Stay Connected:

ELSA-2023-7877

ELSA-2023-7877 - openssl security update

Type:SECURITY
Severity:LOW
Release Date:2023-12-18

Description


[1:1.1.1k-12]
- Backport implicit rejection mechanism for RSA PKCS#1 v1.5 to RHEL-8 series
(a proper fix for CVE-2020-25659)
Resolves: RHEL-17696

[1:1.1.1k-11]
- Fix CVE-2023-5678: Generating excessively long X9.42 DH keys or checking
excessively long X9.42 DH keys or parameters may be very slow
Resolves: RHEL-16538

[1:1.1.1k-10]
- Fix CVE-2023-3446: Excessive time spent checking DH keys and parameters
Resolves: RHEL-14245
- Fix CVE-2023-3817: Excessive time spent checking DH q parameter value
Resolves: RHEL-14239


Related CVEs


CVE-2023-3446
CVE-2023-3817
CVE-2023-5678

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) openssl-1.1.1k-12.el8_9.src.rpmf6af415f132b5c5829008c3d442b85a9-ol8_aarch64_baseos_latest
openssl-1.1.1k-12.el8_9.src.rpmf6af415f132b5c5829008c3d442b85a9-ol8_aarch64_u9_baseos_patch
openssl-1.1.1k-12.el8_9.aarch64.rpm27bc41444d99e7dc20f0b36279c60817-ol8_aarch64_baseos_latest
openssl-1.1.1k-12.el8_9.aarch64.rpm27bc41444d99e7dc20f0b36279c60817-ol8_aarch64_u9_baseos_patch
openssl-devel-1.1.1k-12.el8_9.aarch64.rpmc8bf7394c92b9c506d3ba38fe375ae4c-ol8_aarch64_baseos_latest
openssl-devel-1.1.1k-12.el8_9.aarch64.rpmc8bf7394c92b9c506d3ba38fe375ae4c-ol8_aarch64_u9_baseos_patch
openssl-libs-1.1.1k-12.el8_9.aarch64.rpm1d328ee79a52d1a94879deba2cad087b-ol8_aarch64_baseos_latest
openssl-libs-1.1.1k-12.el8_9.aarch64.rpm1d328ee79a52d1a94879deba2cad087b-ol8_aarch64_u9_baseos_patch
openssl-perl-1.1.1k-12.el8_9.aarch64.rpm85dbf3e5c1cc0af9afddbfb61f752741-ol8_aarch64_baseos_latest
openssl-perl-1.1.1k-12.el8_9.aarch64.rpm85dbf3e5c1cc0af9afddbfb61f752741-ol8_aarch64_u9_baseos_patch
Oracle Linux 8 (x86_64) openssl-1.1.1k-12.el8_9.src.rpmf6af415f132b5c5829008c3d442b85a9-ol8_x86_64_baseos_latest
openssl-1.1.1k-12.el8_9.src.rpmf6af415f132b5c5829008c3d442b85a9-ol8_x86_64_u9_baseos_patch
openssl-1.1.1k-12.el8_9.x86_64.rpmb45c1e216180a28631c725103602f838-ol8_x86_64_baseos_latest
openssl-1.1.1k-12.el8_9.x86_64.rpmb45c1e216180a28631c725103602f838-ol8_x86_64_u9_baseos_patch
openssl-devel-1.1.1k-12.el8_9.i686.rpmc8a1a814979ced7aaf640e78de5c34e6-ol8_x86_64_baseos_latest
openssl-devel-1.1.1k-12.el8_9.i686.rpmc8a1a814979ced7aaf640e78de5c34e6-ol8_x86_64_u9_baseos_patch
openssl-devel-1.1.1k-12.el8_9.x86_64.rpm011e4fa084b1878fb0cd6fc701743079-ol8_x86_64_baseos_latest
openssl-devel-1.1.1k-12.el8_9.x86_64.rpm011e4fa084b1878fb0cd6fc701743079-ol8_x86_64_u9_baseos_patch
openssl-libs-1.1.1k-12.el8_9.i686.rpmbeac040f2cd1b64e0dca28c3b73b2f19-ol8_x86_64_baseos_latest
openssl-libs-1.1.1k-12.el8_9.i686.rpmbeac040f2cd1b64e0dca28c3b73b2f19-ol8_x86_64_u9_baseos_patch
openssl-libs-1.1.1k-12.el8_9.x86_64.rpmbdab04c4217e1d653ccdefcef4435c86-ol8_x86_64_baseos_latest
openssl-libs-1.1.1k-12.el8_9.x86_64.rpmbdab04c4217e1d653ccdefcef4435c86-ol8_x86_64_u9_baseos_patch
openssl-perl-1.1.1k-12.el8_9.x86_64.rpm4614a1a7d6236c09081b20efa264dc73-ol8_x86_64_baseos_latest
openssl-perl-1.1.1k-12.el8_9.x86_64.rpm4614a1a7d6236c09081b20efa264dc73-ol8_x86_64_u9_baseos_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights