Bug 85708 - openssl bug updated to 0.9.7a apache still reports 0.9.6b
openssl bug updated to 0.9.7a apache still reports 0.9.6b
Product: Red Hat Linux
Classification: Retired
Component: apache (Show other bugs)
i386 Linux
high Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
: Security
Depends On:
  Show dependency treegraph
Reported: 2003-03-06 06:22 EST by Need Real Name
Modified: 2007-03-27 00:01 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-03-06 10:14:15 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2003-03-06 06:22:15 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)

Description of problem:
Since all I have seen from Red Hat regarding the latest openssl bug was a 
cool "Look at openssl.org" I did that and compiled the latest 
openssl package 0.9.7a

Comiling and installing went ok without errors. 

The old binary openssl in /usr/bin was renamed and a link called openssl 
created to the new openssl binary (residing at /usr/local/ssl/bin)

Doing $openssl version on the console reports correctly 0.9.7a

By requesting the http server with wget -Sv https://ipadress I still get 
reported that OpenSSL would be version o.9.6b

Bring out a patched openssl package soon which considers all that problems or 
at least bring out some description howto cope that stuff. 
Really, many other way more uniteresting bugs were fixed in a much quicker 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. download openssl 0.9.7a (tar.gz) from openssl.org
2. compile and install it 
3. rename openssl in /usr/bin
4. set a link to the new openssl at /usr/local/ssl/bin named openssl 
in /usr/bin 
5. make sure your apache is running and configured to answer http/https 
6. ask him with wget -Sv 


Actual Results:  See description

Expected Results:  wget should report openssl version 0.9.7a instead

Additional info:
Comment 1 Mark J. Cox (Product Security) 2003-03-06 10:14:15 EST
Updated OpenSSL packages are available at

Note You need to log in before you can comment on or make changes to this bug.