cancel
Showing results for 
Search instead for 
Did you mean: 

VirusScan Enterprise for Linux Hotfix

I'm running VirusScan Enterprise for Linux 2.0.2.29099 on CentosOS 7.x. I've just installed Hotfix HF-1064407, but OpenSSL version is still showing same as before, though hotfix was installed successfully as the following message appeared after installation:

/opt/NAI/LinuxShield/apache/bin/apachectl startssl: nailswebd started

McAfee VirusScan Enterprise for Linux 2.0.2.29099 Hotfix has been installed successfully.

As mentioned in the release notes OpenSSL version should be upgraded to 1.0.1m but OpenSSL version is still 1.0.1m even after installing HF-1064407.

I'm checking OpenSSL version by following:

openssl version -v

OpenSSL 1.0.1e-fips 11 Feb 2013

Also I checked installed hotfix by running following command:

[root@testvm ~]# cat /opt/NAI/LinuxShield/etc/HF-Version

HF-1064407

Do I need to check somewhere else for OpenSSL version?

Please help.

Regards,

Mobin

  

5 Replies
PhilR
Level 12
Report Inappropriate Content
Message 2 of 6

Re: VirusScan Enterprise for Linux Hotfix

On a fully updated CentOS 7 system:

# which openssl

/usr/bin/openssl

# ls -l /usr/bin/openssl

-rwxr-xr-x. 1 root root 508680 Jun 29 13:48 /usr/bin/openssl

# rpm -qa | grep openssl

openssl-libs-1.0.1e-42.el7.9.x86_64

openssl-1.0.1e-42.el7.9.x86_64

Which contains this security patch (and a later bugfix):

https://rhn.redhat.com/errata/RHSA-2015-1072.html

I suspect you're looking in the wrong place.

Does Virusscan for Linux use statically linked libraries, perhaps, or loads them from somewhere in the product's directory tree?

Highlighted

Re: VirusScan Enterprise for Linux Hotfix

Hi, thanks for the reply. I've ran the above mentioned commands and getting the exact same results, but version shown is 1.0.1e not 1.0.1m.

[root@testvm ~]# which openssl

/usr/bin/openssl

[root@testvm ~]# ls -l /usr/bin/openssl

-rwxr-xr-x. 1 root root 508656 Jun 17  2014 /usr/bin/openssl

[root@testvm ~]# rpm -qa | grep openssl

openssl-libs-1.0.1e-34.el7.x86_64

openssl-1.0.1e-34.el7.x86_64

As Patch was applied successfully, openssl version should be upgraded to 1.0.1m as per release notes.

Sorry I'm lost about the linked libraries. How can I verify that?

Cheers

PhilR
Level 12
Report Inappropriate Content
Message 4 of 6

Re: VirusScan Enterprise for Linux Hotfix

The Linux command ldd is what you need to use.

I don't have virusscan for Linux installed anywhere to check for myself.

Cheers,

Phil

Re: VirusScan Enterprise for Linux Hotfix

Hi, I don't have knowledge about ldd, but I was able to run following commands:

root@testvm ~]# ldd $(which ssh) | grep libssl

        libssl3.so => /lib64/libssl3.so (0x00007f16e1a80000)

[root@testvm ~]# ldconfig -p | grep libssl

        libssl3.so (libc6,x86-64) => /lib64/libssl3.so

        libssl.so.10 (libc6,x86-64) => /lib64/libssl.so.10

I still can't find any info related to OpenSSL version 1.0.1m stated in HF release notes.


Can someone please help.

Regards,

Mobin

PhilR
Level 12
Report Inappropriate Content
Message 6 of 6

Re: VirusScan Enterprise for Linux Hotfix

You need to run ldd against the virusscan executable.

Or be pragmatic and accept what McAfee says about the hotfix.

Hint, it's a hotfix for Virusscan for linux, not your OS, so is unlikely to touch any of the OS-installed components.

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community