OpenSSL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-1971 has been scheduled for gradual rollout
We are happy to announce that a new openssl-1.0.1e-59.cloudlinux.
This update contains a fix for the new CVE-2020-1971 that causes servers’ disruptions via x509v3 certificate fields.
Rollout slot: 2
Rolled out to: 1%
ETA for 100% rollout: December, 23
- EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
yum update openssl*
Immediate update (via bypass)
yum update openssl* --enablerepo=ELS6-rollout-2-bypass