# Upgrading OpenSSL in FreeBSD 7.1



## Vetri (Aug 26, 2014)

Hello Experts,

I am completely new to FreeBSD OS and I am running FreeBSD 7.1 with pre-installed OpenSSL 0.9.8e version.

To address CVE-2014-0224 and CVE-2009-3555 I need to upgrade the OpenSSL version to 0.9.8za.

What's the best option to do it?

From surfing the net it looks like the following commands will help. Is it true? If so then what's the OpenSSL version it will upgrade?


```
# freebsd-update fetch
# freebsd-update install
```
Any help on this will be really helpful.


----------



## ljboiler (Aug 26, 2014)

For supported versions of FreeBSD, those would be the exact commands to use.  However, FreeBSD 7 is not a supported version.  You would have to upgrade to FreeBSD 8.4 or newer.


----------



## asteriskRoss (Aug 26, 2014)

Unfortunately, support for FreeBSD 7.1 ended on 28 February 2011.  A list of currently supported versions of FreeBSD is listed on the security information page.  The freebsd-update(8) commands that you listed will update supported versions of FreeBSD with all available security patches, including one for CVE-2014-0224, which was released after support for FreeBSD 7.1 ended.


----------



## Vetri (Aug 27, 2014)

Thanks for the immediate responses.

I will check with management regarding the FreeBSD OS upgrade to 8.4

Is there any other way to upgrade openssl to 0.9.8za in FreeBSD 7.1


----------



## asteriskRoss (Aug 27, 2014)

Vetri said:
			
		

> Is there any other way to upgrade openssl to 0.9.8za in FreeBSD 7.1


There is no official or supported way of doing what you want.  In terms of looking for another (albeit terrible) option to present to your management, since FreeBSD is an open source project, you could build your own version, taking the 7.1 source code and attempting to integrate the most recent version ("back port") of OpenSSL before recompiling.  You would be unlikely to receive help on the forums in such an endeavour; see "Topics about unsupported FreeBSD versions" in the forum guidelines - Thread 40469.  Even if you were successful, you would be left with an unsupported, bespoke version of FreeBSD with other known security vulnerabilities.  Upgrading is definitely the way to go.


----------



## kpa (Aug 27, 2014)

With the same effort that you use to upgrade to 8.4 you could just as well upgrade to 9.3. Version 8.4 of FreeBSD is supported until June 30, 2015 *) and there won't be a version 8.5. Version 9.3 was just released and will be supported until December 31, 2016 and it's very likely that there will be version 9.4 released next year.

*) https://www.freebsd.org/security/index.html#sup


----------



## nakal (Aug 27, 2014)

This smells like another Metin2 thread.


----------



## kpa (Aug 27, 2014)

nakal said:
			
		

> This smells like another Metin2 thread.



Maybe not, Metin2 was specifically made to require FreeBSD 7.2 and the version in question here is 7.1.


----------



## DutchDaemon (Aug 27, 2014)

Locking this. Staying on FreeBSD 7 should not be advised or even condoned by anyone taking security seriously. Upgrade to a supported version.


----------

