Re: [cobalt-users] [RaQ4] FYI: Apache & SSL Update 2.0.1

[MC Gonzalez <mgonzalez@xxxxxxxxxx>]

On Wed, 2002-10-02 at 18:44, Dave Thurman (Mailing List Email) wrote:
> 
> We just upgraded one of our Raq4's with the new Raq4 security package. Here
> is what we did. BTW this machine is a Raq3 with a Raq4 transplant,
> PKGMaster's OpenWebMail, SSH, PHP 4.1.2, Steve Bassi's Mailscanner as the
> only additions to the box. We had Solar Speeds OpenSSL patch and we are one
> of the unfortunates that installed the SHP from Sun/Cobalt.
> 
> I uninstalled Solar Speed's OpenSSL package and then installed the latest
> Raq4 update: RaQ4-All-Security-2.0.1-2-15787.pkg, this went in fine. We next
> installed the Chili!Soft update for ASP:
> ftp://download.chilisoft.com/pub/chiliasp/cobalt/raq4/RaQ4-chiliasp362-2.pkg
> and then proceeded to reinstall Solar Speeds OpenSSL package:
> http://www.solarspeed.net/freebies/RaQ4-mod_ssl-2.8.4.pkg
> 

Thanks Dave!  I followed this procedure on my development Raq4 and all
seems to have gone well, it rebooted without problems, though I still
also see openssl 0.9.6b as my version.  I had updated openssl manually
when the exploits first were reported.  I also had previously updated
Chilisoft.

I have my fingers crossed that things will go as well with my production
box (also a Raq4, but without the Chilisoft update).

A question.  Do you think reinstalling Openssl 0.9.6g will do any harm
or good?


 
-- 
Marie Gonzalez
AT&T Electronic Customer Care - Newsgroup Support Agent

NOTICE: Please be aware that my first priority is to respond to
customers in the newsgroups. As such, I will not be able to respond to
email until all newsgroup messages have been addressed. You will
receive quicker service by posting your message in the newsgroups rather
than using email.