I'm running VirusScan Enterprise for Linux 220.127.116.11099 on CentosOS 7.x. I've just installed Hotfix HF-1064407, but OpenSSL version is still showing same as before, though hotfix was installed successfully as the following message appeared after installation:
/opt/NAI/LinuxShield/apache/bin/apachectl startssl: nailswebd started
McAfee VirusScan Enterprise for Linux 18.104.22.168099 Hotfix has been installed successfully.
As mentioned in the release notes OpenSSL version should be upgraded to 1.0.1m but OpenSSL version is still 1.0.1m even after installing HF-1064407.
I'm checking OpenSSL version by following:
openssl version -v
OpenSSL 1.0.1e-fips 11 Feb 2013
Also I checked installed hotfix by running following command:
[root@testvm ~]# cat /opt/NAI/LinuxShield/etc/HF-Version
Do I need to check somewhere else for OpenSSL version?
On a fully updated CentOS 7 system:
# which openssl
# ls -l /usr/bin/openssl
-rwxr-xr-x. 1 root root 508680 Jun 29 13:48 /usr/bin/openssl
# rpm -qa | grep openssl
Which contains this security patch (and a later bugfix):
I suspect you're looking in the wrong place.
Does Virusscan for Linux use statically linked libraries, perhaps, or loads them from somewhere in the product's directory tree?
Hi, thanks for the reply. I've ran the above mentioned commands and getting the exact same results, but version shown is 1.0.1e not 1.0.1m.
[root@testvm ~]# which openssl
[root@testvm ~]# ls -l /usr/bin/openssl
-rwxr-xr-x. 1 root root 508656 Jun 17 2014 /usr/bin/openssl
[root@testvm ~]# rpm -qa | grep openssl
As Patch was applied successfully, openssl version should be upgraded to 1.0.1m as per release notes.
Sorry I'm lost about the linked libraries. How can I verify that?
Hi, I don't have knowledge about ldd, but I was able to run following commands:
root@testvm ~]# ldd $(which ssh) | grep libssl
libssl3.so => /lib64/libssl3.so (0x00007f16e1a80000)
[root@testvm ~]# ldconfig -p | grep libssl
libssl3.so (libc6,x86-64) => /lib64/libssl3.so
libssl.so.10 (libc6,x86-64) => /lib64/libssl.so.10
I still can't find any info related to OpenSSL version 1.0.1m stated in HF release notes.
Can someone please help.
You need to run ldd against the virusscan executable.
Or be pragmatic and accept what McAfee says about the hotfix.
Hint, it's a hotfix for Virusscan for linux, not your OS, so is unlikely to touch any of the OS-installed components.