LISTSERV - SCIENTIFIC-LINUX-DEVEL Archives

SCIENTIFIC-LINUX-DEVEL Archives

December 2013

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-DEVEL Home
	SCIENTIFIC-LINUX-DEVEL December 2013

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: issues with openssl-1.0.1e-15
From:	Cristina Aiftimiei <[log in to unmask]>
Reply To:	Cristina Aiftimiei <[log in to unmask]>
Date:	Fri, 6 Dec 2013 11:17:14 +0100
Content-Type:	text/plain
Parts/Attachments:	text/plain (50 lines)

On 12/6/13 10:43 AM, Stephan Wiesand wrote:
> Dear Cristina,
>
> On 2013-12-06, at 9:46, Cristina Aiftimiei <[log in to unmask]> wrote:
>
>> Dear all,
>>
>> I hope it is the right place to ask. If not please let me know who else I shoul contact.
>>
>> There was an update few days ago:
>> http://listserv.fnal.gov/scripts/wa.exe?A2=ind1312&L=scientific-linux-errata&T=0&P=571
>> that broke some of our sevices/components/software that use openssl with the following error:
>> Socket error contacting https://grid-voms.desy.de:8443/voms/desy/services/VOMSAdmin: [Errno 1] _ssl.c:492: error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
>>
>> seems to be somethign known, that references also some bugs
>> http://comments.gmane.org/gmane.mail.postfix.user/239960
>>
>> For the moment I "solved" the issue in a very ugly way, by protecting in a local repository the previous version of openssl,
>> openssl-1.0.0-27.el6_4.2.
>> Been an sl-security update I would like to ask you if there are specific security fixes provided with the 1.0.1e-15 version ( the release notes talk only of "added for dependency resolution ")
>>
>> Do you know if the issue reported in RHEL will/can be fixed in SL6?
> looks like it was tracked in BZ #1025598 and should be fixed in openssl-1.0.1e-16.el6_5 . Until it appears in fastbugs, one could probably use the centos packages.
thank you very much!!
I forgot mentioning that in CEntOS there was the 16 :-). and ask if I 
could use it.

One of the issues I observed was that the packages updated(hence build) 
after the release of the 1.0.1e-15 depend on the new opessl library so 
by "protecting" I should also advice to exclude certain packages ( that 
for the moment we not use anyhow), like ruby.

II'll take the "16" version for the moment.

Thank youv ery much again,
Cristina

> Thanks for the heads up,
> 	Stephan
>
>> Thank you very much,
>> Cristina

-- 
Cristina Aiftimiei
Ist. Naz. di Fisica Nucleare - Padova
Address: via F. Marzolo, 8 - 35131 Padova - ITALY
Phone: +39.049.967.7362
Mobile: +39.3460230488

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV