ELSA-2021-9121

ELSA-2021-9121 - openssl bug fix update

Type:SECURITY
Impact:IMPORTANT
Release Date:2021-04-06

Description


[1.0.2k-21]
- remove ASN1_F_ASN1_ITEM_EMBED_D2I from openssl-1.0.2k-cve-2020-1971.patch

[1.0.2k-20]
- fix CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

[1.0.2k-19]
- close the RSA decryption 9 lives of Bleichenbacher cat
timing side channel (#1649568)

[1.0.2k-18]
- fix CVE-2018-0734 - DSA signature local timing side channel
- fix CVE-2019-1559 - 0-byte record padding oracle
- close the RSA decryption One & done EM side channel (#1619558)

[1.0.2k-17]
- use SHA-256 in FIPS RSA pairwise key check
- fix CVE-2018-5407 (and CVE-2018-0735) - EC signature local
timing side-channel key extraction


Related CVEs


CVE-2020-1971

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) openssl-1.0.2k-21.ksplice1.el7_9.src.rpma0c888de07de264b7c433a406fdd0d688055951285aa130872d8fe3fdb83767dELSA-2017-3518ol7_aarch64_userspace_ksplice
openssl-1.0.2k-21.ksplice1.el7_9.aarch64.rpm856d6f7d604a27cc222b8f0da7dd7ab005e1be3228cbb4643ed6dcee0faadd65ELSA-2017-3518ol7_aarch64_userspace_ksplice
openssl-devel-1.0.2k-21.ksplice1.el7_9.aarch64.rpmd209981d2a393010cfdf5f088ab6f94d6bcdbbd6c226b38e209cd650562c9afbELSA-2017-3518ol7_aarch64_userspace_ksplice
openssl-libs-1.0.2k-21.ksplice1.el7_9.aarch64.rpm7315c11265be395656b842e75c27df84bf6fc457a323f75cd955fc586468ec04ELSA-2017-3518ol7_aarch64_userspace_ksplice
openssl-perl-1.0.2k-21.ksplice1.el7_9.aarch64.rpm7336f2ef055a35818b3bfe50d8edc52bb0a95c99a78c690c65a7c8b8c694e622ELSA-2017-3518ol7_aarch64_userspace_ksplice
openssl-static-1.0.2k-21.ksplice1.el7_9.aarch64.rpm81e2d4e0ad77ea16bad961c6363a9ce210b7c4c5fb411eecc5cb6b0ce33d2f4cELSA-2017-3518ol7_aarch64_userspace_ksplice
Oracle Linux 7 (x86_64) openssl-1.0.2k-21.ksplice1.el7_9.src.rpma0c888de07de264b7c433a406fdd0d688055951285aa130872d8fe3fdb83767dELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-1.0.2k-21.ksplice1.el7_9.x86_64.rpmb679e1febe484922ec25b4f4ada71bd4fa3edd8a6e3db603635a7741573ab156ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-devel-1.0.2k-21.ksplice1.el7_9.i686.rpmc6295690bbc2a44983a64beb55487f2eba68c1a8a24b1ffb5db045d1b7ed520eELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-devel-1.0.2k-21.ksplice1.el7_9.x86_64.rpmbffa6a7e9ce96b4ff2c573137f74400066383facc76302192cc334f6c0c0c4f5ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-libs-1.0.2k-21.ksplice1.el7_9.i686.rpm49a9c07d2719fa1192ff5f4eb3a96cb8008a991ae78c6e0f7633d0130bd448d7ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-libs-1.0.2k-21.ksplice1.el7_9.x86_64.rpmd6c311b88dffa2322834e5b1b7b499967514370e2219c54ae88f06d63a8152c5ELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-perl-1.0.2k-21.ksplice1.el7_9.x86_64.rpm71d6c457b393cc00fce9d134a7e8f6b6349a20dc2683cbb8a4b46a5231036e8fELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-static-1.0.2k-21.ksplice1.el7_9.i686.rpme494abc3b7cb6f1aa285fefceeabb35989e6ad505d62acf3fb9e3c70a7071facELSA-2017-3518ol7_x86_64_userspace_ksplice
openssl-static-1.0.2k-21.ksplice1.el7_9.x86_64.rpmbd56b4d893f04a96850825debda7cdaa7605e2dc5cb59da92595961dbda3d19cELSA-2017-3518ol7_x86_64_userspace_ksplice



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete