ELSA-2021-9528

ULN >
Oracle Linux Errata repository >
ELSA-2021-9528

ELSA-2021-9528 - openssl security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2021-10-29

Description

[1.0.2k-22_fips]
- Change Epoch from 1 to 10
- Fix DH self-test to add shared secret comparison [Orabug: 32467026]
- Add DH support changes for SP 800-56A rev3 requirements [Orabug: 32467059]
- Add TLS KDF self-test [Orabug: 32467193]
- Add EC keys pairwise consistency test [Orabug: 32467059]

[1.0.2k-22]
- fix CVE-2021-23841 openssl: NULL pointer dereference
in X509_issuer_and_serial_hash()
- fix CVE-2021-23840 openssl: integer overflow in CipherUpdate
- Resolves: rhbz#1932132, rhbz#1932126

Related CVEs

CVE-2021-23840

CVE-2021-23841

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	openssl-1.0.2k-22.el7_9_fips.src.rpm	65c357864c9c00269710aabca1bf0b6741d90eb111403de75a265f29cef0ef64	ELSA-2017-3518	ol7_aarch64_u8_security_validation
	openssl-1.0.2k-22.el7_9_fips.aarch64.rpm	0445172f2b1ba5997c61413b60b4490eb9f403445cce64d0e7eeb3a807149727	ELSA-2017-3518	ol7_aarch64_u8_security_validation
	openssl-devel-1.0.2k-22.el7_9_fips.aarch64.rpm	3ee339cf6a6009e7b582e60f5977a8b0a7401d661283de976dfdeaedd7076689	ELSA-2017-3518	ol7_aarch64_u8_security_validation
	openssl-libs-1.0.2k-22.el7_9_fips.aarch64.rpm	25697e4818f48455ba03c2538cbdee279397d153abf6bd5474d2f6b4c320b91c	ELSA-2017-3518	ol7_aarch64_u8_security_validation
	openssl-perl-1.0.2k-22.el7_9_fips.aarch64.rpm	479990246ddec189fa97fa7f3ebff7a62a374e6f45814a8f5be07cf05f7e40e5	ELSA-2017-3518	ol7_aarch64_u8_security_validation
	openssl-static-1.0.2k-22.el7_9_fips.aarch64.rpm	3c1447b9c164af3fca6fe714de42935085f494d05d4f0a5495378af65e21332e	ELSA-2017-3518	ol7_aarch64_u8_security_validation

Oracle Linux 7 (x86_64)	openssl-1.0.2k-22.el7_9_fips.src.rpm	65c357864c9c00269710aabca1bf0b6741d90eb111403de75a265f29cef0ef64	ELSA-2017-3518	ol7_x86_64_u8_security_validation
	openssl-1.0.2k-22.el7_9_fips.x86_64.rpm	c16aaa5e517cfdbdf662c0c3389883d6429bd54aaed3d7071f8ff1af1ab24c8e	ELSA-2017-3518	ol7_x86_64_u8_security_validation
	openssl-devel-1.0.2k-22.el7_9_fips.i686.rpm	b52036f91bec8100d7f5eeb096ca15126f33f4465247eac3c8d6e3517991bd16	ELSA-2017-3518	ol7_x86_64_u8_security_validation
	openssl-devel-1.0.2k-22.el7_9_fips.x86_64.rpm	9aa4d7bcfffdce5b0d8e9671c2e8efe3052a2df1a25b71a93604ebaf8580fcea	ELSA-2017-3518	ol7_x86_64_u8_security_validation
	openssl-libs-1.0.2k-22.el7_9_fips.i686.rpm	c015e36c79a2fa225cce2cf2b8e78b8822b4eb3604e0a1492872651b22d2e3b2	ELSA-2017-3518	ol7_x86_64_u8_security_validation
	openssl-libs-1.0.2k-22.el7_9_fips.x86_64.rpm	3d2c965e37221ae2f36b6239dfe4f6e04f55a5ae014fb19600094440adb0a5a8	ELSA-2017-3518	ol7_x86_64_u8_security_validation
	openssl-perl-1.0.2k-22.el7_9_fips.x86_64.rpm	3b50992d9e1427f8405b80d2e1aa825cac9cbe323c73759dcf0b90d5d2305ce3	ELSA-2017-3518	ol7_x86_64_u8_security_validation
	openssl-static-1.0.2k-22.el7_9_fips.i686.rpm	effd867bccd304b03031e5d74b896c7621e9174356c87e5eb5e9273ff4bf859c	ELSA-2017-3518	ol7_x86_64_u8_security_validation
	openssl-static-1.0.2k-22.el7_9_fips.x86_64.rpm	4547fac666d92c559b943b6f959e8e3d5cbcc07db0db592a80d248343c08ea99	ELSA-2017-3518	ol7_x86_64_u8_security_validation

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691