Learn about Centmin Mod LEMP Stack today
Become a Member

Security OpenSSL OpenSSL 1.1.0c Security Release

Discussion in 'CentOS, Redhat & Oracle Linux News' started by eva2000, Nov 10, 2016.

  1. eva2000

    eva2000 Administrator Staff Member

    31,027
    6,928
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,434
    Local Time:
    6:35 AM
    Nginx 1.13.x
    MariaDB 5.5
    OpenSSL 1.1.0c security release is due in less than 24hrs on November 10th, 2016 1200-1600 UTC time. Centmin Mod uses LibreSSL 2.4 branch by default with option to switch to OpenSSL 1.0.2 branch (1.0.2j latest) via persistent /etc/centminmod/custom_config.inc set LIBRESSL_SWITCH='y' variable and recompile of nginx via centmin.sh menu option 4.

    The OpenSSL 1.1 branch is only optionally supported by Centmin Mod 123.09beta01 by setting in the persistent /etc/centminmod/custom_config.inc the variables:
    Code (Text):
    LIBRESSL_SWITCH='y'
    OPENSSL_VERSION='1.1.0c'
    ORESTY_LUANGINX='n'
    

    and recompile of nginx via centmin.sh menu option 4. Note ORESTY_LUANGINX='n' is needed as current OpenSSL 1.1 branch is not compatible with OpenResty Nginx Lua module which is the main reason why Centmin Mod 123.09beta01 defaults to OpenSSL 1.0.2 branch for Nginx Lua module compatibility.

    [openssl-announce] Forthcoming OpenSSL release