ELSA-2020-5476

ULN >
Oracle Linux Errata repository >
ELSA-2020-5476

ELSA-2020-5476 - openssl security and bug fix update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-12-17

Description

[1.1.1g-12]
- Fix CVE-2020-1971 ediparty null pointer dereference

[1.1.1g-11.1]
- Implemented new FIPS requirements in regards to KDF and DH selftests
- Disallow certificates with explicit EC parameters

Related CVEs

CVE-2020-1971

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	openssl-1.1.1g-12.el8_3.src.rpm	17b94005833c70e5164a1d29e3ef8fc28da34b41d305380fb93d063d567ae307	-	ol8_aarch64_baseos_latest
	openssl-1.1.1g-12.el8_3.src.rpm	17b94005833c70e5164a1d29e3ef8fc28da34b41d305380fb93d063d567ae307	-	ol8_aarch64_u3_baseos_patch
	openssl-1.1.1g-12.el8_3.aarch64.rpm	3441bf2cd1c965c7ff4122769741d5fe5f5cb816538f5dfc393f5539685e2aa1	-	ol8_aarch64_baseos_latest
	openssl-1.1.1g-12.el8_3.aarch64.rpm	3441bf2cd1c965c7ff4122769741d5fe5f5cb816538f5dfc393f5539685e2aa1	-	ol8_aarch64_u3_baseos_patch
	openssl-devel-1.1.1g-12.el8_3.aarch64.rpm	c2a0d50dd6ad4efc44bfb7df31ef1f68e20e3b0763f96baa0480151f8f235881	-	ol8_aarch64_baseos_latest
	openssl-devel-1.1.1g-12.el8_3.aarch64.rpm	c2a0d50dd6ad4efc44bfb7df31ef1f68e20e3b0763f96baa0480151f8f235881	-	ol8_aarch64_u3_baseos_patch
	openssl-libs-1.1.1g-12.el8_3.aarch64.rpm	4f1e143b57324cfe2ef3a82421bcaaaf8f6e3825bfd2a9dda916cd5b02d731f5	-	ol8_aarch64_baseos_latest
	openssl-libs-1.1.1g-12.el8_3.aarch64.rpm	4f1e143b57324cfe2ef3a82421bcaaaf8f6e3825bfd2a9dda916cd5b02d731f5	-	ol8_aarch64_u3_baseos_patch
	openssl-perl-1.1.1g-12.el8_3.aarch64.rpm	0c4a0d6e7d56302acf4fd7c6bd58c65ec9d7aecfea418b3d1bfd5884c08fe5e9	-	ol8_aarch64_baseos_latest
	openssl-perl-1.1.1g-12.el8_3.aarch64.rpm	0c4a0d6e7d56302acf4fd7c6bd58c65ec9d7aecfea418b3d1bfd5884c08fe5e9	-	ol8_aarch64_u3_baseos_patch

Oracle Linux 8 (x86_64)	openssl-1.1.1g-12.el8_3.src.rpm	17b94005833c70e5164a1d29e3ef8fc28da34b41d305380fb93d063d567ae307	-	ol8_x86_64_baseos_latest
	openssl-1.1.1g-12.el8_3.src.rpm	17b94005833c70e5164a1d29e3ef8fc28da34b41d305380fb93d063d567ae307	-	ol8_x86_64_u3_baseos_patch
	openssl-1.1.1g-12.el8_3.x86_64.rpm	e6ab5ab80d6cfc5844ca3c35d5d0531b76b0204c5c153850d2248167880e7719	-	ol8_x86_64_baseos_latest
	openssl-1.1.1g-12.el8_3.x86_64.rpm	e6ab5ab80d6cfc5844ca3c35d5d0531b76b0204c5c153850d2248167880e7719	-	ol8_x86_64_u3_baseos_patch
	openssl-devel-1.1.1g-12.el8_3.i686.rpm	63afec6188f078274aa9b10e89c598a31e6c1495b22f99591854290b9c5e20d9	-	ol8_x86_64_baseos_latest
	openssl-devel-1.1.1g-12.el8_3.i686.rpm	63afec6188f078274aa9b10e89c598a31e6c1495b22f99591854290b9c5e20d9	-	ol8_x86_64_u3_baseos_patch
	openssl-devel-1.1.1g-12.el8_3.x86_64.rpm	02994976d17ec9544fa7dd4d669d8ece5ca7a2c5aab707f77df10e48bb5124c4	-	ol8_x86_64_baseos_latest
	openssl-devel-1.1.1g-12.el8_3.x86_64.rpm	02994976d17ec9544fa7dd4d669d8ece5ca7a2c5aab707f77df10e48bb5124c4	-	ol8_x86_64_u3_baseos_patch
	openssl-libs-1.1.1g-12.el8_3.i686.rpm	dba047b56231fb6a1f89d745524a94c9afc18dcac5ab94c2c4eda10bb7d5d1aa	-	ol8_x86_64_baseos_latest
	openssl-libs-1.1.1g-12.el8_3.i686.rpm	dba047b56231fb6a1f89d745524a94c9afc18dcac5ab94c2c4eda10bb7d5d1aa	-	ol8_x86_64_u3_baseos_patch
	openssl-libs-1.1.1g-12.el8_3.x86_64.rpm	7669ec65013e38b5776ea0a68b54904834a3a13d2b269fe686b01c53329b2721	-	ol8_x86_64_baseos_latest
	openssl-libs-1.1.1g-12.el8_3.x86_64.rpm	7669ec65013e38b5776ea0a68b54904834a3a13d2b269fe686b01c53329b2721	-	ol8_x86_64_u3_baseos_patch
	openssl-perl-1.1.1g-12.el8_3.x86_64.rpm	d9287eb7db6b484177636690e76d840a786d179c8a7045eef27ce92b0ed56c97	-	ol8_x86_64_baseos_latest
	openssl-perl-1.1.1g-12.el8_3.x86_64.rpm	d9287eb7db6b484177636690e76d840a786d179c8a7045eef27ce92b0ed56c97	-	ol8_x86_64_u3_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691