[BlueOnyx:15172] Re: OpenSSL (CenOS-6.5/SL-6.5) CVE-2014-0160
Alex Anseel - Titelive
anseel.a at titelive.be
Fri Apr 11 02:12:03 -05 2014
Hi Michael,
Ok I found what you expected but openssl version gives OpenSSL 1.0.1e-fips 11 Feb 2013
How to be sure to run the last version ?
Thanks
Alex
-----Message d'origine-----
De : blueonyx-bounces at mail.blueonyx.it [mailto:blueonyx-bounces at mail.blueonyx.it] De la part de Michael Stauber
Envoyé : jeudi 10 avril 2014 19:03
À : BlueOnyx General Mailing List
Objet : [BlueOnyx:15163] Re: OpenSSL (CenOS-6.5/SL-6.5) CVE-2014-0160
Hi Alex,
> A yum --list gives:
> yum list openssl
> Loaded plugins: security
> Installed Packages
> openssl.x86_64 1.0.1e-16.el6_5.7 @BlueOnyx
> Available Packages
> openssl.i686 1.0.1e-16.el6_5.7 sl-security
>
> what's wrong ?
The CentOS mirrors were slow to distribute the fixed openssl. So on the release day of the update, the UK mirrors (and some others) still didn't have the new OpenSSL even hours after it had been released.
To speed up the distribution and to make it available immediately to BlueOnyx users I added the fixed OpenSSL from SL-6.5 to the BlueOnyx YUM repository for 5107R/5108R as well.
Do a "rpm -q --changelog openssl|more" to take a look at the changelog of the RPM. You'll see that it contains the fix against CVE-2014-0160.
--
With best regards
Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list