ELSA-2023-1405

ULN >
Oracle Linux Errata repository >
ELSA-2023-1405

ELSA-2023-1405 - openssl security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2023-03-22

Description

[1:1.1.1k-9]
- Fixed Timing Oracle in RSA Decryption
Resolves: CVE-2022-4304
- Fixed Double free after calling PEM_read_bio_ex
Resolves: CVE-2022-4450
- Fixed Use-after-free following BIO_new_NDEF
Resolves: CVE-2023-0215
- Fixed X.400 address type confusion in X.509 GeneralName
Resolves: CVE-2023-0286

[1:1.1.1k-8]
- Fix no-ec build
Resolves: rhbz#2071020

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	openssl-1.1.1k-9.el8_7.src.rpm	31982bf58817e576a63e39d76f24aafc	-
	openssl-1.1.1k-9.el8_7.aarch64.rpm	fd8ffe7a885cd164ac457bcd7bd22fb5	-
	openssl-devel-1.1.1k-9.el8_7.aarch64.rpm	b71de14880b73a3c0bb5997634dea94c	-
	openssl-libs-1.1.1k-9.el8_7.aarch64.rpm	2d344b158bc177b88b139cb89333e539	-
	openssl-perl-1.1.1k-9.el8_7.aarch64.rpm	3211748fe171947aeccdb477d145b5ab	-

Oracle Linux 8 (x86_64)	openssl-1.1.1k-9.el8_7.src.rpm	31982bf58817e576a63e39d76f24aafc	-
	openssl-1.1.1k-9.el8_7.x86_64.rpm	c66e5fdc649f231d200ea0f4915bcdda	-
	openssl-devel-1.1.1k-9.el8_7.i686.rpm	434ecda074eb011669e84374319d1be0	-
	openssl-devel-1.1.1k-9.el8_7.x86_64.rpm	a921e8f39f37d7a1f3a21f7aa5de2158	-
	openssl-libs-1.1.1k-9.el8_7.i686.rpm	daffc943dad692bbb8f07cd8e36bb870	-
	openssl-libs-1.1.1k-9.el8_7.x86_64.rpm	1d171c1414b87feb1326d2ca749e0feb	-
	openssl-perl-1.1.1k-9.el8_7.x86_64.rpm	2c6c6ecee1d057a70d47270cd03c5fc1	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691