No announcement yet.

OpenSSL Updates

  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenSSL Updates

    Hi Folks,

    Apologies if this is not the correct forum location. I've checked and cannot see any recent posts in relation to this so hoping someone can help advise. I am currently looking after multiple cPanel based servers running mainly CentOS7.9 with cPanel installed. Our most recent iteration of a threat scan is reporting vulnerabilities with the installed version of OpenSSL provided by the alt-openssl package from the Imunify360 repository as below.

    Upgrade to OpenSSL version 1.1.1v or later.

    Plugin Output
    Path : /opt/alt/openssl11/lib64/
    Reported version : 1.1.1p
    Fixed version : 1.1.1v

    Package : alt-openssl-1:1.0.2k-2.el7.cloudlinux.10.x86_64
    State : Dep-Install
    Size : 1,340,834
    Build host :
    Build time : Fri Jun 30 09:37:55 2017
    Packager : CloudLinux Packaging Team <>
    Vendor : CloudLinux
    License : OpenSSL
    URL :
    Source RPM : alt-openssl-1.0.2k-2.el7.cloudlinux.10.src.rpm
    Commit Time : Thu Jun 29 13:00:00 2017

    The scan in question does appear to be referring to CVE-2023-3446 mostly which I can see is no longer in the support scope of RHEL as per so the base version will not be receiving a patch. The same issue has been found with the ea-openssl package but this has since been patched within a recent update as per in release EA-11578. Are you able to confirm if the alt-openssl package provided by the cloudlinux/imunify will be getting an update and any possible timeline for this? If there is no planned patch then confirmation of this is fine as I can push for migration/upgrades to an updated OS.

    Thanks in advance.


  • #2

    First of all please check you are using latest packages, just the regular 'yum update' should bring a list and for sure the newest version of alt-openssl should be available.
    Same time I am requesting our devs to update it to 1.1.1v . Unfortunately have no ETA.


    • #3
      Thanks for getting back to me.

      I can confirm that I've got the latest available version for the server installed from the Imunify repository which matches up to that on https://repo.imunify360.cloudlinux.c...6_64/Packages/.

      As long as one is on the way that's great, thanks for letting me know that there will be one at some point.