ELSA-2018-3221

ULN >
Oracle Linux Errata repository >
ELSA-2018-3221

ELSA-2018-3221 - openssl security, bug fix, and enhancement update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2018-11-05

Description

[1.0.2k-16.0.1]
- sha256 is used for the RSA pairwise consistency test instead of sha1

[1.0.2k-16]
- fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA
- fix incorrect error message on FIPS DSA parameter generation (#1603597)

[1.0.2k-14]
- ppc64le is not multilib architecture (#1585004)

[1.0.2k-13]
- add S390x assembler updates
- make CA name list comparison function case sensitive (#1548401)
- fix CVE-2017-3735 - possible one byte overread with X.509 IPAdressFamily
- fix CVE-2018-0732 - large prime DH DoS of TLS client
- fix CVE-2018-0737 - RSA key generation cache timing vulnerability
- fix CVE-2018-0739 - stack overflow parsing recursive ASN.1 structure

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	openssl-1.0.2k-16.0.1.el7.src.rpm	55adc94b8799d943b1b2b7c55fde0d14	ELSA-2017-3518
	openssl-1.0.2k-16.0.1.el7.aarch64.rpm	111bd1a056aae58aff8e22827da6eaf4	ELSA-2017-3518
	openssl-devel-1.0.2k-16.0.1.el7.aarch64.rpm	61f387773e4a5a4d1b192578979063ee	ELSA-2017-3518
	openssl-libs-1.0.2k-16.0.1.el7.aarch64.rpm	f8910a52295bded71a914a679e893e96	ELSA-2017-3518
	openssl-perl-1.0.2k-16.0.1.el7.aarch64.rpm	9ebf44f29175ecb42df9a10fb3767c1d	ELSA-2017-3518
	openssl-static-1.0.2k-16.0.1.el7.aarch64.rpm	3c3d8ea7f4c5cf551ed7bc72043de319	ELSA-2017-3518

Oracle Linux 7 (x86_64)	openssl-1.0.2k-16.0.1.el7.src.rpm	55adc94b8799d943b1b2b7c55fde0d14	ELSA-2017-3518
	openssl-1.0.2k-16.0.1.el7.x86_64.rpm	494b65358a0dc2f32351e934c8207f12	ELSA-2017-3518
	openssl-devel-1.0.2k-16.0.1.el7.i686.rpm	1cc408861dad9f7144ca3c2ad784000e	ELSA-2017-3518
	openssl-devel-1.0.2k-16.0.1.el7.x86_64.rpm	d393457a3a553e24bc98bb58659f6bc7	ELSA-2017-3518
	openssl-libs-1.0.2k-16.0.1.el7.i686.rpm	075ef8d4941f9a850fa6cb4038edbd36	ELSA-2017-3518
	openssl-libs-1.0.2k-16.0.1.el7.x86_64.rpm	b1a39795cd802e022b81db29226b91b3	ELSA-2017-3518
	openssl-perl-1.0.2k-16.0.1.el7.x86_64.rpm	29c5ae58386b86cc08e41ad9c62e5fa4	ELSA-2017-3518
	openssl-static-1.0.2k-16.0.1.el7.i686.rpm	6817056bdf84977351c58f67854e3ffd	ELSA-2017-3518
	openssl-static-1.0.2k-16.0.1.el7.x86_64.rpm	2b9b961ceafd9fa67a9b60d3d8c3d00b	ELSA-2017-3518

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691