httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "J.Lance Wilkinson" <jl...@psu.edu>
Subject Re: [users@httpd] Enabling ECDHE ciphers
Date Fri, 18 Apr 2014 18:55:12 GMT
Christopher Schultz wrote:
...snip...
> 
> I don't get it. Both setups (2.2.26 and 2.4.9) have 1.0.1.e and have an
> update available to 1.0.1g (I haven't read the changelogs but I'll bet
> the difference is mostly the version-bump since everyone is paranoid
> about 1.0.1e, now). I'll see if that changes anything.

Chris,
What OS are you running?  RHEL6?

If so, then you actually do have the patched version EQUIVALENT to 1.0.1g,
so my local Linux guru tells me.

On RHEL6, I get:
% openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

BUT, I also get:
~% rpm -q openssl
openssl-1.0.1e-16.el6_5.7.x86_64


RedHat, he tells me, does not distribute the new version but actually weng back 
and applied the relevant patches TO THEIR DISTRIBUTED VERSION.  Note the -16.
That's the indicator.

It seems that RedHat thinks they know better than we.

-- 
J.Lance Wilkinson ("Lance")		InterNet: Lance.Wilkinson@psu.edu
Systems Design Specialist - Lead	Phone: (814) 865-4870
Information Technology Services		FAX:   (814) 863-3560
Penn State University
Digital Library Technologies, E3 Paterno Library, University Park, PA 16802
http://ucs.psu.edu/home/jlw12@psu.edu?fmt=freebusy

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message