We are happy to announce that a new openssl-1.0.1e-59.cloudlinux.els6 package within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

We are happy to announce that a new curl-7.19.7-55.cloudlinux.els6 package within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

On December 8, 2020 OpenSSL released an advisory patch for a high-risk null pointer dereference vulnerability found in the encryption library’s GENERAL_NAME_cmp() function.  CVE-2020-1971 (assigned name) is the High level vulnerability that cannot be ignored. The only level higher is the Critical level which happens maybe once in 5 years.

CloudLinux OS 6 has officially reached its End-Of-Life on November 30, 2020. Software that reaches its end-of-life is no longer supported by developers, which means that you no longer receive critical security patches, updates, or feature changes. Unsupported software that receives no security patches could be vulnerable to future exploits, meaning your servers and devices could be targeted. With extended CloudLinux OS 6 support, you still get patches and updates as usual until 2024, giving you plenty of time to update to CloudLinux OS 7 or 8.