Re: Security implications of openssl098e on CentOS 7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Remember that rhel/centos backports fixes, so just looking version number
is not reliable way to detect security issues.

Eero

2015-10-21 21:18 GMT+03:00 Nick Bright <nick.bright@xxxxxxxxxx>:

> Greetings,
>
> I'm working with a new CentOS 7 installation, moving a system up from
> CentOS 5 due to OpenSSL version 0.9.8e not meeting PCI Compliance
> requirements.
>
> However, while setting up the CentOS 7 environment one of the closed
> source applications is requiring 0.9.8. The software vendor has advised
> installing package openssl098e from yum; but I'm hesitant to do so from a
> compliance and security perspective.
>
> What are the implications of this compatibility package? What does it
> provide/do?
>
> Thank you,
>
> --
> -----------------------------------------------
> -  Nick Bright                                -
> -  Vice President of Technology               -
> -  Valnet -=- We Connect You -=-              -
> -  Tel 888-332-1616 x 315 / Fax 620-331-0789  -
> -  Web http://www.valnet.net/                 -
> -----------------------------------------------
> - Are your files safe?                        -
> - Valnet Vault - Secure Cloud Backup          -
> - More information & 30 day free trial at     -
> - http://www.valnet.net/services/valnet-vault -
> -----------------------------------------------
>
> This email message and any attachments are intended solely for the use of
> the addressees hereof. This message and any attachments may contain
> information that is confidential, privileged and exempt from disclosure
> under applicable law. If you are not the intended recipient of this
> message, you are prohibited from reading, disclosing, reproducing,
> distributing, disseminating or otherwise using this transmission. If you
> have received this message in error, please promptly notify the sender by
> reply E-mail and immediately delete this message from your system.
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux