The OpenSSL package with the fix for the CVE-2021-23841 and the bind package with the fix for the CVE-2020-8625 within CloudLinux OS 6 extended lifecycle support have been rolled out to 100% and are now available for download from our production repository.
- Fix Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
- Fix buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625)
yum update openssl*
yum update bind*