[CentOS] OpenSSL vulnerability fix

Tue Mar 31 07:12:03 UTC 2015
Eero Volotinen <eero.volotinen at iki.fi>

Well, read article from: https://access.redhat.com/articles/1384453

Anyway, If You are really running centos 5.5 then you are missing more
important security patches and you should immediately update to latest
version 5.11

--
Eero


2015-03-31 9:57 GMT+03:00 Venkateswara Rao Dokku <dvrao.584 at gmail.com>:

> just for my curiosity, How can we make sure that its not affected?
>
> Is there any script to check whether its vulnerable or not (as in bash
> shell shock vulnerability test)?
>
> On Tue, Mar 31, 2015 at 12:25 PM, Eero Volotinen <eero.volotinen at iki.fi>
> wrote:
>
> > Centos 5 is not affected by this bug, so fix is not available.
> >
> > Eero
> > 31.3.2015 9.48 ap. kirjoitti "Venkateswara Rao Dokku" <
> dvrao.584 at gmail.com
> > >:
> >
> > > Hi All,
> > >
> > > I wanted to fix the openssl vulnerabilities (CVE-2014-3569,
> > CVE-2014-3570,
> > > CVE-2014-3571, CVE-2014-3572) in my CentOS 5.5 and found out that
> 0.9.8zd
> > > has the fixes I am looking for (from the
> > > https://www.openssl.org/news/vulnerabilities.html link).
> > >
> > > But, When I tried to find the openssl-0.9.8zd rpm package, I did not
> find
> > > it in http://mirror.centos.org/centos/5/updates/x86_64/RPMS/.
> > >
> > > The latest that I could find was 0.9.8e-31-el5.
> > >
> > > Can you please help me on how can I find the rpm I am looking for or
> How
> > > can I fix the vulnerabilities.?
> > >
> > > Thanks for your help.
> > >
> > > --
> > > Thanks & Regards,
> > > Venkateswara Rao Dokku.
> > > _______________________________________________
> > > CentOS mailing list
> > > CentOS at centos.org
> > > http://lists.centos.org/mailman/listinfo/centos
> > >
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
>
>
>
> --
> Thanks & Regards,
> Venkateswara Rao Dokku.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>