RHEL 5 and OpenSSL 0.98

Latest response

Hi everyone.

As RHEL5 has support until 2017 but OpenSSL 0.98 goes end of life in 2015 does anyone know whether Redhat will be attempting to backport security fixes from the 1.x branch or implementing a 1.x on RHEL5?



I'm guessing by the lack of response nobody knows.

RHEL 5 is currently in Production 3 phase of its product lifecycle.

The different lifecycle phases and their dates are described at: https://access.redhat.com/support/policy/updates/errata/

Products in Production 3 still get Asynchronous Security Errata, however at this late point in the lifecycle, we limit this to only the issues of the highest importance.

If you have a specific security issue you wish resolved in RHEL5's OpenSSL and you have a Standard or Premium support entitlement, feel free to open a support case, support can request the fix from Red Hat Product Management on your behalf.

However, if the issue is not classed as critical and is fixed in a later version such as RHEL6 or RHEL7, we'll most likely suggest you upgrade to the later RHEL version.