16.el6_5.7 é a versão corrigida com a correção (consulte a informações do pacote no site do Scientific Linux).
Quando vou correr:
root@vps [~]# yum update -y openssl
Eu recebo:
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.beyondhosting.net
* extras: centos.mirror.nac.net
* updates: centos.netnitco.net
Setting up Update Process
No Packages marked for Update
E se eu correr:
root@vps [~]# yum info openssl
Eu recebo isso, que não é a versão mais recente do OpenSSL e é vulnerável ao heartbleed:
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.beyondhosting.net
* extras: centos.mirror.nac.net
* updates: centos.netnitco.net
Installed Packages
Name : openssl
Arch : x86_64
Version : 1.0.1e
Release : 16.el6_5.7
Size : 4.0 M
Repo : installed
From repo : updates
Summary : A general purpose cryptography library with TLS implementation
URL : http://www.openssl.org/
License : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications
: between machines. OpenSSL includes a certificate management tool
: and shared libraries which provide various cryptographic
: algorithms and protocols.
Available Packages
Name : openssl
Arch : i686
Version : 1.0.1e
Release : 16.el6_5.7
Size : 1.5 M
Repo : updates
Summary : A general purpose cryptography library with TLS implementation
URL : http://www.openssl.org/
License : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications
: between machines. OpenSSL includes a certificate management tool
: and shared libraries which provide various cryptographic
: algorithms and protocols.
Ou esta versão do 1.0.1e não é vulnerável ao heartbleed por algum motivo?
16.el6_5.7 é a versão corrigida com a correção (consulte a informações do pacote no site do Scientific Linux).
Tags yum heartbleed centos6.5