Results 1 to 4 of 4

Thread: openssl

  1. #1

    Default openssl

    I scanned my computer with rkhunter, I am currently running opensuse 10.3, and as a linux newbie was worried when I got this message;
    openssl 0.9.8.e is vulnerable!
    I tried posting on another forum which dealt with rkhunter issues, but was told this vulnerability was an opensuse issue?
    I would love any help on this issue, for I had a similar issue with openssh (which got me hacked recently), but fixed that-now openssl is leaving me at a loss.
    I have guarddog as a firewall, if that helps
    thanks
    Becca

  2. #2
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: openssl

    Are you up to date with your updates from OpenSUSE? If so then don't worry about this case. Often what happens is that vendors like OpenSUSE will patch, for example, openssl with the fixes, but not update the version number/letter in order not to trigger a chain of dependency updates. However naive software that only tests the release version of the package will cry wolf.

    Perhaps somebody with a 10.3 installation (not me anymore) can check their openssl version and report back to double check. The patchlevel number is important here.

    Code:
    rpm -q openssl

  3. #3

    Default Re: openssl

    Thank you for the reply, i typed in the code and got;
    openssl-0.9.8e-45.5
    will this leave me vulnerable?
    I have also changed the openssh ports and blocked port 22.

  4. #4
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: openssl

    openssh and openssl are not related. It's a good idea to change the openssh port anyway.

    That version number is the same as what I get from querying my old 10.3 partition which I stopped using end of June 2008. I don't know if there were any updates after that. Perhaps somebody else actually using 10.3 can help the OP.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •