Hello,
I'm looking for confirmation that the CentOS 7 openssl package does not contain the vulnerable code as described in Red Hat's CVE response to CVE-2022-3358.
https://access.redhat.com/security/cve/cve-2022-3358
Thank you
CVE-2022-3358 - OpenSSL
Re: CVE-2022-3358 - OpenSSL
From the linked bugzilla entry off the CVE page...
"Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)"
CentOS 7 uses openssl 1.0.2k.
"Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)"
CentOS 7 uses openssl 1.0.2k.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke