In a previous post I referenced how to determine the version of openSSL running on the gateway appliance. I now know that we have 0.9.8e. There is currently a vulnerability in openSSL (http://www.openssl.org/news/secadv_20090325.txt) which needs to be resolved by upgrading to openSSL 0.9.8k.
I logged into out gateway, checked for updates from the System > Updates section but it doesn't report back that it needs anything. However, I know we are running an out of date version of SSL (with respect to this vulnerability).
I want to update openSSL on the appliance. How is this done?
Any info would be great.
If you go to the web interface, there should be an option to apply updates.
Have you applied the updates. There should be an updated called GSBopenssl0.9.8i.
If I log into the appliance and go to System > Scan for updates, it comes back with "Scan Complete" (shown in green text) and no updates listed. Where is it trying to get updates from? The LANDesk core server or from a source on the Internet? Is there anything special that is needed from a firewall perspective to allow the appliance to go and get updates?
It needs to be able to access one of these sites on both port 80 and 443.
US West: patch.landesk.com
US East Coast:patchec.landesk.com
Europe Middle East and Asi: patchemea.landesk.com
The specified document was not found.
Ok. I now have access on ports 80 and 443 to patch.landesk.com (and the others). When I run a Check For UPdates, it reports back all that I need. When I click Apply for the openSSL update, comes back as saying successful, yet the version of SSL is still 0.9.8e (and not 0.9.8.i as the update suggests).