Tag: centos-6-els

OpenSSL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-1971 has been rolled out to 100%

Extended-CentOS

We are happy to announce that a new openssl-1.0.1e-59.cloudlinux.els6 package within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

cURL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-8284 has been rolled out to 100%

Extended-CentOS

We are happy to announce that a new curl-7.19.7-55.cloudlinux.els6 package within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

A security vulnerability in OpenSSL. Extended Support for CentOS 6 already has patches

 

openssl-vulnerability

On December 8, 2020 OpenSSL released an advisory patch for a high-risk null pointer dereference vulnerability found in the encryption library’s GENERAL_NAME_cmp() function.  CVE-2020-1971 (assigned name) is the High level vulnerability that cannot be ignored. The only level higher is the Critical level which happens maybe once in 5 years.

CloudLinux OS 6 has officially reached its End-Of-Life

 

ELS-3

CloudLinux OS 6 has officially reached its End-Of-Life on November 30, 2020. Software that reaches its end-of-life is no longer supported by developers, which means that you no longer receive critical security patches, updates, or feature changes. Unsupported software that receives no security patches could be vulnerable to future exploits, meaning your servers and devices could be targeted. With extended CloudLinux OS 6 support, you still get patches and updates as usual until 2024, giving you plenty of time to update to CloudLinux OS 7 or 8. 

imunify-logo

WEB SERVER SECURITY BLOG

Subscribe to CloudLinux Newsletter