[CentOS] openssl Security Update for CentOS 6.7 ETA

Wed May 11 19:49:02 UTC 2016
m.roth at 5-cent.us <m.roth at 5-cent.us>

Johnny Hughes wrote:
> On 05/11/2016 11:44 AM, Patrick Rael wrote:
>> On 05/11/2016 09:45 AM, Steve Snyder wrote:
>>> On Wednesday, May 11, 2016 11:20am, "Patrick Rael" <prael at lumeta.com>
>>> said:
>>>>    Is there an ETA on the openssl security update
>>>> (CVE-2016-0799) for
>>>> CentOS 6.7?    I saw the openssl update for CentOS 7 on 5/9, eagerly
>>>> awaiting the same for 6.7.
>>>>
>>>> Thanks!
>>> Looks like Red Hat pushed it to RHEL v6.8, released yesterday.  Unless
>>> CentOS does a special back-port we'll have to wait for CentOS v6.8 to
>>> get the OpenSSL update.
>> Is there an ETA on CentOS v6.8?    Days? Weeks? Months? (years?)
>> I just need to predict when CVE-2016-0799 will be fixed for CentOS 6.7.
>> I thought security updates would be available on 6.7 for many more
>> years.
>
> Because Red Hat built that against 6.8 and not 6.7, I have to do the same.
>
> I expect that the CR rpms for os/ and that openssl update will be
> released in the next 2-3 days.
>
> Thanks,

No, thank *you*, Johnny, for all the work you do... and, as I've offered
before, if we're ever in the same metro area, I'd be happy to buy you a
drink for it all.

       mark