Upgrading OpenSSL in CentOS

Hubert Kario hkario at redhat.com
Tue Apr 2 14:08:57 UTC 2019

On Tuesday, 2 April 2019 15:02:29 CEST Srinivasan T wrote:
> Hi Team,
> Recently we have upgraded to CentOS 7.6.1810 and the OpenSSL comes along
> with CentOS 7.6 is openssl-1.0.2k-16.el7_6.1.x86_64. We understand there
> are no updates available / backported in CentOS 7.6 mirrors beyond
> openssl-1.0.2k.
> Can we upgrade OpenSSL to 1.0.2r (for CVE fixes)? Is it right way to get it
> upgraded ourself though there are no updates from CentOS.

the version of the package represents only the oldest code that's equal with 
the upstream releases; see RPM changelog for the CVE fixes


Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00  Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190402/3e87dcd3/attachment.sig>

More information about the openssl-users mailing list