On 15/10/14, 1:58, Greg Lindahl wrote:
On Tue, Oct 14, 2014 at 06:56:23AM -0500, Johnny Hughes wrote:
The advise to do a full upgrade is the best (most secure) option ..
however, theoretically, the new kernel should boot and not cause issues
based on the other packages.
OP said he had an In
On 15/10/14, 8:22, Lamar Owen wrote:
First question: can you boot with the old kernel still (by default CentOS 6
leaves a few old kernels around; I want to say the default is 3, but it might be
5, I don't recall, and I don't have a straight default C6 install to check
against right at the moment
> > It looks like it has been reported
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=1150082
>
> Good, at least its not my fault, this time :)
firefox-31.2.0-3.el5.centos is still broken, as is upstream's package.
The bug report has already been updated.
What is also broken, again, is
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ..
On Wed, Oct 15, 2014 at 8:41 AM, James B. Byrne wrote:
> This is a return to an issue I first raised back in June. We had a similar
> occurrence in September while I was away and so I am revisiting the entire
> matter.
>
> Steve Clark on 6 Jun 16:02 2014 wrote:
>> Hi,
>>
>> We ran into this proble
On 14/10/14, 6:45, Peter Kjellström wrote:
On Mon, 13 Oct 2014 20:15:11 -0500
Joakim Ziegler wrote:
...
So, if I use iozone -a to test write speeds on the raw device, I get
results in the 500-800MB/sec range, depending on write sizes, which
is about what I'd expect.
However, when I have a
The following updates address POODLE on CentOS:
CentOS-5:
http://lists.centos.org/pipermail/centos-announce/2014-October/020696.html
CentOS-6.5:
http://lists.centos.org/pipermail/centos-announce/2014-October/020697.html
CentOS-7:
http://lists.centos.org/pipermail/centos-announce/2014-October/020
According to the centos wiki:
Validating Changes
You can use Qualys SSL Labs to verify that your web server is no longer
vulnerable to POODLE or TLS_FALLBACK_SCSV once all action is complete. You
might also want to only use TLSv1.2 for httpd on CentOS-6.5 (or higher) and
CentOS-7, while using TLS
Modifying apache configuration to the following should take care of it.
The SSLProtocol directive disables SSLv2 and SSLv3 and leaves other on.
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384
EECDH+ECDSA+SHA256 EECDH+aRSA
The following nmap invocation may also be helpful with testing:
nmap --script ssl-enum-ciphers -p 443 hostname
Kahlil (Kal) Hodgson GPG: C9A02289
Head of Technology (m) +61 (0) 4 2573 0382
DealMax Pty Ltd
Suite 1416
401 Docklands Drive
Docklands VIC
10 matches
Mail list logo
