Stay Connected:

ELSA-2019-3700

ELSA-2019-3700 - openssl security, bug fix, and enhancement update

Type:SECURITY
Severity:LOW
Release Date:2019-11-14

Description


[1.1.1c-2]
- do not try to use EC groups disallowed in FIPS mode
in TLS
- fix Valgrind regression with constant-time code

[1.1.1c-1]
- update to the 1.1.1c release

[1.1.1b-6]
- adjust the default cert pbe algorithm for pkcs12 -export
in the FIPS mode

[1.1.1b-5]
- Fix small regressions related to the rebase

[1.1.1b-3]
- FIPS compliance fixes

[1.1.1b-1]
- update to the 1.1.1b release
- EVP_KDF API backport from master
- SSH KDF implementation for EVP_KDF API backport from master
- add S390x chacha20-poly1305 assembler support from master branch


Related CVEs


CVE-2018-0734
CVE-2018-0735
CVE-2019-1543

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) openssl-1.1.1c-2.el8.src.rpme7c840dfd32e044d8f11d8b7c8394a06-
openssl-1.1.1c-2.el8.aarch64.rpm6506cdc5eb19264e75c045afca21b69c-
openssl-devel-1.1.1c-2.el8.aarch64.rpme99d5e67c12a350d36e698f0cdb30e85-
openssl-libs-1.1.1c-2.el8.aarch64.rpm749845cc256f6216bdac557778841263-
openssl-perl-1.1.1c-2.el8.aarch64.rpm933125229c1c2333277e0be3c9804749-
Oracle Linux 8 (x86_64) openssl-1.1.1c-2.el8.src.rpme7c840dfd32e044d8f11d8b7c8394a06-
openssl-1.1.1c-2.el8.x86_64.rpmfebcd39a55563b9862e1ec39d4c570d4-
openssl-devel-1.1.1c-2.el8.i686.rpmc1ca438aa17cbd9cc9bf79c287130122-
openssl-devel-1.1.1c-2.el8.x86_64.rpm5abedea8ea5bb27a291339cc986df94f-
openssl-libs-1.1.1c-2.el8.i686.rpm3df91e98bb94518c2c68f2fe7b80a602-
openssl-libs-1.1.1c-2.el8.x86_64.rpme05fbacdb03de844dbe820e6c27d801f-
openssl-perl-1.1.1c-2.el8.x86_64.rpm0e9ba5fe86fd0c7d7d626aaaa81dd3d0-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights