Johnny Hughes wrote: > On 05/11/2016 11:44 AM, Patrick Rael wrote: >> On 05/11/2016 09:45 AM, Steve Snyder wrote: >>> On Wednesday, May 11, 2016 11:20am, "Patrick Rael" <prael at lumeta.com> >>> said: >>>> Is there an ETA on the openssl security update >>>> (CVE-2016-0799) for >>>> CentOS 6.7? I saw the openssl update for CentOS 7 on 5/9, eagerly >>>> awaiting the same for 6.7. >>>> >>>> Thanks! >>> Looks like Red Hat pushed it to RHEL v6.8, released yesterday. Unless >>> CentOS does a special back-port we'll have to wait for CentOS v6.8 to >>> get the OpenSSL update. >> Is there an ETA on CentOS v6.8? Days? Weeks? Months? (years?) >> I just need to predict when CVE-2016-0799 will be fixed for CentOS 6.7. >> I thought security updates would be available on 6.7 for many more >> years. > > Because Red Hat built that against 6.8 and not 6.7, I have to do the same. > > I expect that the CR rpms for os/ and that openssl update will be > released in the next 2-3 days. > > Thanks, No, thank *you*, Johnny, for all the work you do... and, as I've offered before, if we're ever in the same metro area, I'd be happy to buy you a drink for it all. mark