Hi, Is there an ETA on the openssl security update (CVE-2016-0799) for CentOS 6.7? I saw the openssl update for CentOS 7 on 5/9, eagerly awaiting the same for 6.7. Thanks! -->Pat
On Wednesday, May 11, 2016 11:20am, "Patrick Rael" <prael at lumeta.com> said:> Hi, > Is there an ETA on the openssl security update (CVE-2016-0799) for > CentOS 6.7? I saw the openssl update for CentOS 7 on 5/9, eagerly > awaiting > the same for 6.7. > > Thanks!Looks like Red Hat pushed it to RHEL v6.8, released yesterday. Unless CentOS does a special back-port we'll have to wait for CentOS v6.8 to get the OpenSSL update.
Gilbert Sebenste
2016-May-11 15:48 UTC
[CentOS] openssl Security Update for CentOS 6.7 ETA
On Wed, 11 May 2016, Steve Snyder wrote:> On Wednesday, May 11, 2016 11:20am, "Patrick Rael" <prael at lumeta.com> said: > >> Hi, >> Is there an ETA on the openssl security update (CVE-2016-0799) for >> CentOS 6.7? I saw the openssl update for CentOS 7 on 5/9, eagerly >> awaiting >> the same for 6.7. >> >> Thanks! > > Looks like Red Hat pushed it to RHEL v6.8, released yesterday. Unless > CentOS does a special back-port we'll have to wait for CentOS v6.8 to > get the OpenSSL update.Or, if you have the CR repo installed, you should get it a lot quicker. Gilbert ******************************************************************************* Gilbert Sebenste ******** (My opinions only!) ****** *******************************************************************************
Peter Kjellström
2016-May-11 16:11 UTC
[CentOS] openssl Security Update for CentOS 6.7 ETA
On Wed, 11 May 2016 09:20:54 -0600 Patrick Rael <prael at lumeta.com> wrote:> Hi, > Is there an ETA on the openssl security update > (CVE-2016-0799) for CentOS 6.7? I saw the openssl update for > CentOS 7 on 5/9, eagerly awaiting > the same for 6.7.The fix/RHSA is here: https://rhn.redhat.com/errata/RHSA-2016-0996.html But as Steve pointed out it's part of 6.8 (hence the current unavailability). /Peter K
On 05/11/2016 09:45 AM, Steve Snyder wrote:> > On Wednesday, May 11, 2016 11:20am, "Patrick Rael" <prael at lumeta.com> said: > >> Hi, >> Is there an ETA on the openssl security update (CVE-2016-0799) for >> CentOS 6.7? I saw the openssl update for CentOS 7 on 5/9, eagerly >> awaiting >> the same for 6.7. >> >> Thanks! > Looks like Red Hat pushed it to RHEL v6.8, released yesterday. Unless CentOS does a special back-port we'll have to wait for CentOS v6.8 to get the OpenSSL update.Is there an ETA on CentOS v6.8? Days? Weeks? Months? (years?) I just need to predict when CVE-2016-0799 will be fixed for CentOS 6.7. I thought security updates would be available on 6.7 for many more years. Best regards! -- Patrick Rael Contractor, Lumeta Corporation Network Situational Awareness Phone: 703-298-3276