On 03/23/2015 07:35 AM, Alan McKay wrote: > Is there any update yet on when these fixes might be available in CentOS? As best I understand it, two of the three bugs don't affect the version of openssl currently distributed. The third bug only affects systems with a malformed EC private key, which is a condition that a remote party can't create.