The following updates address POODLE on CentOS: CentOS-5: http://lists.centos.org/pipermail/centos-announce/2014-October/020696.html CentOS-6.5: http://lists.centos.org/pipermail/centos-announce/2014-October/020697.html CentOS-7: http://lists.centos.org/pipermail/centos-announce/2014-October/020695.html Please note that the CentOS-6.5 updates are built from: openssl-1.0.1e-30.el6_5.2.src.rpm This is the version that Red Hat released for RHEL 6.6 as openssl-1.0.1e-30.el6_6.2.src.rpm. Notice that the dist tag is different for our release. The reason is that we are currently working on CentOS-6.6 and it will not be released for several more days. Rather than wait on the POODLE issue, the CentOS team decided to build a version of this update for 6.5: (the current release, built from openssl-1.0.1e-30.el6_5.2.src.rpm) as well a version based on openssl-1.0.1e-30.el6_6.2.src.rpm as a zeroday update for CentOS-6.6 when it is released. You must also take action to disable SSLv3 as well as installing these update to mitigate POODLE on CentOS-5, CentOS-6 and/or CentOS-7, please see this link for details: http://wiki.centos.org/Security/POODLE Thanks, Johnny Hughes
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
