Stay Connected:

ELSA-2020-4514

ELSA-2020-4514 - openssl security, bug fix, and enhancement update

Type:SECURITY
Impact:LOW
Release Date:2020-11-10

Description


[1.1.1g-11]
- Further changes for SP 800-56A rev3 requirements

[1.1.1g-9]
- Rewire FIPS_drbg API to use the RAND_DRBG
- Use the well known DH groups in TLS even for 2048 and 1024 bit parameters

[1.1.1g-7]
- Disallow dropping Extended Master Secret extension
on renegotiation
- Return alert from s_server if ALPN protocol does not match
- SHA1 is allowed in @SECLEVEL=2 only if allowed by
TLS SigAlgs configuration

[1.1.1g-6]
- Add FIPS selftest for PBKDF2 and KBKDF

[1.1.1g-5]
- Allow only well known DH groups in the FIPS mode

[1.1.1g-1]
- update to the 1.1.1g release
- FIPS module installed state definition is modified


Related CVEs


CVE-2019-1551

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) openssl-1.1.1g-11.el8.src.rpm68d83b7a5a19d0d351eb57d71cf1dcd3bd0527ef03906c632f404833edba51eb-ol8_aarch64_baseos_latest
openssl-1.1.1g-11.el8.src.rpm68d83b7a5a19d0d351eb57d71cf1dcd3bd0527ef03906c632f404833edba51eb-ol8_aarch64_u3_baseos_base
openssl-1.1.1g-11.el8.aarch64.rpma3bb536fb53fe5ef5d3f96cc59ae999d6d55c081ae0749b82da941cdca024434-ol8_aarch64_baseos_latest
openssl-1.1.1g-11.el8.aarch64.rpma3bb536fb53fe5ef5d3f96cc59ae999d6d55c081ae0749b82da941cdca024434-ol8_aarch64_u3_baseos_base
openssl-devel-1.1.1g-11.el8.aarch64.rpm0853d14b57e0f5b752b905effe0028174bf47cf23538caf8b8266708d09d65bb-ol8_aarch64_baseos_latest
openssl-devel-1.1.1g-11.el8.aarch64.rpm0853d14b57e0f5b752b905effe0028174bf47cf23538caf8b8266708d09d65bb-ol8_aarch64_u3_baseos_base
openssl-libs-1.1.1g-11.el8.aarch64.rpme2dcd3127b98f023668f7b9fe95f6620467af2863f5724bc360d3304e749805e-ol8_aarch64_baseos_latest
openssl-libs-1.1.1g-11.el8.aarch64.rpme2dcd3127b98f023668f7b9fe95f6620467af2863f5724bc360d3304e749805e-ol8_aarch64_u3_baseos_base
openssl-perl-1.1.1g-11.el8.aarch64.rpmfd01e10464a988483698bd22df6648916a947e076de16d2684f9a03600db0f9e-ol8_aarch64_baseos_latest
openssl-perl-1.1.1g-11.el8.aarch64.rpmfd01e10464a988483698bd22df6648916a947e076de16d2684f9a03600db0f9e-ol8_aarch64_u3_baseos_base
Oracle Linux 8 (x86_64) openssl-1.1.1g-11.el8.src.rpm68d83b7a5a19d0d351eb57d71cf1dcd3bd0527ef03906c632f404833edba51eb-ol8_x86_64_baseos_latest
openssl-1.1.1g-11.el8.src.rpm68d83b7a5a19d0d351eb57d71cf1dcd3bd0527ef03906c632f404833edba51eb-ol8_x86_64_u3_baseos_base
openssl-1.1.1g-11.el8.x86_64.rpm5ff48bd310bbda23c4716d1c073cdd5e589e4a001b5f90ef6538dfc3f30a2c7a-ol8_x86_64_baseos_latest
openssl-1.1.1g-11.el8.x86_64.rpm5ff48bd310bbda23c4716d1c073cdd5e589e4a001b5f90ef6538dfc3f30a2c7a-ol8_x86_64_u3_baseos_base
openssl-devel-1.1.1g-11.el8.i686.rpm95bd7d15ceeb4a39222da2b270d3203f5b87b8d12cf1c398025d428df2719ae2-ol8_x86_64_baseos_latest
openssl-devel-1.1.1g-11.el8.i686.rpm95bd7d15ceeb4a39222da2b270d3203f5b87b8d12cf1c398025d428df2719ae2-ol8_x86_64_u3_baseos_base
openssl-devel-1.1.1g-11.el8.x86_64.rpm41f2339c84a08ee4d75bcfc00d664763443806776e1b4b54ee18c97ac718b6c9-ol8_x86_64_baseos_latest
openssl-devel-1.1.1g-11.el8.x86_64.rpm41f2339c84a08ee4d75bcfc00d664763443806776e1b4b54ee18c97ac718b6c9-ol8_x86_64_u3_baseos_base
openssl-libs-1.1.1g-11.el8.i686.rpma8217032990895cb9e2b7c462eb1efa481b9a70ed7df6500931cf2970bc1f86f-ol8_x86_64_baseos_latest
openssl-libs-1.1.1g-11.el8.i686.rpma8217032990895cb9e2b7c462eb1efa481b9a70ed7df6500931cf2970bc1f86f-ol8_x86_64_u3_baseos_base
openssl-libs-1.1.1g-11.el8.x86_64.rpmd6e15053f0d269bb908236d094568f8f8c46b61ca8d7ee8717b5d4ae84ca692b-ol8_x86_64_baseos_latest
openssl-libs-1.1.1g-11.el8.x86_64.rpmd6e15053f0d269bb908236d094568f8f8c46b61ca8d7ee8717b5d4ae84ca692b-ol8_x86_64_u3_baseos_base
openssl-perl-1.1.1g-11.el8.x86_64.rpmd166b7e4a120839a4f3caeefb5835858c3abd2d553f6b04c3b2ecbd511db63fc-ol8_x86_64_baseos_latest
openssl-perl-1.1.1g-11.el8.x86_64.rpmd166b7e4a120839a4f3caeefb5835858c3abd2d553f6b04c3b2ecbd511db63fc-ol8_x86_64_u3_baseos_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights