search for: openssl098e

...Security Advisory 2016:0372 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0372.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: e87cdaa0c6d6528e4395026ed75dd8c06d1d9cd20cbfc2b88b0d6046482aaa82 openssl098e-0.9.8e-20.el6.centos.1.i686.rpm x86_64: e87cdaa0c6d6528e4395026ed75dd8c06d1d9cd20cbfc2b88b0d6046482aaa82 openssl098e-0.9.8e-20.el6.centos.1.i686.rpm 5c8881e272b9b1415d175bc1f4eecce80ea15b4090aac9725dfe67c19db53f70 openssl098e-0.9.8e-20.el6.centos.1.x86_64.rpm Source: 7fea74c0623b0c425d9ff03e241...

...Security Advisory 2014:0626 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0626.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 4911acddf50a3f48cc5d2ce6f4011193a06112142a2d93e7e9f36aa7fd44e1bd openssl098e-0.9.8e-18.el6_5.2.i686.rpm x86_64: 4911acddf50a3f48cc5d2ce6f4011193a06112142a2d93e7e9f36aa7fd44e1bd openssl098e-0.9.8e-18.el6_5.2.i686.rpm 5da4e81c728ae6199597cdd1107e244b7920e1d3425828db435bff7b22c62509 openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm Source: 25cdd2928d00f8aec7e84cd5937ecf9ad869256c98...

...to > a remote data center. > > My concern is that, with the compatibility package installed, could this > present vulnerabilities or compliance problems in Apache? TL;DR: Preload openssl from non-standard location for closed-source app only. Hmm, how about taking the content of the openssl098e package, put it into a directory relative to the closed source software (e.g. /opt), and create a wrapper script, similar to the following example: [code] #!/usr/bin/bash # This is a wrapper for app to use openssl 0.9.8 (unsafe) # app is in /opt/app/ # app starter is /opt/app/bin/starter # ssl098e...

...ecurity Advisory 2016:0372 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0372.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: bda50ad8086ae3f1265eab271d0523c86cde3e9d1ef1fccbd4cce1abf13636e8 openssl098e-0.9.8e-29.el7.centos.3.i686.rpm 65f73db4d80916a1315f5d6b79cc6dcfbed20ccf84a3a7ab05600b287ab25fcf openssl098e-0.9.8e-29.el7.centos.3.x86_64.rpm Source: c26eecaec1161dca9a32db13cd26c70f811bdb3050b30e02b4ea483d31c67d44 openssl098e-0.9.8e-29.el7.centos.3.src.rpm -- Johnny Hughes CentOS Project {...

On 10/21/2015 1:55 PM, Andrew Holway wrote: > Personally I would go round to that particular vendors office with a pipe > wrench and encourage them to do better however, unless this software is > transmitting credit card information then it seems that you could be > safe(ish) from the regulation standpoint. It really depends on the location > of the machine. Is it deep in the bowels

...ic than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2016:0346 Important CentOS 7 postgresql Security Update (Johnny Hughes) 2. CESA-2016:0370 Critical CentOS 7 nss-util Security Update (Johnny Hughes) 3. CESA-2016:0372 Important CentOS 7 openssl098e Security Update (Johnny Hughes) 4. CESA-2016:0372 Important CentOS 6 openssl098e Security Update (Johnny Hughes) 5. CESA-2016:0370 Critical CentOS 6 nss-util Security Update (Johnny Hughes) 6. CESA-2016:0371 Critical CentOS 5 nss Security Update (Johnny Hughes) 7...

...tion, moving a system up from > CentOS 5 due to OpenSSL version 0.9.8e not meeting PCI Compliance > requirements. > > However, while setting up the CentOS 7 environment one of the closed > source applications is requiring 0.9.8. The software vendor has advised > installing package openssl098e from yum; but I'm hesitant to do so from a > compliance and security perspective. > > What are the implications of this compatibility package? What does it > provide/do? > > Thank you, > > -- > ----------------------------------------------- > - Nick Bright...

...tion, moving a system up from > CentOS 5 due to OpenSSL version 0.9.8e not meeting PCI Compliance > requirements. > > However, while setting up the CentOS 7 environment one of the closed > source applications is requiring 0.9.8. The software vendor has advised > installing package openssl098e from yum; but I'm hesitant to do so from a > compliance and security perspective. > > What are the implications of this compatibility package? What does it > provide/do? > > Thank you, > > -- > ----------------------------------------------- > - Nick Bright...

...h a new CentOS 7 installation, moving a system up from CentOS 5 due to OpenSSL version 0.9.8e not meeting PCI Compliance requirements. However, while setting up the CentOS 7 environment one of the closed source applications is requiring 0.9.8. The software vendor has advised installing package openssl098e from yum; but I'm hesitant to do so from a compliance and security perspective. What are the implications of this compatibility package? What does it provide/do? Thank you, -- ----------------------------------------------- - Nick Bright - - Vice President...

On 10/21/2015 2:34 PM, Eero Volotinen wrote: > Remember that rhel/centos backports fixes, so just looking version > number is not reliable way to detect security issues. > > Eero Indeed, though I can say on CentOS 5 the required configuration to be PCI compliand is not valid in apache, and httpd will not start. -- ----------------------------------------------- - Nick Bright

...Security Advisory 2012:0518 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0518.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 862142d2d7adc74311d7312c6ace396d36b6c8f3a0708f6fe5e0d3977d00a871 openssl098e-0.9.8e-17.el6.centos.2.i686.rpm daf42680787be3dd52f60869192546aee755b30d52ce41c60a42c22b5b866598 openssl-1.0.0-20.el6_2.4.i686.rpm c9f5d447c6ceb802f584ec00f9471aad9dc9b07aaee8752c93628bb85fed6d22 openssl-devel-1.0.0-20.el6_2.4.i686.rpm 505cd20ca28023c5a57c21a77d27579cf86c89681aecad05b1390940ae04a...

...centos-announce-owner at centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2014:0625 Important CentOS 6 openssl Update (Karanbir Singh) 2. CESA-2014:0626 Important CentOS 6 openssl098e Update (Karanbir Singh) 3. CESA-2014:0626 Important CentOS 5 openssl097a Update (Karanbir Singh) 4. CESA-2014:0624 Important CentOS 5 openssl Update (Karanbir Singh) 5. Re: CESA-2014:0624 Important CentOS 5 openssl Update (Karanbir Singh) 6. CESA-2014:0624 Important Ce...

imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little

Hi list, ? I am currently trying to configure dovecot to act as a imap proxy in front of a Groupwise server. Because of a policy no services of the gw server may be directly served to the web. So currently this is only a security measure. Dovecot was previously used for providing sasl-auth capabilities to postfix. IMAP proxy features should be added now. Authentication backend is LDAP. OS is

...Security Advisory 2012:0518 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0518.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 862142d2d7adc74311d7312c6ace396d36b6c8f3a0708f6fe5e0d3977d00a871 openssl098e-0.9.8e-17.el6.centos.2.i686.rpm daf42680787be3dd52f60869192546aee755b30d52ce41c60a42c22b5b866598 openssl-1.0.0-20.el6_2.4.i686.rpm c9f5d447c6ceb802f584ec00f9471aad9dc9b07aaee8752c93628bb85fed6d22 openssl-devel-1.0.0-20.el6_2.4.i686.rpm 505cd20ca28023c5a57c21a77d27579cf86c89681aecad05b1390940ae04a...

hi I want to use ECC(ellyptic curve cryptography) for SSL-connections but somehow dovecot doesn't like my ECC-certificates :( I tried to test using following scenario: machine: debian 6 (x64) dovecot 2.0.15-0~auto+21 ((f6a2c0e8bc03) from http://xi.rename-it.nl/debian openssl 1.0.0e-2 from testing (as the default 0.9.8o-4squeeze3 needs also the parameter -cipher ECCdraft for testing)

...h fixes this specific issue: https://access.redhat.com/site/articles/20490#Updates_adding_RFC_5746_support I created rpm for openssl-0.9.8m using tarball and when I tried to install it, I got "libssl.so.6()(64bit) is needed by <rpm name>" errors which would be solved by installing openssl098e rpm. This rpm is a part of CentOS 6 and so I can't install it. Do we have openssl-0.9.8m or higher rpm available for CentOS 5? Or any other way I could resolve errors "libssl.so.6()(64bit) is needed by <rpm name>"? Or any suggestions on the mentioned "SSL/ TLS Renegotion H...

...https://access.redhat.com/errata/RHSA-2014:0687 mariadb-5.5.37-1.el7_0.src.rpm https://access.redhat.com/errata/RHSA-2014:0702 microcode_ctl-2.1-7.1.el7_0.1.src.rpm https://access.redhat.com/errata/RHBA-2014:0730 openssl-1.0.1e-34.el7_0.3.src.rpm https://access.redhat.com/errata/RHSA-2014:0679 openssl098e-0.9.8e-29.el7.centos.2.src.rpm https://access.redhat.com/errata/RHSA-2014:0680 pacemaker-1.1.10-31.el7_0.src.rpm https://access.redhat.com/errata/RHBA-2014:0725 qemu-kvm-1.5.3-60.el7_0.2.src.rpm https://access.redhat.com/errata/RHSA-2014:0704 samba-4.1.1-33.el7_0.src.rpm https://access.redhat.co...

...https://access.redhat.com/errata/RHSA-2014:0687 mariadb-5.5.37-1.el7_0.src.rpm https://access.redhat.com/errata/RHSA-2014:0702 microcode_ctl-2.1-7.1.el7_0.1.src.rpm https://access.redhat.com/errata/RHBA-2014:0730 openssl-1.0.1e-34.el7_0.3.src.rpm https://access.redhat.com/errata/RHSA-2014:0679 openssl098e-0.9.8e-29.el7.centos.2.src.rpm https://access.redhat.com/errata/RHSA-2014:0680 pacemaker-1.1.10-31.el7_0.src.rpm https://access.redhat.com/errata/RHBA-2014:0725 qemu-kvm-1.5.3-60.el7_0.2.src.rpm https://access.redhat.com/errata/RHSA-2014:0704 samba-4.1.1-33.el7_0.src.rpm https://access.redhat.co...

....x86_64 openldap-clients-2.4.19-15.el6_0.2.x86_64 openldap-devel-2.4.19-15.el6_0.2.x86_64 openldap-servers-2.4.19-15.el6_0.2.x86_64 openobex-1.4-7.el6.x86_64 openssh-5.3p1-20.el6_0.3.x86_64 openssh-clients-5.3p1-20.el6_0.3.x86_64 openssh-server-5.3p1-20.el6_0.3.x86_64 openssl-1.0.0-4.el6_0.2.x86_64 openssl098e-0.9.8e-17.el6.centos.x86_64 pakchois-0.4-3.2.el6.x86_64 pam-1.1.1-4.el6_0.1.x86_64 pam_krb5-2.3.11-1.el6.x86_64 pam_ldap-185-5.el6.x86_64 pam_passwdqc-1.0.5-6.el6.x86_64 pango-1.28.1-3.el6_0.5.x86_64 pangomm-2.26.0-1.el6.x86_64 parted-2.1-10.el6.x86_64 passwd-0.77-4.el6.x86_64 patch-2.6-6.el6.x86_6...