[CentOS] openssl Security Update for CentOS 6.7 ETA

Wed May 11 19:27:10 UTC 2016
Johnny Hughes <johnny at centos.org>

On 05/11/2016 11:44 AM, Patrick Rael wrote:
> On 05/11/2016 09:45 AM, Steve Snyder wrote:
>> On Wednesday, May 11, 2016 11:20am, "Patrick Rael" <prael at lumeta.com>
>> said:
>>> Hi,
>>>          Is there an ETA on the openssl security update
>>> (CVE-2016-0799) for
>>> CentOS 6.7?    I saw the openssl update for CentOS 7 on 5/9, eagerly
>>> awaiting
>>> the same for 6.7.
>>> Thanks!
>> Looks like Red Hat pushed it to RHEL v6.8, released yesterday.  Unless
>> CentOS does a special back-port we'll have to wait for CentOS v6.8 to
>> get the OpenSSL update.
> Is there an ETA on CentOS v6.8?    Days? Weeks? Months? (years?)
> I just need to predict when CVE-2016-0799 will be fixed for CentOS 6.7.
> I thought security updates would be available on 6.7 for many more years.

Because Red Hat built that against 6.8 and not 6.7, I have to do the same.

I expect that the CR rpms for os/ and that openssl update will be
released in the next 2-3 days.

Johnny Hughes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20160511/52a6d574/attachment-0004.sig>