POODLE on CentOS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



The following updates address POODLE on CentOS:

CentOS-5:
http://lists.centos.org/pipermail/centos-announce/2014-October/020696.html

CentOS-6.5:
http://lists.centos.org/pipermail/centos-announce/2014-October/020697.html

CentOS-7:
http://lists.centos.org/pipermail/centos-announce/2014-October/020695.html

Please note that the CentOS-6.5 updates are built from:

openssl-1.0.1e-30.el6_5.2.src.rpm

This is the version that Red Hat released for RHEL 6.6 as openssl-1.0.1e-30.el6_6.2.src.rpm.  Notice that the dist tag is different for our release.

The reason is that we are currently working on CentOS-6.6 and it will not be released for several more days.  Rather than wait on the POODLE issue, the CentOS team decided to build a version of this update for 6.5:
(the current release, built from openssl-1.0.1e-30.el6_5.2.src.rpm) as well a version based on openssl-1.0.1e-30.el6_6.2.src.rpm as a zeroday update for CentOS-6.6 when it is released.

You must also take action to disable SSLv3 as well as installing these update to mitigate POODLE on CentOS-5, CentOS-6 and/or CentOS-7, please see this link for details:

http://wiki.centos.org/Security/POODLE

Thanks,
Johnny Hughes


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux