When I can apply announced on March 19 of openssl in CentOS5
-
- Posts: 4
- Joined: 2015/03/25 00:59:44
When I can apply announced on March 19 of openssl in CentOS5
Hi, team.
I want to patch the new release version has been applied openssl to centOS 5.x.
However, the final version of openSSL of current CentOS 5.X is 0.9.8e-32_el5_11.
Signature is a January 13, 2015.
The CVE-2015-0293 openssl that has been modified to be worried about when I can patch.
Adieu.
I want to patch the new release version has been applied openssl to centOS 5.x.
However, the final version of openSSL of current CentOS 5.X is 0.9.8e-32_el5_11.
Signature is a January 13, 2015.
The CVE-2015-0293 openssl that has been modified to be worried about when I can patch.
Adieu.
Re: When I can apply announced on March 19 of openssl in Cen
All of the CVEs that are applicable to CentOS 5 are ranked as "Moderate" or lower impact. As CentOS 5 is now in production phase 3 of its lifetime, only fixes of important or critical impact are being issued by Redhat so this will not be patched as far as I know. You can see more on https://access.redhat.com/articles/1384453
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 4
- Joined: 2015/03/25 00:59:44
Re: When I can apply announced on March 19 of openssl in Cen
If redhat does not patch, individuals can be used to build a openssl?TrevorH wrote:All of the CVEs that are applicable to CentOS 5 are ranked as "Moderate" or lower impact. As CentOS 5 is now in production phase 3 of its lifetime, only fixes of important or critical impact are being issued by Redhat so this will not be patched as far as I know. You can see more on https://access.redhat.com/articles/1384453
Re: When I can apply announced on March 19 of openssl in Cen
Really really not recommended. Did you read the redhat link I posted?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 4
- Joined: 2015/03/25 00:59:44
Re: When I can apply announced on March 19 of openssl in Cen
appreciate the advice.TrevorH wrote:Really really not recommended. Did you read the redhat link I posted?
I read the link page.
However, I think did not solve the problem. So I was forced to try to do a patch.
If as the Red Hat said, if too trivial problem, I do not have the action.
Is this the correct behavior?
Re: When I can apply announced on March 19 of openssl in Cen
Because of the upstream policy, openssl is not the only security patch that was not released for CentOS 5. See this post by Johnny Hughes for more details and his recommendation.
CentOS Forum FAQ
-
- Posts: 4
- Joined: 2015/03/25 00:59:44
Re: When I can apply announced on March 19 of openssl in Cen
thanks, toracat.toracat wrote:Because of the upstream policy, openssl is not the only security patch that was not released for CentOS 5. See this post by Johnny Hughes for more details and his recommendation.
I read the link page.
In summary, if we want supported the security issue that will be raised a CentOS version?
Have no choice...
Re: When I can apply announced on March 19 of openssl in Cen
For the record, there is now an updated OpenSSL for CentOS 5 as well.
You should still start planning to switch to a newer version of CentOS.
You should still start planning to switch to a newer version of CentOS.