Я установил и настроил rkhunter на Centos, и у меня нет предупреждения кроме
Проверка версии OpenSSL [Предупреждение]
когда я проверяю файл журнала, я вижу, что должен обновить openssl
root@server [~]# openssl version -a
OpenSSL 1.0.1e-fips 11 Feb 2013
built on: Mon Jun 15 18:29:40 UTC 2015
platform: linux-x86_64
options: bn(64,64) md2(int) rc4(16x,int) des(idx,cisc,16,int) idea(int) blowfish(idx)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack -DPURIFY -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: "/etc/pki/tls"
engines: dynamic
Я попытался обновить openssl с конфеткой openssl обновление, но, это говорит, что это актуально
root@server [~]# rpm -q --changelog openssl | grep CVE-2014-0224
- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support
- fix CVE-2014-0224 - SSL/TLS MITM vulnerability
Скажите мне, что сделать для фиксации этого предупреждения
RedHat / CentOS kaore i te tango i nga waahanga hou o nga peeke penei i te OpenSSL ki nga whakaputanga tawhito, "backport" anake nga whakatika ahuru; tirohia te https://access.redhat.com/security/updates/backporting .
Kia mahara ki te ra "hanga" i te putanga -a
he mea hou ake i te ra tuku a te OpenSSL mo te 1.0.1e. Ana ki te titiro koe ki te panui i te ingoa rpm me te rpm -q
me kite koe openssl-1.0.1e-30.el6
- te "- 30 "e tohu ana i nga tuara i honoa ki nga mea i tiimata mai i te huringa 1.0.1e.
Mena ka hiahia noa koe ki te putanga haumaru, kua riro i a koe. Mena kei te hiahia koe i te o naianei pea kaore i te hototahi, ka taea te hanga mai i te puna whakarunga; tirohia te https://stackoverflow.com/questions/22952287/how-to-upgrade-openssl-in-centos-6-5-linux-unix-from-source . Ko te tikanga he penei i te nuinga o nga kaupapa tuwhera: tar zx && ./config [opts] && hanga && whakamatau && whakauru
; tirohia te WHAKATAKI
konae me / te Whirihorahia te
tuhinga (kei runga ake o te tangohanga) mo nga korero taipitopito.
I penei ano ahau i mua i runga i te RedHat me te putanga 1.0.0. I puta te putanga hou e ai ki te RedHat. Ka taea e koe te whakarere i tenei korero, te taapiri ranei i te APP_WHITELIST = "openssl: 1.0.0"
kia whakaae a rkhunter
ki tenei waahanga kaore e taarua te whakatupato.