[SOLVED] Should I update OpenSSL from 1.0.2k-fips to 1.0.2x because of CVE-2020-1971 ?

Support for security such as Firewalls and securing linux
Post Reply
User avatar
samsara1209
Posts: 2
Joined: 2020/12/09 06:36:43

[SOLVED] Should I update OpenSSL from 1.0.2k-fips to 1.0.2x because of CVE-2020-1971 ?

Post by samsara1209 » 2020/12/09 07:14:04

The High severity CVE-2020-1971: https://www.openssl.org/news/vulnerabil ... -2020-1971 says that OpenSSL from version 1.0.2 to 1.0.2w are all affected, and is fixed in 1.0.2x.

Should I update OpenSSL to 1.0.2x ?
Last edited by samsara1209 on 2020/12/09 08:36:59, edited 1 time in total.

User avatar
TrevorH
Forum Moderator
Posts: 30173
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Should I update OpenSSL from 1.0.2k-fips to 1.0.2x because of CVE-2020-1971 ?

Post by TrevorH » 2020/12/09 08:00:20

No. You should wait for the equivalent fix to be published, first for RHEL and then for CentOS once it's rebuilt. But first it has to come out for RHEL.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

User avatar
samsara1209
Posts: 2
Joined: 2020/12/09 06:36:43

Re: Should I update OpenSSL from 1.0.2k-fips to 1.0.2x because of CVE-2020-1971 ?

Post by samsara1209 » 2020/12/09 08:32:42

TrevorH wrote:
2020/12/09 08:00:20
No. You should wait for the equivalent fix to be published, first for RHEL and then for CentOS once it's rebuilt. But first it has to come out for RHEL.
Thank you very much. :D

Post Reply

Return to “CentOS 7 - Security Support”