ELSA-2020-1840

ELSA-2020-1840 - openssl security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2020-05-05

Description


[1.1.1c-15]
- add selftest of the RAND_DRBG implementation

[1.1.1c-14]
- fix incorrect error return value from FIPS_selftest_dsa
- S390x: properly restore SIGILL signal handler

[1.1.1c-12]
- additional fix for the edk2 build

[1.1.1c-9]
- disallow use of SHA-1 signatures in TLS in FIPS mode

[1.1.1c-8]
- fix CVE-2019-1547 - side-channel weak encryption vulnerability
- fix CVE-2019-1563 - padding oracle in CMS API
- fix CVE-2019-1549 - ensure fork safety of the DRBG
- fix handling of non-FIPS allowed EC curves in FIPS mode
- fix TLS compliance issues

[1.1.1c-7]
- backported ARM performance fixes from master

[1.1.1c-6]
- backport of S390x ECC CPACF enhancements from master
- FIPS mode: properly disable 1024 bit DSA key generation
- FIPS mode: skip ED25519 and ED448 algorithms in openssl speed
- FIPS mode: allow AES-CCM ciphersuites

[1.1.1c-5]
- make the code suitable for edk2 build

[1.1.1c-4]
- backport of SSKDF from master

[1.1.1c-3]
- backport of KBKDF and KRB5KDF from master


Related CVEs


CVE-2019-1547
CVE-2019-1549
CVE-2019-1563

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) openssl-1.1.1c-15.el8.src.rpme4c8d4b4618fcd1f8a9db9f04c186112-
openssl-1.1.1c-15.el8.aarch64.rpm89c8090670b3a6226a7786dfdb553786-
openssl-devel-1.1.1c-15.el8.aarch64.rpm67d9117a6e25742d7beffa56cee22b12-
openssl-libs-1.1.1c-15.el8.aarch64.rpmf002a04abb9aed5fa43f048981ca5e68-
openssl-perl-1.1.1c-15.el8.aarch64.rpm259733c0bcb5e3a7603d621759c9c59d-
Oracle Linux 8 (x86_64) openssl-1.1.1c-15.el8.src.rpme4c8d4b4618fcd1f8a9db9f04c186112-
openssl-1.1.1c-15.el8.x86_64.rpm27b9bce3d31ec675e3bd9d88b6b30d98-
openssl-devel-1.1.1c-15.el8.i686.rpm73485941046ccf0bf4ab023c31c1e513-
openssl-devel-1.1.1c-15.el8.x86_64.rpm0ce9f43115e832688f3d9258933f78b0-
openssl-libs-1.1.1c-15.el8.i686.rpm5e5889cf20d5d7d6daee6054f26da150-
openssl-libs-1.1.1c-15.el8.x86_64.rpm157e9e2d4d93c7c45e334e6c596997f6-
openssl-perl-1.1.1c-15.el8.x86_64.rpmffbe0a035f98b6062972304ce08daa89-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete