ELSA-2019-2304

ULN >
Oracle Linux Errata repository >
ELSA-2019-2304

ELSA-2019-2304 - openssl security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2019-08-13

Description

[1.0.2k-19.0.1]
- Bump release for rebuild.

[1.0.2k-19]
- close the RSA decryption 9 lives of Bleichenbacher cat
timing side channel (#1649568)

[1.0.2k-18]
- fix CVE-2018-0734 - DSA signature local timing side channel
- fix CVE-2019-1559 - 0-byte record padding oracle
- close the RSA decryption One & done EM side channel (#1619558)

[1.0.2k-17]
- use SHA-256 in FIPS RSA pairwise key check
- fix CVE-2018-5407 (and CVE-2018-0735) - EC signature local
timing side-channel key extraction

Related CVEs

CVE-2018-0734

CVE-2019-1559

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	openssl-1.0.2k-19.0.1.el7.src.rpm	124f86459e1de69711343a5c570d531d	ELSA-2017-3518
	openssl-1.0.2k-19.0.1.el7.aarch64.rpm	afa20224eb0506ff74efd167bab8084d	ELSA-2017-3518
	openssl-devel-1.0.2k-19.0.1.el7.aarch64.rpm	8c8105e0077b1a63bd130c4c8cb8a6c3	ELSA-2017-3518
	openssl-libs-1.0.2k-19.0.1.el7.aarch64.rpm	1af4611e6d0da12a7a777d5fb51d87f1	ELSA-2017-3518
	openssl-perl-1.0.2k-19.0.1.el7.aarch64.rpm	4dd17f712bb47eed57fce9d4b8ec55d3	ELSA-2017-3518
	openssl-static-1.0.2k-19.0.1.el7.aarch64.rpm	0ae2af2a6b2f39effdafd1e5d7f3cd45	ELSA-2017-3518

Oracle Linux 7 (x86_64)	openssl-1.0.2k-19.0.1.el7.src.rpm	124f86459e1de69711343a5c570d531d	ELSA-2017-3518
	openssl-1.0.2k-19.0.1.el7.x86_64.rpm	7ede1fd24cc1d99ee3805e698c156d7d	ELSA-2017-3518
	openssl-devel-1.0.2k-19.0.1.el7.i686.rpm	cd2c2b170650f0b04caf576f62e8a98c	ELSA-2017-3518
	openssl-devel-1.0.2k-19.0.1.el7.x86_64.rpm	5046cfb0b21656b2c5bd50d1f6b1955c	ELSA-2017-3518
	openssl-libs-1.0.2k-19.0.1.el7.i686.rpm	3390ee47c6553c647f8f2dcab6c01d1c	ELSA-2017-3518
	openssl-libs-1.0.2k-19.0.1.el7.x86_64.rpm	4971a4ef27e7cc1a4ea4e85fef4b2787	ELSA-2017-3518
	openssl-perl-1.0.2k-19.0.1.el7.x86_64.rpm	5582a0d478112c841295f4493913f23b	ELSA-2017-3518
	openssl-static-1.0.2k-19.0.1.el7.i686.rpm	9378972ae999848bb40993d90f93ec8b	ELSA-2017-3518
	openssl-static-1.0.2k-19.0.1.el7.x86_64.rpm	18ef69e12caf5858aa028741c7b2b974	ELSA-2017-3518

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691