LISTSERV - SCIENTIFIC-LINUX-DEVEL Archives

SCIENTIFIC-LINUX-DEVEL Archives

December 2013

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-DEVEL Home
	SCIENTIFIC-LINUX-DEVEL December 2013

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: issues with openssl-1.0.1e-15
From:	Pat Riehecky <[log in to unmask]>
Reply To:	Pat Riehecky <[log in to unmask]>
Date:	Fri, 6 Dec 2013 09:18:40 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (69 lines)

On 12/06/2013 04:17 AM, Cristina Aiftimiei wrote:
> On 12/6/13 10:43 AM, Stephan Wiesand wrote:
>> Dear Cristina,
>>
>> On 2013-12-06, at 9:46, Cristina Aiftimiei 
>> <[log in to unmask]> wrote:
>>
>>> Dear all,
>>>
>>> I hope it is the right place to ask. If not please let me know who 
>>> else I shoul contact.
>>>
>>> There was an update few days ago:
>>> http://listserv.fnal.gov/scripts/wa.exe?A2=ind1312&L=scientific-linux-errata&T=0&P=571 
>>>
>>> that broke some of our sevices/components/software that use openssl 
>>> with the following error:
>>> Socket error contacting 
>>> https://grid-voms.desy.de:8443/voms/desy/services/VOMSAdmin: [Errno 
>>> 1] _ssl.c:492: error:100AE081:elliptic curve 
>>> routines:EC_GROUP_new_by_curve_name:unknown group
>>>
>>> seems to be somethign known, that references also some bugs
>>> http://comments.gmane.org/gmane.mail.postfix.user/239960
>>>
>>> For the moment I "solved" the issue in a very ugly way, by 
>>> protecting in a local repository the previous version of openssl,
>>> openssl-1.0.0-27.el6_4.2.
>>> Been an sl-security update I would like to ask you if there are 
>>> specific security fixes provided with the 1.0.1e-15 version ( the 
>>> release notes talk only of "added for dependency resolution ")
>>>
>>> Do you know if the issue reported in RHEL will/can be fixed in SL6?
>> looks like it was tracked in BZ #1025598 and should be fixed in 
>> openssl-1.0.1e-16.el6_5 . Until it appears in fastbugs, one could 
>> probably use the centos packages.
> thank you very much!!
> I forgot mentioning that in CEntOS there was the 16 :-). and ask if I 
> could use it.
>
> One of the issues I observed was that the packages updated(hence 
> build) after the release of the 1.0.1e-15 depend on the new opessl 
> library so by "protecting" I should also advice to exclude certain 
> packages ( that for the moment we not use anyhow), like ruby.
>
> II'll take the "16" version for the moment.
>
> Thank youv ery much again,
> Cristina
>
>> Thanks for the heads up,
>>     Stephan
>>
>>> Thank you very much,
>>> Cristina
>

I've just pushed the SL6.5 fastbugs into 6rolling.

http://ftp.scientificlinux.org/linux/scientific/6rolling/

Pat

-- 
Pat Riehecky

Scientific Linux developer
http://www.scientificlinux.org/

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV