum instead of
> 'rpm'.
>
> --
> Jonathan Billings <jsbillin at umich.edu>
> College of Engineering - CAEN - Unix and Linux Support
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>