ELBA-2020-6017

ELBA-2020-6017 - openssl bug fix update

Type:BUG
Severity:NA
Release Date:2020-12-18

Description


[1.1.1g-11]
- Further changes for SP 800-56A rev3 requirements

[1.1.1g-9]
- Rewire FIPS_drbg API to use the RAND_DRBG
- Use the well known DH groups in TLS even for 2048 and 1024 bit parameters

[1.1.1g-7]
- Disallow dropping Extended Master Secret extension
on renegotiation
- Return alert from s_server if ALPN protocol does not match
- SHA1 is allowed in @SECLEVEL=2 only if allowed by
TLS SigAlgs configuration

[1.1.1g-6]
- Add FIPS selftest for PBKDF2 and KBKDF

[1.1.1g-5]
- Allow only well known DH groups in the FIPS mode

[1.1.1g-1]
- update to the 1.1.1g release
- FIPS module installed state definition is modified

[1.1.1c-15]
- add selftest of the RAND_DRBG implementation

[1.1.1c-14]
- fix incorrect error return value from FIPS_selftest_dsa
- S390x: properly restore SIGILL signal handler

[1.1.1c-12]
- additional fix for the edk2 build

[1.1.1c-9]
- disallow use of SHA-1 signatures in TLS in FIPS mode

[1.1.1c-8]
- fix CVE-2019-1547 - side-channel weak encryption vulnerability
- fix CVE-2019-1563 - padding oracle in CMS API
- fix CVE-2019-1549 - ensure fork safety of the DRBG
- fix handling of non-FIPS allowed EC curves in FIPS mode
- fix TLS compliance issues

[1.1.1c-7]
- backported ARM performance fixes from master

[1.1.1c-6]
- backport of S390x ECC CPACF enhancements from master
- FIPS mode: properly disable 1024 bit DSA key generation
- FIPS mode: skip ED25519 and ED448 algorithms in openssl speed
- FIPS mode: allow AES-CCM ciphersuites

[1.1.1c-5]
- make the code suitable for edk2 build

[1.1.1c-4]
- backport of SSKDF from master

[1.1.1c-3]
- backport of KBKDF and KRB5KDF from master

[1.1.1c-2]
- do not try to use EC groups disallowed in FIPS mode
in TLS
- fix Valgrind regression with constant-time code

[1.1.1c-1]
- update to the 1.1.1c release

[1.1.1b-6]
- adjust the default cert pbe algorithm for pkcs12 -export
in the FIPS mode

[1.1.1b-5]
- Fix small regressions related to the rebase

[1.1.1b-3]
- FIPS compliance fixes

[1.1.1b-1]
- update to the 1.1.1b release
- EVP_KDF API backport from master
- SSH KDF implementation for EVP_KDF API backport from master
- add S390x chacha20-poly1305 assembler support from master branch

[1.1.1-8]
- make openssl ts default to using SHA256 digest

[1.1.1-7]
- use /dev/urandom for seeding the RNG in FIPS POST

[1.1.1-6]
- make SECLEVEL=3 work

[1.1.1-5]
- fix defects found in Coverity scan

[1.1.1-4]
- drop SSLv3 support

[1.1.1-3]
- drop the TLS-1.3 version revert

[1.1.1-2]
- disable RC4-MD5 ciphersuites completely

[1.1.1-1]
- update to the final 1.1.1 version
- for consistent support of security policies we build
RC4 support in TLS (not default) and allow SHA1 in SECLEVEL 2
- use only /dev/urandom if getrandom() is not available
- disable SM4

[1.1.1-0.pre9.1]
- update to the latest 1.1.1 beta version
- temporarily revert TLS-1.3 to draft 28 version

[1.1.1-0.pre8.4]
- bidirectional shutdown fixes from upstream

[1.1.1-0.pre8.3]
- do not put error on stack when using fixed protocol version
with the default config (#1615098)

[1.1.1-0.pre8.2]
- load crypto policy config file from the default config

[1.1.1-0.pre8]
- update to the latest 1.1.1 beta version

[1:1.1.0h-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

[1.1.0h-5]
- fix FIPS RSA key generation failure

[1.1.0h-4]
- ppc64le is not multilib arch (#1584994)

[1.1.0h-3]
- fix regression of c_rehash (#1562953)

[1.1.0h-2]
- fix FIPS symbol versions

[1.1.0h-1]
- update to upstream version 1.1.0h
- add Recommends for openssl-pkcs11

[1.1.0g-6]
- one more try to apply RPM_LD_FLAGS properly (#1541033)
- dropped unneeded starttls xmpp patch (#1417017)

[1:1.1.0g-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[1.1.0g-4]
- apply RPM_LD_FLAGS properly (#1541033)

[1.1.0g-3]
- silence the .rnd write failure as that is auxiliary functionality (#1524833)

[1.1.0g-2]
- put the Makefile.certificate in pkgdocdir and drop the requirement on make

[1.1.0g-1]
- update to upstream version 1.1.0g

[1:1.1.0f-9]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

[1:1.1.0f-8]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

[1:1.1.0f-7]
- make s_client and s_server work with -ssl3 option (#1471783)

[1:1.1.0f-6]
- perl dependency renamed to perl-interpreter


[1.1.0f-5]
- disable verification of all insecure hashes

[1.1.0f-4]
- make DTLS work (#1462541)

[1.1.0f-3]
- enable 3DES SSL ciphersuites, RC4 is kept disabled (#1453066)

[1.1.0f-2]
- only release thread-local key if we created it (from upstream) (#1458775)

[1.1.0f-1]
- update to upstream version 1.1.0f
- SRP and GOST is now allowed, note that GOST support requires
adding GOST engine which is not part of openssl anymore

[1.1.0e-1]
- update to upstream version 1.1.0e
- add documentation of the PROFILE=SYSTEM special cipher string (#1420232)

[1:1.1.0d-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

[1.1.0d-2]
- applied upstream fixes (fix regression in X509_CRL_digest)

[1.1.0d-1]
- update to upstream version 1.1.0d

[1.1.0c-5]
- preserve new line in fd BIO BIO_gets() as other BIOs do

[1.1.0c-4]
- FIPS mode fixes for TLS

[1.1.0c-3]
- revert SSL_read() behavior change - patch from upstream (#1394677)
- fix behavior on client certificate request in renegotiation (#1393579)

[1.1.0c-2]
- EC curve NIST P-224 is now allowed, still kept disabled in TLS due
to less than optimal security

[1.1.0c-1]
- update to upstream version 1.1.0c

[1.1.0b-4]
- use a random seed if the supplied one did not generate valid
parameters in dsa_builtin_paramgen2()

[1.1.0b-3]
- do not break contract on return value when using dsa_builtin_paramgen2()

[1.1.0b-2]
- fix afalg failure on big endian

[1.1.0b-1]
- update to upstream version 1.1.0b

[1:1.0.2j-2]
- Add flags for riscv64.

[1.0.2j-1]
- minor upstream release 1.0.2j fixing regression from previous release

[1.0.2i-2]
- Fix enginesdir in libcrypto.c (#1375361)

[1.0.2i-1]
- minor upstream release 1.0.2i fixing security issues
- move man pages for perl based scripts to perl subpackage (#1377617)

[1.0.2h-3]
- fix regression in Cisco AnyConnect VPN support (#1354588)

[1.0.2h-2]
- require libcrypto in libssl.pc (#1301301)

[1.0.2h-1]
- minor upstream release 1.0.2h fixing security issues

[1.0.2g-4]
- disable SSLv2 support altogether (without ABI break)

[1.0.2g-3]
- enable RC5

[1.0.2g-2]
- reenable SSL2 in the build to avoid ABI break (it does not
make the openssl vulnerable to DROWN attack)

[1.0.2g-1]
- minor upstream release 1.0.2g fixing security issues

[1:1.0.2f-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

[1.0.2f-1]
- minor upstream release 1.0.2f fixing security issues
- add support for MIPS secondary architecture

[1.0.2e-5]
- document some options of openssl speed command

[1.0.2e-4]
- enable sctp support in DTLS

[1.0.2e-3]
- remove unimplemented EC method from header (#1289599)

[1.0.2e-2]
- the fast nistp implementation works only on little endian architectures

[1.0.2e-1]
- minor upstream release 1.0.2e fixing moderate severity security issues
- enable fast assembler implementation for NIST P-256 and P-521
elliptic curves (#1164210)
- filter out unwanted link options from the .pc files (#1257836)
- do not set serial to 0 in Makefile.certificate (#1135719)

[1.0.2d-3]
- fix sigill on some AMD CPUs (#1278194)

[1.0.2d-2]
- re-enable secp256k1 (bz1021898)

[1.0.2d-1]
- minor upstream release 1.0.2d fixing a high severity security issue

[1.0.2c-3]
- fix the aarch64 build

[1:1.0.2c-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

[1.0.2c-1]
- minor upstream release 1.0.2c fixing multiple security issues

[1.0.2a-4]
- Add aarch64 sslarch details

[1.0.2a-3]
- fix some 64 bit build targets

[1.0.2a-2]
- add alternative certificate chain discovery support from upstream

[1.0.2a-1]
- rebase to 1.0.2 branch

[1.0.1k-7]
- drop the AES-GCM restriction of 2^32 operations because the IV is
always 96 bits (32 bit fixed field + 64 bit invocation field)

[1.0.1k-6]
- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0293 - triggerable assert in SSLv2 server

[1.0.1k-5]
- fix bug in the CRYPTO_128_unwrap()

[1.0.1k-4]
- fix bug in the RFC 5649 support (#1185878)

[1:1.0.1k-3]
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code

[1.0.1k-2]
- test in the non-FIPS RSA keygen for minimal distance of p and q
similarly to the FIPS RSA keygen

[1.0.1k-1]
- new upstream release fixing multiple security issues

[1.0.1j-3]
- disable SSLv3 by default again (mail servers and possibly
LDAP servers should probably allow it explicitly for legacy
clients)

[1.0.1j-2]
- update the FIPS RSA keygen to be FIPS 186-4 compliant

[1.0.1j-1]
- new upstream release fixing multiple security issues

[1.0.1i-5]
- copy negotiated digests when switching certs by SNI (#1150032)

[1.0.1i-4]
- add support for RFC 5649

[1:1.0.1i-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

[1.0.1i-2]
- drop RSA X9.31 from RSA FIPS selftests
- add Power 8 optimalizations

[1.0.1i-1]
- new upstream release fixing multiple moderate security issues
- for now disable only SSLv2 by default

[1.0.1h-6]
- fix license handling

[1.0.1h-5]
- disable SSLv2 and SSLv3 protocols by default (can be enabled
via appropriate SSL_CTX_clear_options() call)

[1.0.1h-4]
- use system profile for default cipher list

[1.0.1h-3]
- make FIPS mode keygen bit length restriction enforced only when
OPENSSL_ENFORCE_MODULUS_BITS is set
- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support

[1:1.0.1h-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

[1.0.1h-1]
- new upstream release 1.0.1h

[1.0.1g-2]
- Drop obsolete and irrelevant docs
- Move devel docs to appropriate package

[1.0.1g-1]
- new upstream release 1.0.1g
- do not include ECC ciphersuites in SSLv2 client hello (#1090952)
- fail on hmac integrity check if the .hmac file is empty

[1.0.1e-44]
- pull in upstream patch for CVE-2014-0160
- removed CHANGES file portion from patch for expediency

[1.0.1e-43]
- add support for ppc64le architecture (#1072633)

[1.0.1e-42]
- properly detect encryption failure in BIO
- use 2048 bit RSA key in FIPS selftests

[1.0.1e-41]
- use the key length from configuration file if req -newkey rsa is invoked

[1.0.1e-40]
- print ephemeral key size negotiated in TLS handshake (#1057715)
- add DH_compute_key_padded needed for FIPS CAVS testing

[1.0.1e-39]
- make expiration and key length changeable by DAYS and KEYLEN
variables in the certificate Makefile (#1058108)
- change default hash to sha256 (#1062325)

[1.0.1e-38]
- make 3des strength to be 128 bits instead of 168 (#1056616)

[1.0.1e-37]
- fix CVE-2013-4353 - Invalid TLS handshake crash
- fix CVE-2013-6450 - possible MiTM attack on DTLS1

[1.0.1e-36]
- fix CVE-2013-6449 - crash when version in SSL structure is incorrect
- more FIPS validation requirement changes

[1.0.1e-35]
- drop weak ciphers from the default TLS ciphersuite list
- add back some symbols that were dropped with update to 1.0.1 branch
- more FIPS validation requirement changes

[1.0.1e-34]
- fix locking and reseeding problems with FIPS drbg

[1.0.1e-33]
- additional changes required for FIPS validation

[1.0.1e-32]
- disable verification of certificate, CRL, and OCSP signatures
using MD5 if OPENSSL_ENABLE_MD5_VERIFY environment variable
is not set

[1.0.1e-31]
- add back support for secp521r1 EC curve
- add aarch64 to Configure (#969692)

[1.0.1e-30]
- fix misdetection of RDRAND support on Cyrix CPUS (from upstream) (#1022346)

[1.0.1e-29]
- do not advertise ECC curves we do not support (#1022493)

[1.0.1e-28]
- only ECC NIST Suite B curves support
- drop -fips subpackage

[1.0.1e-27]
- resolve bugzilla 319901 (phew! only took 6 years & 9 days)

[1.0.1e-26]
- make DTLS1 work in FIPS mode
- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode

[1.0.1e-25]
- avoid dlopening libssl.so from libcrypto (#1010357)

[1.0.1e-24]
- fix small memory leak in FIPS aes selftest

[1.0.1e-23]
- fix segfault in openssl speed hmac in the FIPS mode

[1.0.1e-22]
- document the nextprotoneg option in manual pages
original patch by Hubert Kario

[1.0.1e-21]
- [arm] use elf auxv to figure out armcap.c instead of playing silly
games with SIGILL handlers. (#1006474)

[1.0.1e-20]
- try to avoid some races when updating the -fips subpackage

[1.0.1e-19]
- use version-release in .hmac suffix to avoid overwrite
during upgrade

[1.0.1e-18]
- allow deinitialization of the FIPS mode

[1.0.1e-17]
- always perform the FIPS selftests in library constructor
if FIPS module is installed

[1.0.1e-16]
- add -fips subpackage that contains the FIPS module files

[1.0.1e-15]
- fix use of rdrand if available
- more commits cherry picked from upstream
- documentation fixes

[1:1.0.1e-14]
- Perl 5.18 rebuild

[1.0.1e-13]
- additional manual page fix
- use symbol versioning also for the textual version

[1.0.1e-12]
- additional manual page fixes

[1.0.1e-11]
- use _prefix macro

[1:1.0.1e-10]
- Perl 5.18 rebuild

[1.0.1e-9]
- add openssl.cnf.5 manpage symlink to config.5

[1.0.1e-8]
- add relro linking flag

[1.0.1e-7]
- add support for the -trusted_first option for certificate chain verification

[1.0.1e-6]
- fix build of manual pages with current pod2man (#959439)

[1.0.1e-5]
- Enable ARM optimised build

[1.0.1e-4]
- fix random bad record mac errors (#918981)

[1.0.1e-3]
- fix up the SHLIB_VERSION_NUMBER

[1.0.1e-2]
- disable ZLIB loading by default (due to CRIME attack)

[1.0.1e-1]
- new upstream version

[1.0.1c-12]
- more fixes from upstream
- fix errors in manual causing build failure (#904777)

[1.0.1c-11]
- add script for renewal of a self-signed cert by Philip Prindeville (#871566)
- allow X509_issuer_and_serial_hash() produce correct result in
the FIPS mode (#881336)

[1.0.1c-10]
- do not load default verify paths if CApath or CAfile specified (#884305)

[1.0.1c-9]
- more fixes from upstream CVS
- fix DSA key pairwise check (#878597)

[1.0.1c-8]
- use 1024 bit DH parameters in s_server as 512 bit is not allowed
in FIPS mode and it is quite weak anyway

[1.0.1c-7]
- add missing initialization of str in aes_ccm_init_key (#853963)
- add important patches from upstream CVS
- use the secure_getenv() with new glibc

[1:1.0.1c-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

[1.0.1c-5]
- use __getenv_secure() instead of __libc_enable_secure

[1.0.1c-4]
- do not move libcrypto to /lib
- do not use environment variables if __libc_enable_secure is on
- fix strict aliasing problems in modes

[1.0.1c-3]
- fix DSA key generation in FIPS mode (#833866)
- allow duplicate FIPS_mode_set(1)
- enable build on ppc64 subarch (#834652)

[1.0.1c-2]
- fix s_server with new glibc when no global IPv6 address (#839031)
- make it build with new Perl

[1.0.1c-1]
- new upstream version

[1.0.1b-1]
- new upstream version

[1.0.1a-1]
- new upstream version fixing CVE-2012-2110

[1.0.1-3]
- add Kerberos 5 libraries to pkgconfig for static linking (#807050)

[1.0.1-2]
- backports from upstream CVS
- fix segfault when /dev/urandom is not available (#809586)

[1.0.1-1]
- new upstream release

[1.0.1-0.3.beta3]
- add obsoletes to assist multilib updates (#799636)

[1.0.1-0.2.beta3]
- epoch bumped to 1 due to revert to 1.0.0g on Fedora 17
- new upstream release from the 1.0.1 branch
- fix s390x build (#798411)
- versioning for the SSLeay symbol (#794950)
- add -DPURIFY to build flags (#797323)
- filter engine provides
- split the libraries to a separate -libs package
- add make to requires on the base package (#783446)

[1.0.1-0.1.beta2]
- new upstream release from the 1.0.1 branch, ABI compatible
- add documentation for the -no_ign_eof option

[1.0.0g-1]
- new upstream release fixing CVE-2012-0050 - DoS regression in
DTLS support introduced by the previous release (#782795)

[1.0.0f-1]
- new upstream release fixing multiple CVEs

[1.0.0e-4]
- move the libraries needed for static linking to Libs.private

[1.0.0e-3]
- do not use AVX instructions when osxsave bit not set
- add direct known answer tests for SHA2 algorithms

[1.0.0e-2]
- fix missing initialization of variable in CHIL engine

[1.0.0e-1]
- new upstream release fixing CVE-2011-3207 (#736088)

[1.0.0d-8]
- drop the separate engine for Intel acceleration improvements
and merge in the AES-NI, SHA1, and RC4 optimizations
- add support for OPENSSL_DISABLE_AES_NI environment variable
that disables the AES-NI support

[1.0.0d-7]
- correct openssl cms help output (#636266)
- more tolerant starttls detection in XMPP protocol (#608239)

[1.0.0d-6]
- add support for newest Intel acceleration improvements backported
from upstream by Intel in form of a separate engine

[1.0.0d-5]
- allow the AES-NI engine in the FIPS mode

[1.0.0d-4]
- add API necessary for CAVS testing of the new DSA parameter generation

[1.0.0d-3]
- add support for VIA Padlock on 64bit arch from upstream (#617539)
- do not return bogus values from load_certs (#652286)

[1.0.0d-2]
- clarify apps help texts for available digest algorithms (#693858)

[1.0.0d-1]
- new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability)

[1.0.0c-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

[1.0.0c-3]
- add -x931 parameter to openssl genrsa command to use the ANSI X9.31
key generation method
- use FIPS-186-3 method for DSA parameter generation
- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable
to allow using MD5 when the system is in the maintenance state
even if the /proc fips flag is on
- make openssl pkcs12 command work by default in the FIPS mode

[1.0.0c-2]
- listen on ipv6 wildcard in s_server so we accept connections
from both ipv4 and ipv6 (#601612)
- fix openssl speed command so it can be used in the FIPS mode
with FIPS allowed ciphers

[1.0.0c-1]
- new upstream version fixing CVE-2010-4180

[1.0.0b-3]
- replace the revert for the s390x bignum asm routines with
fix from upstream

[1.0.0b-2]
- revert upstream change in s390x bignum asm routines

[1.0.0b-1]
- new upstream version fixing CVE-2010-3864 (#649304)

[1.0.0a-3]
- make SHLIB_VERSION reflect the library suffix

[1.0.0a-2]
- openssl man page fix (#609484)

[1.0.0a-1]
- new upstream patch release, fixes CVE-2010-0742 (#598738)
and CVE-2010-1633 (#598732)




Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (x86_64) openssl-1.1.1g-11.ksplice1.el8.src.rpmf134affe6d75682f163e0dba0fc43124-
openssl-1.1.1g-11.ksplice1.el8.x86_64.rpm6ace39be19a21d1b7f9f8153d79cad20-
openssl-devel-1.1.1g-11.ksplice1.el8.i686.rpm8b6ef007f6a7bfd15c00d9ae60f4174e-
openssl-devel-1.1.1g-11.ksplice1.el8.x86_64.rpme0a1a4ddfcf3e9824175f8ec1b3c4230-
openssl-libs-1.1.1g-11.ksplice1.el8.i686.rpmabddfba98551cc9732d6e173528aec85-
openssl-libs-1.1.1g-11.ksplice1.el8.x86_64.rpma7e1dd707d953d2cfa25d86851abe0d7-
openssl-perl-1.1.1g-11.ksplice1.el8.x86_64.rpm846c1a733c69afe50129a16c37a93aad-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete