perfsonar-announce - Fwd: [CentOS-announce] CESA-2014:0376 Important CentOS 6 openssl Update
Subject: perfSONAR Announcements
List archive
- From: Jason Zurawski <>
- To: "" <>, perfsonar-announce <>
- Cc: "" <>
- Subject: Fwd: [CentOS-announce] CESA-2014:0376 Important CentOS 6 openssl Update
- Date: Tue, 8 Apr 2014 09:35:32 -0700
Greetings;
Please see below for an important security alert related to a package on
CentOS version 6.5 (the operating system that underpins the pS Performance
Toolkit versions 3.3.x). This issue is described in more detail at the
following site:
http://heartbleed.com/
The perfSONAR project is recommending that all users run 'yum update' to pull
down these packages immediately.
Our read of the CVE and affiliated documentation does indicate there is a
potential for compromise of private key material that may impact the host, or
users of the system. For those that have concerns about this, the project is
recommending that users regenerate the host certificate. If you are using
the provided 'self signed' certificate, you can follow these instructions to
regenerate new credentials:
> # build a new key
> /usr/bin/openssl genrsa > /etc/pki/tls/private/localhost.key
>
> # create a new self-signed cert
> cd /etc/pki/tls/certs
> make testcert
>
> # restart apache
> sudo /etc/init.d/httpd restart
If you have installed a customized certificate, refer to instructions
specific to that process. Please send along any questions to the developers
list
()
if you have them.
Thanks;
-jason
Begin forwarded message:
> From: Karanbir Singh
> <>
> Subject: [CentOS-announce] CESA-2014:0376 Important CentOS 6 openssl Update
> Date: April 7, 2014 7:54:58 PM PDT
> To:
>
> Reply-To:
>
>
>
> CentOS Errata and Security Advisory 2014:0376 Important
>
> Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0376.html
>
> The following updated files have been uploaded and are currently
> syncing to the mirrors: ( sha256sum Filename )
>
> i386:
> 6ceff4bad2608484b9b9ab74b8e9047b593b6b7a6ca5ba3cc16db7d8b447f1d8
> openssl-1.0.1e-16.el6_5.7.i686.rpm
> ef6c735885f24ca8618357b880e8cdc6fcb7c6895d99f740169684a3a6f0b8ba
> openssl-devel-1.0.1e-16.el6_5.7.i686.rpm
> 5724d24708d8b62ee48585ea530d379c258a9dd537ce3d350a61af4489c11ea5
> openssl-perl-1.0.1e-16.el6_5.7.i686.rpm
> 601108f27b4716355d972d70e8711b6ff53f4375962b3d6e81321736c6709b90
> openssl-static-1.0.1e-16.el6_5.7.i686.rpm
>
> x86_64:
> 6ceff4bad2608484b9b9ab74b8e9047b593b6b7a6ca5ba3cc16db7d8b447f1d8
> openssl-1.0.1e-16.el6_5.7.i686.rpm
> 42cdc321aa3d46889c395c5d6dc11961ed86be5f4d98af0d6399d6c4e1233712
> openssl-1.0.1e-16.el6_5.7.x86_64.rpm
> ef6c735885f24ca8618357b880e8cdc6fcb7c6895d99f740169684a3a6f0b8ba
> openssl-devel-1.0.1e-16.el6_5.7.i686.rpm
> 3328f32f211b2e136c25ec8538c768049f288f0b410932b31880fa4b4de8e73b
> openssl-devel-1.0.1e-16.el6_5.7.x86_64.rpm
> 89cdbaed00f8348a6a6d567c6c1eb8aba9f94578653be475e826e24c51f10594
> openssl-perl-1.0.1e-16.el6_5.7.x86_64.rpm
> 9222db08c5cbf4fded04fd7d060f5b91ed396665e2baa4c899fc2aa8aa9297d0
> openssl-static-1.0.1e-16.el6_5.7.x86_64.rpm
>
> Source:
> 3a08cda99f54b97c027ed32758e7b1ddcff635be5c3737c1e9084321561a015d
> openssl-1.0.1e-16.el6_5.7.src.rpm
>
>
>
> --
> Karanbir Singh
> CentOS Project { http://www.centos.org/ }
> irc: z00dax,
> #
>
> _______________________________________________
> CentOS-announce mailing list
>
> http://lists.centos.org/mailman/listinfo/centos-announce
- Fwd: [CentOS-announce] CESA-2014:0376 Important CentOS 6 openssl Update, Jason Zurawski, 04/08/2014
- Re: [perfSONAR-developer] [CentOS-announce] CESA-2014:0376 Important CentOS 6 openssl Update, Andrew Lake, 04/10/2014
Archive powered by MHonArc 2.6.16.