[CentOS] POODLE on CentOS
Johnny Hughes
johnny at centos.orgThu Oct 16 21:11:19 UTC 2014
- Previous message: [CentOS] CentOS-announce Digest, Vol 116, Issue 9
- Next message: [CentOS] POODLE on CentOS
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The following updates address POODLE on CentOS: CentOS-5: http://lists.centos.org/pipermail/centos-announce/2014-October/020696.html CentOS-6.5: http://lists.centos.org/pipermail/centos-announce/2014-October/020697.html CentOS-7: http://lists.centos.org/pipermail/centos-announce/2014-October/020695.html Please note that the CentOS-6.5 updates are built from: openssl-1.0.1e-30.el6_5.2.src.rpm This is the version that Red Hat released for RHEL 6.6 as openssl-1.0.1e-30.el6_6.2.src.rpm. Notice that the dist tag is different for our release. The reason is that we are currently working on CentOS-6.6 and it will not be released for several more days. Rather than wait on the POODLE issue, the CentOS team decided to build a version of this update for 6.5: (the current release, built from openssl-1.0.1e-30.el6_5.2.src.rpm) as well a version based on openssl-1.0.1e-30.el6_6.2.src.rpm as a zeroday update for CentOS-6.6 when it is released. You must also take action to disable SSLv3 as well as installing these update to mitigate POODLE on CentOS-5, CentOS-6 and/or CentOS-7, please see this link for details: http://wiki.centos.org/Security/POODLE Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20141016/466453ce/attachment.sig>
- Previous message: [CentOS] CentOS-announce Digest, Vol 116, Issue 9
- Next message: [CentOS] POODLE on CentOS
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list