openssl release for following CVEs:CVE-2016-6305,CVE-2016-6307,CVE-2016-6308,CVE-2016-6309

General support questions
Post Reply
nupurpriya
Posts: 86
Joined: 2016/10/14 12:07:18

openssl release for following CVEs:CVE-2016-6305,CVE-2016-6307,CVE-2016-6308,CVE-2016-6309

Post by nupurpriya » 2016/10/14 12:12:24

Hi,
Can you please give any information on when the openssl rpm with following fixes :CVE-2016-6305,CVE-2016-6307,CVE-2016-6308,CVE-2016-6309,
will be available. There are no updates after 27-09-16.

Thanks,
Nupur
Top
User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:
Contact avij

Re: openssl release for following CVEs:CVE-2016-6305,CVE-2016-6307,CVE-2016-6308,CVE-2016-6309

Post by avij » 2016/10/14 12:40:57

These are vulnerabilities in OpenSSL 1.1.0, but as CentOS does not ship that version, the OpenSSL as shipped by CentOS is not affected by these.

References:
https://access.redhat.com/security/cve/cve-2016-6305
https://access.redhat.com/security/cve/cve-2016-6307
https://access.redhat.com/security/cve/cve-2016-6308
https://access.redhat.com/security/cve/cve-2016-6309
Top
Post Reply

Return to “CentOS 6 - General Support”