Dear Cristina, On 2013-12-06, at 9:46, Cristina Aiftimiei <[log in to unmask]> wrote: > Dear all, > > I hope it is the right place to ask. If not please let me know who else I shoul contact. > > There was an update few days ago: > http://listserv.fnal.gov/scripts/wa.exe?A2=ind1312&L=scientific-linux-errata&T=0&P=571 > that broke some of our sevices/components/software that use openssl with the following error: > Socket error contacting https://grid-voms.desy.de:8443/voms/desy/services/VOMSAdmin: [Errno 1] _ssl.c:492: error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group > > seems to be somethign known, that references also some bugs > http://comments.gmane.org/gmane.mail.postfix.user/239960 > > For the moment I "solved" the issue in a very ugly way, by protecting in a local repository the previous version of openssl, > openssl-1.0.0-27.el6_4.2. > Been an sl-security update I would like to ask you if there are specific security fixes provided with the 1.0.1e-15 version ( the release notes talk only of "added for dependency resolution ") > > Do you know if the issue reported in RHEL will/can be fixed in SL6? looks like it was tracked in BZ #1025598 and should be fixed in openssl-1.0.1e-16.el6_5 . Until it appears in fastbugs, one could probably use the centos packages. Thanks for the heads up, Stephan > Thank you very much, > Cristina -- Stephan Wiesand DESY - DV - Platanenallee 6 15738 Zeuthen, Germany