A new updated OpenSSL package with the fix for the CVE-2021-23841 within CentOS 6 Extended Lifecycle Support has been scheduled for gradual rollout

A new OpenSSL package with the fix for the CVE-2021-23841 within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

Rollout slot: 3

Rolled out to: 1%

ETA for 100% rollout: March, 11

Changelog

openssl-1.0.1e-60.el6.cloudlinux.els6

• Fix Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)

Update command

yum update openssl*

Immediate update (via bypass)

yum update openssl* --enablerepo=ELS6-rollout-3-bypass