How to upgrade OpenSSL in Zimbra 8.0.9 GA FOSS (CentOS 6.7) ?

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
Andy2022
Posts: 1
Joined: Fri May 06, 2016 8:13 pm

How to upgrade OpenSSL in Zimbra 8.0.9 GA FOSS (CentOS 6.7) ?

Post by Andy2022 »

Hello,
Due to new critical vulnerabilities in OpenSSL (CVE-2016-210x), how can I upgrade vulnerable OpenSSL-1.0.1j to OpenSSL-1.0.1t in Zimbra 8.0.9 GA FOSS (CentOS 6.7) ?
User avatar
quanah
Zimbra Alumni
Zimbra Alumni
Posts: 1668
Joined: Fri Sep 12, 2014 10:33 pm
Contact:

Re: How to upgrade OpenSSL in Zimbra 8.0.9 GA FOSS (CentOS 6.7) ?

Post by quanah »

Andy2022 wrote:Hello,
Due to new critical vulnerabilities in OpenSSL (CVE-2016-210x), how can I upgrade vulnerable OpenSSL-1.0.1j to OpenSSL-1.0.1t in Zimbra 8.0.9 GA FOSS (CentOS 6.7) ?
You could download the source for how we build OpenSSL from git.zimbra.com, see https://wiki.zimbra.com/wiki/Building_Zimbra_using_Git

However, I will note that the server will be offline this weekend for a migration.
--
Quanah Gibson-Mount
Product Architect, Symas http://www.symas.com/
OpenLDAP Core team http://www.openldap.org/project/
User avatar
quanah
Zimbra Alumni
Zimbra Alumni
Posts: 1668
Joined: Fri Sep 12, 2014 10:33 pm
Contact:

Re: How to upgrade OpenSSL in Zimbra 8.0.9 GA FOSS (CentOS 6.7) ?

Post by quanah »

quanah wrote:
Andy2022 wrote:Hello,
Due to new critical vulnerabilities in OpenSSL (CVE-2016-210x), how can I upgrade vulnerable OpenSSL-1.0.1j to OpenSSL-1.0.1t in Zimbra 8.0.9 GA FOSS (CentOS 6.7) ?
You could download the source for how we build OpenSSL from git.zimbra.com, see https://wiki.zimbra.com/wiki/Building_Zimbra_using_Git

However, I will note that the server will be offline this weekend for a migration.

Also I would advise upgrading to Zimbra 8.7 once it releases. It uses a repository for OpenSSL, so we can push updates to end users w/o having to cut a new release.
--
Quanah Gibson-Mount
Product Architect, Symas http://www.symas.com/
OpenLDAP Core team http://www.openldap.org/project/
Post Reply