无法更新 CentOS 6.5 和 OpenSSL

tag-icon tag-icon centos openssl
无法更新 CentOS 6.5 和 OpenSSL

当尝试在 CentOS 上更新 OpenSSL 时,我收到一些奇怪的错误。

#rpm -qi openssl-libs
Name        : openssl-libs                 Relocations: (not relocatable)
Version     : 1.0.1e                            Vendor: (none)
Release     : 19.el6                        Build Date: Thu 02 Jan 2014 07:35:50 PM UTC
Install Date: Thu 02 Jan 2014 07:42:06 PM UTC      Build Host: xxxxxx
Group       : System Environment/Libraries   Source RPM: openssl-1.0.1e-19.el6.src.rpm
Size        : 2668401                          License: OpenSSL
Signature   : (none)
URL         : http://www.openssl.org/
Summary     : A general purpose cryptography library with TLS implementation
Description :
OpenSSL is a toolkit for supporting cryptography. The openssl-libs
package contains the libraries that are used by various applications which
support cryptographic algorithms and protocols.

# yum info openssl
Loaded plugins: aliases, replace, security
Installed Packages
Name        : openssl
Arch        : x86_64
Version     : 1.0.1e
Release     : 16.el6_5.4
Size        : 4.0 M
Repo        : installed
Summary     : A general purpose cryptography library with TLS implementation
URL         : http://www.openssl.org/
License     : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications between
            : machines. OpenSSL includes a certificate management tool and shared
            : libraries which provide various cryptographic algorithms and
            : protocols.

Available Packages
Name        : openssl
Arch        : i686
Version     : 1.0.1e
Release     : 30.el6_5.2
Size        : 1.5 M
Repo        : updates
Summary     : A general purpose cryptography library with TLS implementation
URL         : http://www.openssl.org/
License     : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications between
            : machines. OpenSSL includes a certificate management tool and shared
            : libraries which provide various cryptographic algorithms and
            : protocols.

Name        : openssl
Arch        : x86_64
Version     : 1.0.1e
Release     : 30.el6_5.2
Size        : 1.5 M
Repo        : updates
Summary     : A general purpose cryptography library with TLS implementation
URL         : http://www.openssl.org/
License     : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications between
            : machines. OpenSSL includes a certificate management tool and shared
            : libraries which provide various cryptographic algorithms and
            : protocols.

#openssl version -a
OpenSSL 1.0.1e-fips 11 Feb 2013
built on: Wed Jan  8 18:40:59 UTC 2014
platform: linux-x86_64
options:  bn(64,64) md2(int) rc4(8x,int) des(idx,cisc,16,int) idea(int) blowfish(idx) 
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack -DPURIFY -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: "/etc/pki/tls"
engines:  dynamic

但是当我尝试运行 yum 来更新它时出现了冲突:

#yum -y install openssl
Loaded plugins: aliases, replace, security
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package openssl.x86_64 0:1.0.1e-16.el6_5.4 will be updated
---> Package openssl.x86_64 0:1.0.1e-30.el6_5.2 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

=======================================================================================================
 Package              Arch                Version                           Repository            Size
=======================================================================================================
Updating:
 openssl              x86_64              1.0.1e-30.el6_5.2                 updates              1.5 M

Transaction Summary
=======================================================================================================
Upgrade       1 Package(s)

Total size: 1.5 M
Downloading Packages:
Running rpm_check_debug
Running Transaction Test


Transaction Check Error:
  file /usr/lib64/libcrypto.so.1.0.1e from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/libssl.so.1.0.1e from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/lib4758cca.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libaep.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libatalla.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libcapi.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libchil.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libcswift.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libgmp.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libnuron.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libpadlock.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libsureware.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64
  file /usr/lib64/openssl/engines/libubsec.so from install of openssl-1.0.1e-30.el6_5.2.x86_64 conflicts with file from package openssl-libs-1:1.0.1e-19.el6.x86_64

关于如何纠正这个问题有什么帮助吗?

更新

使用@Michael的建议,我能够更新OpenSSL

Installed Packages
Name        : openssl
Arch        : x86_64
Version     : 1.0.1e
Release     : 30.el6_5.2
Size        : 4.0 M
Repo        : installed
From repo   : updates

答案1

您的系统上安装了一个软件包openssl-libs,但其来源非常可疑。据我所知,没有为 EL6 分发过这样的二进制软件包。虽然有一个软件包拆分,但它仅适用于 EL7。

要解决此问题,您需要删除有问题的openssl-libs软件包并openssl同时更新该软件包。为此,您可以使用 yum shell。

# yum shell
> remove openssl-libs
> update openssl
> run

在执行此操作之前,您可能需要查看该可疑软件包的信息,看看是否可以确定其来源。系统上有此类软件包可能表明存在安全隐患。

rpm -qi openssl-libs

您发布的有关此软件包的信息证实它不是官方软件包,但没有说明它的来源。您几乎肯定会想立即删除它,并引发安全事件,将系统视为可能受到损害。

相关内容