On Wed, 2 Nov 2022 at 18:40, Jochen Bern <jochen.b...@binect.de> wrote:
> On 02.11.22 07:48, Turritopsis Dohrnii Teo En Ming wrote: > > I have 2 internet-facing CentOS 7.9 Linux servers in Europe. > > Are the patches available already? How do I patch OpenSSL on my CentOS > 7.9 > > Linux servers? > > CentOS 7 does not come with 3.0 versions of OpenSSL. (Not even available > from oft-used repos like EPEL, if I understand correctly, unlike with > CentOS 8.) > > https://github.com/NCSC-NL/OpenSSL-2022/blob/main/software/README.md > > https://pkgs.org/search/?q=openssl > > If you installed it some other way, that "other way" would define how to > install updates ... or cleanly uninstall it so as to install a current > version from a different source. > > Kind regards, > -- > Jochen Bern > Systemingenieur > > Binect GmbH > I have just checked my internet facing CentOS 7.9 Linux server in Europe. [root@ns1 ~]# rpm -qa | grep openssl openssl-libs-1.0.2k-25.el7_9.x86_64 openssl-1.0.2k-25.el7_9.x86_64 openssl-devel-1.0.2k-25.el7_9.x86_64 I don't have OpenSSL 3.0.x installed. I am not affected by the said security vulnerabilities. Hooray! Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore