Upgrading OpenSSL in CentOS

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Upgrading OpenSSL in CentOS

Srinivasan T-2
Hi Team,

Recently we have upgraded to CentOS 7.6.1810 and the OpenSSL comes along with CentOS 7.6 is openssl-1.0.2k-16.el7_6.1.x86_64. We understand there are no updates available / backported in CentOS 7.6 mirrors beyond openssl-1.0.2k.

Can we upgrade OpenSSL to 1.0.2r (for CVE fixes)? Is it right way to get it upgraded ourself though there are no updates from CentOS.

Regards,
Srini

Reply | Threaded
Open this post in threaded view
|

Re: Upgrading OpenSSL in CentOS

Hubert Kario
On Tuesday, 2 April 2019 15:02:29 CEST Srinivasan T wrote:
> Hi Team,
>
> Recently we have upgraded to CentOS 7.6.1810 and the OpenSSL comes along
> with CentOS 7.6 is openssl-1.0.2k-16.el7_6.1.x86_64. We understand there
> are no updates available / backported in CentOS 7.6 mirrors beyond
> openssl-1.0.2k.
>
> Can we upgrade OpenSSL to 1.0.2r (for CVE fixes)? Is it right way to get it
> upgraded ourself though there are no updates from CentOS.

the version of the package represents only the oldest code that's equal with
the upstream releases; see RPM changelog for the CVE fixes

also:
https://access.redhat.com/security/updates/backporting

--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky┼łova 115, 612 00  Brno, Czech Republic

signature.asc (849 bytes) Download Attachment