ELSA-2024-12093
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-12093
ELSA-2024-12093 - openssl security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2024-01-25 |
Description
[1:3.0.7-25.0.1]
- Replace upstream references [Orabug: 34340177]
[1:3.0.7-25]
- Provide relevant diagnostics when FIPS checksum is corrupted
Resolves: RHEL-5317
- Don't limit using SHA1 in KDFs in non-FIPS mode.
Resolves: RHEL-5295
- Provide empty evp_properties section in main OpenSSL configuration file
Resolves: RHEL-11439
- Avoid implicit function declaration when building openssl
Resolves: RHEL-1780
- Forbid explicit curves when created via EVP_PKEY_fromdata
Resolves: RHEL-5304
- AES-SIV cipher implementation contains a bug that causes it to ignore empty
associated data entries (CVE-2023-2975)
Resolves: RHEL-5302
- Excessive time spent checking DH keys and parameters (CVE-2023-3446)
Resolves: RHEL-5306
- Excessive time spent checking DH q parameter value (CVE-2023-3817)
Resolves: RHEL-5308
- Fix incorrect cipher key and IV length processing (CVE-2023-5363)
Resolves: RHEL-13251
- Switch explicit FIPS indicator for RSA-OAEP to approved following
clarification with CMVP
Resolves: RHEL-14083
- Backport the check required by SP800-56Br2 6.4.1.2.1 (3.c)
Resolves: RHEL-14083
- Add missing ECDH Public Key Check in FIPS mode
Resolves: RHEL-15990
- Excessive time spent in DH check/generation with large Q parameter value (CVE-2023-5678)
Resolves: RHEL-15954
Related CVEs
| CVE-2023-5363 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | openssl-3.0.7-25.0.1.ksplice1.el9_3.src.rpm | 76e66370e93db94bee1e80582330a617 | - | ol9_aarch64_userspace_ksplice |
| openssl-3.0.7-25.0.1.ksplice1.el9_3.aarch64.rpm | ceb918e90626d309f8a4b3228d1e2965 | - | ol9_aarch64_userspace_ksplice | |
| openssl-devel-3.0.7-25.0.1.ksplice1.el9_3.aarch64.rpm | d1e713b90a487fdbc04b5c471dcaff7f | - | ol9_aarch64_userspace_ksplice | |
| openssl-libs-3.0.7-25.0.1.ksplice1.el9_3.aarch64.rpm | dfe956397e20cd2420bb2975151b96ef | - | ol9_aarch64_userspace_ksplice | |
| openssl-perl-3.0.7-25.0.1.ksplice1.el9_3.aarch64.rpm | 8a66ce75e15807f87215df6215e8a72d | - | ol9_aarch64_userspace_ksplice | |
| Oracle Linux 9 (x86_64) | openssl-3.0.7-25.0.1.ksplice1.el9_3.src.rpm | 76e66370e93db94bee1e80582330a617 | - | ol9_x86_64_userspace_ksplice |
| openssl-3.0.7-25.0.1.ksplice1.el9_3.x86_64.rpm | 78353700e17602c8a495a36b90475860 | - | ol9_x86_64_userspace_ksplice | |
| openssl-devel-3.0.7-25.0.1.ksplice1.el9_3.i686.rpm | 345f82b033bcfd1691cb1a2b88e34125 | - | ol9_x86_64_userspace_ksplice | |
| openssl-devel-3.0.7-25.0.1.ksplice1.el9_3.x86_64.rpm | c7016e9fbcc0d3a24bd9786be7b9c8f4 | - | ol9_x86_64_userspace_ksplice | |
| openssl-libs-3.0.7-25.0.1.ksplice1.el9_3.i686.rpm | 14509208ac08949d9ee731683ba3d592 | - | ol9_x86_64_userspace_ksplice | |
| openssl-libs-3.0.7-25.0.1.ksplice1.el9_3.x86_64.rpm | 217886f563ffaf48a7edad71e8044861 | - | ol9_x86_64_userspace_ksplice | |
| openssl-perl-3.0.7-25.0.1.ksplice1.el9_3.x86_64.rpm | 589f9351c9f680ff5eb91fc66375e6c9 | - | ol9_x86_64_userspace_ksplice | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
