Closed sf1919 closed 1 year ago
Sadly not as straightforward as I would like. We use CentOS7 for our Linux containers in line with condaforge. The automatic install of OpenSSL is only 1.0.2k.
The advice is as follows OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers only).
As we are not a premium support customer we will need to look at upgrading to 1.1.1t. It may be possible to do it using something along the lines of https://gist.github.com/Bill-tran/5e2ab062a9028bf693c934146249e68c
Fixed by 87f1adc and #69
To fix an OpenSSL security vulnerability we need to update the Docker images for Linux.