CVE-2022-3358 - OpenSSL

Support for security such as Firewalls and securing linux
Post Reply
Posts: 3
Joined: 2022/11/02 21:35:28

CVE-2022-3358 - OpenSSL

Post by rwk » 2022/11/03 14:27:07


I'm looking for confirmation that the CentOS 7 openssl package does not contain the vulnerable code as described in Red Hat's CVE response to CVE-2022-3358.

Thank you

User avatar
Site Admin
Posts: 32757
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2022-3358 - OpenSSL

Post by TrevorH » 2022/11/03 15:40:15

From the linked bugzilla entry off the CVE page...

"Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)"

CentOS 7 uses openssl 1.0.2k.
CentOS 8 died a premature death at the end of 2021 - migrate to Rocky/Alma/OEL/Springdale ASAP.
Info for USB installs on
CentOS 5 and 6 are dead, do not use them.
Use the FAQ Luke

Post Reply