Displaying 2 results from an estimated 2 matches for "ssl098e".
2015 Oct 21
0
Re: Security implications of openssl098e on CentOS 7
...> a remote data center.
>
> My concern is that, with the compatibility package installed, could this
> present vulnerabilities or compliance problems in Apache?
TL;DR: Preload openssl from non-standard location for closed-source app only.
Hmm, how about taking the content of the openssl098e package, put
it into a directory relative to the closed source software (e.g. /opt),
and create a wrapper script, similar to the following example:
[code]
#!/usr/bin/bash
# This is a wrapper for app to use openssl 0.9.8 (unsafe)
# app is in /opt/app/
# app starter is /opt/app/bin/starter
# ssl098e...
2015 Oct 21
6
Security implications of openssl098e on CentOS 7
On 10/21/2015 1:55 PM, Andrew Holway wrote:
> Personally I would go round to that particular vendors office with a pipe
> wrench and encourage them to do better however, unless this software is
> transmitting credit card information then it seems that you could be
> safe(ish) from the regulation standpoint. It really depends on the location
> of the machine. Is it deep in the bowels