Stay Connected:

ELSA-2024-0310

ELSA-2024-0310 - openssl security update

Type:SECURITY
Impact:MODERATE
Release Date:2024-01-22

Description


[1:3.0.7-25.0.1]
- Replace upstream references [Orabug: 34340177]

[1:3.0.7-25]
- Provide relevant diagnostics when FIPS checksum is corrupted
Resolves: RHEL-5317
- Don't limit using SHA1 in KDFs in non-FIPS mode.
Resolves: RHEL-5295
- Provide empty evp_properties section in main OpenSSL configuration file
Resolves: RHEL-11439
- Avoid implicit function declaration when building openssl
Resolves: RHEL-1780
- Forbid explicit curves when created via EVP_PKEY_fromdata
Resolves: RHEL-5304
- AES-SIV cipher implementation contains a bug that causes it to ignore empty
associated data entries (CVE-2023-2975)
Resolves: RHEL-5302
- Excessive time spent checking DH keys and parameters (CVE-2023-3446)
Resolves: RHEL-5306
- Excessive time spent checking DH q parameter value (CVE-2023-3817)
Resolves: RHEL-5308
- Fix incorrect cipher key and IV length processing (CVE-2023-5363)
Resolves: RHEL-13251
- Switch explicit FIPS indicator for RSA-OAEP to approved following
clarification with CMVP
Resolves: RHEL-14083
- Backport the check required by SP800-56Br2 6.4.1.2.1 (3.c)
Resolves: RHEL-14083
- Add missing ECDH Public Key Check in FIPS mode
Resolves: RHEL-15990
- Excessive time spent in DH check/generation with large Q parameter value (CVE-2023-5678)
Resolves: RHEL-15954


Related CVEs


CVE-2023-5363

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) openssl-3.0.7-25.0.1.el9_3.src.rpmfa8c0a7848e6976892305b17b0a3ca5cfc559439730bb369ed39f177e9d43af3-ol9_aarch64_appstream
openssl-3.0.7-25.0.1.el9_3.src.rpmfa8c0a7848e6976892305b17b0a3ca5cfc559439730bb369ed39f177e9d43af3-ol9_aarch64_baseos_latest
openssl-3.0.7-25.0.1.el9_3.aarch64.rpm505b64f941adb993f14fe11644f49d24dcc09dc80c05094aa21c322ca824aef4-ol9_aarch64_baseos_latest
openssl-devel-3.0.7-25.0.1.el9_3.aarch64.rpmee0e6f5f1b9ddcb10af9c952f6f1090d3880b975293fa189fa0535c2a348abb7-ol9_aarch64_appstream
openssl-libs-3.0.7-25.0.1.el9_3.aarch64.rpmcb1ccdd221cf32c3ed23a8aa5d1acf9f1c3782d639cbc3c853cdeaa582811b60-ol9_aarch64_baseos_latest
openssl-perl-3.0.7-25.0.1.el9_3.aarch64.rpm32051649a862dd66cb483de23e035dd4105c9dae409557b9c8782c9288a42b25-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) openssl-3.0.7-25.0.1.el9_3.src.rpmfa8c0a7848e6976892305b17b0a3ca5cfc559439730bb369ed39f177e9d43af3-ol9_x86_64_appstream
openssl-3.0.7-25.0.1.el9_3.src.rpmfa8c0a7848e6976892305b17b0a3ca5cfc559439730bb369ed39f177e9d43af3-ol9_x86_64_baseos_latest
openssl-3.0.7-25.0.1.el9_3.x86_64.rpmecdf31b2ef4f42b4658dc9a28853cb9253b3b27ee7692a74f90af16b64dca3f1-ol9_x86_64_baseos_latest
openssl-devel-3.0.7-25.0.1.el9_3.i686.rpm9dfe60f1fb96c8f5b28c9144293361cd7a928a41591ec2bc10dad89dca289345-ol9_x86_64_appstream
openssl-devel-3.0.7-25.0.1.el9_3.x86_64.rpm42b961df94bfde5b05dc1daed5596b733386fb7aa097a6028925ef7f7299f30a-ol9_x86_64_appstream
openssl-libs-3.0.7-25.0.1.el9_3.i686.rpm4c2725a14937afe15fcb29a6d0f55fb259737e8ed168e5249964be004b9425bd-ol9_x86_64_baseos_latest
openssl-libs-3.0.7-25.0.1.el9_3.x86_64.rpm0a52c3210d516870b7386682ca83f0f076f03d17889e30dae3c6c75a4dcc6ede-ol9_x86_64_baseos_latest
openssl-perl-3.0.7-25.0.1.el9_3.x86_64.rpmc35a17cd12c0725992862d354d0127c14b872c8a13fd86114b252ecfb8f98d2e-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights