Patrick Rael wrote: > On 05/11/2016 09:45 AM, Steve Snyder wrote: >> >> On Wednesday, May 11, 2016 11:20am, "Patrick Rael" <prael at lumeta.com> >> said: >> >>> Hi, >>> Is there an ETA on the openssl security update (CVE-2016-0799) for >>> CentOS 6.7? I saw the openssl update for CentOS 7 on 5/9, eagerly >>> awaiting the same for 6.7. >>> >> Looks like Red Hat pushed it to RHEL v6.8, released yesterday. Unless >> CentOS does a special back-port we'll have to wait for CentOS v6.8 to >> get the OpenSSL update. > Is there an ETA on CentOS v6.8? Days? Weeks? Months? (years?) > I just need to predict when CVE-2016-0799 will be fixed for CentOS 6.7. > I thought security updates would be available on 6.7 for many more years. > Please - it was *just* released, and the build team is presumably already on it. Hopefully, upstream hasn't screwed with their build environment again. At any rate, when upstream did, it took our build team about a month to get builds working again; if they haven't, then I'd hope for a few weeks. PLEASEPLEASEPLEASEPLEASE people, *don't* turn this into a 5k posts a day arguing over whether the build team is lazy, or 75% of them "ANYTHING NEW?! HOW SOON?!!!!!!!!! Give them some bloody time, children. It's a job of work, as the old saying goes. mark