HeartBleed in RHEL

I know I'm slightly OT here, asking about RHEL, but since Centos is now a
part of RH, I'm hoping I won't be summarily ejected.

I've seen several articles that listed Centos 6.x as vulnerable, but

I'd think that if Centos 6.x is vulnerable, then so would RHEL 6.x,
since Centos is made from RHEL sources.

Does anyone know for sure either way?



Re: HeartBleed in RHEL

By David Beveridge at 04/13/2014 - 20:12

see <a href="" title=""></a>
This issue did not affect the versions of openssl as shipped with Red
Hat Enterprise Linux 5, Red Hat Enterprise Linux 6.4 and earlier, Red
Hat JBoss Enterprise Application Platform 5 and 6, and Red Hat JBoss
Web Server 1 and 2. This issue does affect Red Hat Enterprise Linux
6.5, Red Hat Enterprise Virtualization Hypervisor 6.5, and Red Hat
Storage 2.1, which provided openssl 1.0.1e. Errata have been released
to correct this issue.

On Mon, Apr 14, 2014 at 10:59 AM, Fred Smith
< ... at fcshome dot> wrote:

Re: HeartBleed in RHEL

By fred smith at 04/14/2014 - 07:51

On Mon, Apr 14, 2014 at 11:12:54AM +1000, David Beveridge wrote:
Thank you, Dave! That's exactly what I needed.


Re: HeartBleed in RHEL

By Digimer at 04/13/2014 - 20:09

On 13/04/14 08:59 PM, Fred Smith wrote:
Yes, RHEL 6 was effected.