CentOS7.5.1804 - PCI Compliance : CVE-2018-0732
Posted: 2018/11/13 00:21:23
Fellow CentOS SysOps,
I am having a hard time trying to fix CVEs related to openssl 1.0.2k-fips.
CVE-2018-0732 is one of them. Looks like RedHat provides an errata for this problem, which bumps the RPM version from CentOS 12 to 16
(openssl-1.0.2k-16.el7.x86_64.rpm). Looks like its a preview version that will be released with RHEL7.6, only available to older versions through the errata rpms.
Does Red Hat allows anyone to have access to these errata files or they are only available to users with subscription?
Is there a way to fix CVE-2018-0732 on CentOS 7.5.1804?
https://access.redhat.com/security/cve/cve-2018-0732
Best regards,
Rodrigo
I am having a hard time trying to fix CVEs related to openssl 1.0.2k-fips.
CVE-2018-0732 is one of them. Looks like RedHat provides an errata for this problem, which bumps the RPM version from CentOS 12 to 16
(openssl-1.0.2k-16.el7.x86_64.rpm). Looks like its a preview version that will be released with RHEL7.6, only available to older versions through the errata rpms.
Does Red Hat allows anyone to have access to these errata files or they are only available to users with subscription?
Is there a way to fix CVE-2018-0732 on CentOS 7.5.1804?
https://access.redhat.com/security/cve/cve-2018-0732
Best regards,
Rodrigo