CVE-2022-0778 - openssl

Support for security such as Firewalls and securing linux
yorxmaikel
Posts: 2
Joined: 2022/04/07 07:24:06

Re: CVE-2022-0778 - openssl

Post by yorxmaikel » 2022/04/07 07:39:51

TrevorH wrote:
2022/03/28 22:48:16
This update has been built for CentOS 7 and pushed to the mirror network so should be available in the next few hours.
Please, have you some info about exact packet name/version?

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2022-0778 - openssl

Post by TrevorH » 2022/04/07 08:18:52

It is the latest copy available, currently openssl-1.0.2k-25.el7_9.x86_64. Next time, just run yum update
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: CVE-2022-0778 - openssl

Post by jlehtone » 2022/04/07 09:23:08

Followed by reboot, probably.

According to https://access.redhat.com/solutions/27943 openssl-libs is so fundamental library that the updated version won't get into use without a reboot.

yorxmaikel
Posts: 2
Joined: 2022/04/07 07:24:06

Re: CVE-2022-0778 - openssl

Post by yorxmaikel » 2022/04/07 14:31:31

TrevorH wrote:
2022/04/07 08:18:52
It is the latest copy available, currently openssl-1.0.2k-25.el7_9.x86_64. Next time, just run yum update
Thank you! yes, we have run yum update, but it's to be sure that this is the latest and with this CVE solved.

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: CVE-2022-0778 - openssl

Post by jlehtone » 2022/04/07 14:37:21

rpm -qi openssl reveals when package was built. If that is after RHEL released their patched version, isn't that promising?
rpm -q --changelog openssl tends to mention CVEs.

Post Reply