[CentOS] Security implications of openssl098e on CentOS 7
Eero Volotinen
eero.volotinen at iki.fi
Wed Oct 21 19:40:18 UTC 2015
Ok, I just forget that latest PCI DSS standard requires TLSv1.2 that is not
supported under CentOS/RHEL 5.
So, you are using https to transfer credit card data?
--
Eero
2015-10-21 22:37 GMT+03:00 Nick Bright <nick.bright at valnet.net>:
> On 10/21/2015 2:34 PM, Eero Volotinen wrote:
>
>> Remember that rhel/centos backports fixes, so just looking version number
>> is not reliable way to detect security issues.
>>
>> Eero
>>
> Indeed, though I can say on CentOS 5 the required configuration to be PCI
> compliand is not valid in apache, and httpd will not start.
>
>
> --
> -----------------------------------------------
> - Nick Bright -
> - Vice President of Technology -
> - Valnet -=- We Connect You -=- -
> - Tel 888-332-1616 x 315 / Fax 620-331-0789 -
> - Web http://www.valnet.net/ -
> -----------------------------------------------
> - Are your files safe? -
> - Valnet Vault - Secure Cloud Backup -
> - More information & 30 day free trial at -
> - http://www.valnet.net/services/valnet-vault -
> -----------------------------------------------
>
> This email message and any attachments are intended solely for the use of
> the addressees hereof. This message and any attachments may contain
> information that is confidential, privileged and exempt from disclosure
> under applicable law. If you are not the intended recipient of this
> message, you are prohibited from reading, disclosing, reproducing,
> distributing, disseminating or otherwise using this transmission. If you
> have received this message in error, please promptly notify the sender by
> reply E-mail and immediately delete this message from your system.
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
More information about the CentOS
mailing list