ELSA-2022-9225

ULN >
Oracle Linux Errata repository >
ELSA-2022-9225

ELSA-2022-9225 - openssl security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2022-03-18

Description

[1.0.2k-24.0.3]
- fix CVE-2022-0778 openssl: Fix possible infinite loop in BN_mod_sqrt()
- Change Epoch from 1 to 10
- Fix DH self-test to add shared secret comparison [Orabug: 32467026]
- Add DH support changes for SP 800-56A rev3 requirements [Orabug: 32467059]
- Add TLS KDF self-test [Orabug: 32467193]
- Add EC keys pairwise consistency test [Orabug: 32467059]

[1.0.2k-24]
- Updates patch openssl-1.0.2k-cve-2021-3712.patch to only free on push failure.
- Resolves: rhbz#2039993

Related CVEs

CVE-2022-0778

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	openssl-1.0.2k-24.0.3.el7_9_fips.src.rpm	cf60c373a97d9c6939e840b1c63cdba8	-
	openssl-1.0.2k-24.0.3.el7_9_fips.aarch64.rpm	b29064b9a59b4e90c65180139a7cf41d	-
	openssl-devel-1.0.2k-24.0.3.el7_9_fips.aarch64.rpm	4d9b836aab72614975ad2e8995337a47	-
	openssl-libs-1.0.2k-24.0.3.el7_9_fips.aarch64.rpm	e7fc77aa6f25d6accd9b9ee516aaf422	-
	openssl-perl-1.0.2k-24.0.3.el7_9_fips.aarch64.rpm	093c430aa6d49659003603bed1829266	-
	openssl-static-1.0.2k-24.0.3.el7_9_fips.aarch64.rpm	2054f98c3778c8f9168518d25ceee386	-

Oracle Linux 7 (x86_64)	openssl-1.0.2k-24.0.3.el7_9_fips.src.rpm	cf60c373a97d9c6939e840b1c63cdba8	-
	openssl-1.0.2k-24.0.3.el7_9_fips.x86_64.rpm	1ea4590e7928c015432f2046019820bf	-
	openssl-devel-1.0.2k-24.0.3.el7_9_fips.i686.rpm	eead8108598f23e359a1778398bedada	-
	openssl-devel-1.0.2k-24.0.3.el7_9_fips.x86_64.rpm	7989807e8d552fdf5607b74effe6a1ab	-
	openssl-libs-1.0.2k-24.0.3.el7_9_fips.i686.rpm	863ca350e038cfa2c89d4433947bbd79	-
	openssl-libs-1.0.2k-24.0.3.el7_9_fips.x86_64.rpm	052c913e4149900b1e15bea2e220a3ac	-
	openssl-perl-1.0.2k-24.0.3.el7_9_fips.x86_64.rpm	b51db01d9001af39fff2ccaff464a15f	-
	openssl-static-1.0.2k-24.0.3.el7_9_fips.i686.rpm	3a56afa832bee4dcf1b20724e740b3af	-
	openssl-static-1.0.2k-24.0.3.el7_9_fips.x86_64.rpm	d38a60d5b906e4b3eeecb193ee0c7b3f	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691