ELSA-2021-9528

ELSA-2021-9528 - openssl security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2021-10-29

Description


[1.0.2k-22_fips]
- Change Epoch from 1 to 10
- Fix DH self-test to add shared secret comparison [Orabug: 32467026]
- Add DH support changes for SP 800-56A rev3 requirements [Orabug: 32467059]
- Add TLS KDF self-test [Orabug: 32467193]
- Add EC keys pairwise consistency test [Orabug: 32467059]

[1.0.2k-22]
- fix CVE-2021-23841 openssl: NULL pointer dereference
in X509_issuer_and_serial_hash()
- fix CVE-2021-23840 openssl: integer overflow in CipherUpdate
- Resolves: rhbz#1932132, rhbz#1932126


Related CVEs


CVE-2021-23840
CVE-2021-23841

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) openssl-1.0.2k-22.el7_9_fips.src.rpm65c357864c9c00269710aabca1bf0b6741d90eb111403de75a265f29cef0ef64ELSA-2017-3518ol7_aarch64_u8_security_validation
openssl-1.0.2k-22.el7_9_fips.aarch64.rpm0445172f2b1ba5997c61413b60b4490eb9f403445cce64d0e7eeb3a807149727ELSA-2017-3518ol7_aarch64_u8_security_validation
openssl-devel-1.0.2k-22.el7_9_fips.aarch64.rpm3ee339cf6a6009e7b582e60f5977a8b0a7401d661283de976dfdeaedd7076689ELSA-2017-3518ol7_aarch64_u8_security_validation
openssl-libs-1.0.2k-22.el7_9_fips.aarch64.rpm25697e4818f48455ba03c2538cbdee279397d153abf6bd5474d2f6b4c320b91cELSA-2017-3518ol7_aarch64_u8_security_validation
openssl-perl-1.0.2k-22.el7_9_fips.aarch64.rpm479990246ddec189fa97fa7f3ebff7a62a374e6f45814a8f5be07cf05f7e40e5ELSA-2017-3518ol7_aarch64_u8_security_validation
openssl-static-1.0.2k-22.el7_9_fips.aarch64.rpm3c1447b9c164af3fca6fe714de42935085f494d05d4f0a5495378af65e21332eELSA-2017-3518ol7_aarch64_u8_security_validation
Oracle Linux 7 (x86_64) openssl-1.0.2k-22.el7_9_fips.src.rpm65c357864c9c00269710aabca1bf0b6741d90eb111403de75a265f29cef0ef64ELSA-2017-3518ol7_x86_64_u8_security_validation
openssl-1.0.2k-22.el7_9_fips.x86_64.rpmc16aaa5e517cfdbdf662c0c3389883d6429bd54aaed3d7071f8ff1af1ab24c8eELSA-2017-3518ol7_x86_64_u8_security_validation
openssl-devel-1.0.2k-22.el7_9_fips.i686.rpmb52036f91bec8100d7f5eeb096ca15126f33f4465247eac3c8d6e3517991bd16ELSA-2017-3518ol7_x86_64_u8_security_validation
openssl-devel-1.0.2k-22.el7_9_fips.x86_64.rpm9aa4d7bcfffdce5b0d8e9671c2e8efe3052a2df1a25b71a93604ebaf8580fceaELSA-2017-3518ol7_x86_64_u8_security_validation
openssl-libs-1.0.2k-22.el7_9_fips.i686.rpmc015e36c79a2fa225cce2cf2b8e78b8822b4eb3604e0a1492872651b22d2e3b2ELSA-2017-3518ol7_x86_64_u8_security_validation
openssl-libs-1.0.2k-22.el7_9_fips.x86_64.rpm3d2c965e37221ae2f36b6239dfe4f6e04f55a5ae014fb19600094440adb0a5a8ELSA-2017-3518ol7_x86_64_u8_security_validation
openssl-perl-1.0.2k-22.el7_9_fips.x86_64.rpm3b50992d9e1427f8405b80d2e1aa825cac9cbe323c73759dcf0b90d5d2305ce3ELSA-2017-3518ol7_x86_64_u8_security_validation
openssl-static-1.0.2k-22.el7_9_fips.i686.rpmeffd867bccd304b03031e5d74b896c7621e9174356c87e5eb5e9273ff4bf859cELSA-2017-3518ol7_x86_64_u8_security_validation
openssl-static-1.0.2k-22.el7_9_fips.x86_64.rpm4547fac666d92c559b943b6f959e8e3d5cbcc07db0db592a80d248343c08ea99ELSA-2017-3518ol7_x86_64_u8_security_validation



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete