ELSA-2024-2447

ULN >
Oracle Linux Errata repository >
ELSA-2024-2447

ELSA-2024-2447 - openssl and openssl-fips-provider security update

Type:	SECURITY
Severity:	LOW
Release Date:	2024-05-03

Description

openssl
[1:3.0.7-27.0.3]
- Enable openssl-fips-provider dependency [Orabug: 36504822]

[1:3.0.7-27.0.2]
- Temporary disable openssl-fips-provider dependency [Orabug: 36504822]

[1:3.0.7-27.0.1]
- Replace upstream references [Orabug: 34340177]

[1:3.0.7-27]
- Use certified FIPS module instead of freshly built one in Red Hat distribution
Related: RHEL-23474

[1:3.0.7-26]
- Avoid implicit function declaration when building openssl
Related: RHEL-1780
- In FIPS mode, prevent any other operations when rsa_keygen_pairwise_test fails
Resolves: RHEL-17104
- Add a directory for OpenSSL providers configuration
Resolves: RHEL-17193
- Eliminate memory leak in OpenSSL when setting elliptic curves on SSL context
Resolves: RHEL-19515
- POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)
Resolves: RHEL-21151
- Excessive time spent checking invalid RSA public keys (CVE-2023-6237)
Resolves: RHEL-21654
- SSL ECDHE Kex fails when pkcs11 engine is set in config file
Resolves: RHEL-20249
- Denial of service via null dereference in PKCS#12
Resolves: RHEL-22486
- Use certified FIPS module instead of freshly built one in Red Hat distribution
Resolves: RHEL-23474

openssl-fips-provider
[3.0.7-2.0.1]
- Add bundle with Oracle Linux 9 OpenSSL FIPS Provider module files [Orabug: 36504822]
- Replace upstream references [Orabug: 34340177]

[3.0.7-2]
- Denote conflict with old versions of openssl-libs package
Related: RHEL-23474

[3.0.7-1]
Initial packaging

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	openssl-3.0.7-27.0.3.el9.src.rpm	a39dbf5fbbc6c10691ed49c5579ffb7d	-	ol9_aarch64_appstream
	openssl-3.0.7-27.0.3.el9.src.rpm	a39dbf5fbbc6c10691ed49c5579ffb7d	-	ol9_aarch64_baseos_latest
	openssl-3.0.7-27.0.3.el9.src.rpm	a39dbf5fbbc6c10691ed49c5579ffb7d	-	ol9_aarch64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	4612c9b8274c6725fca19660ec1fd4d8	-	ol9_aarch64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	4612c9b8274c6725fca19660ec1fd4d8	-	ol9_aarch64_u4_baseos_base
	openssl-3.0.7-27.0.3.el9.aarch64.rpm	5d7d4088bb7fc3838a475a61470c7bbf	-	ol9_aarch64_baseos_latest
	openssl-3.0.7-27.0.3.el9.aarch64.rpm	5d7d4088bb7fc3838a475a61470c7bbf	-	ol9_aarch64_u4_baseos_base
	openssl-devel-3.0.7-27.0.3.el9.aarch64.rpm	d71c80d737eabdd4d78bce7e8a8ec0b5	-	ol9_aarch64_appstream
	openssl-fips-provider-3.0.7-2.0.1.el9.aarch64.rpm	c871ef2a5f5989d031d2f8afbdd8ee7c	-	ol9_aarch64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.aarch64.rpm	c871ef2a5f5989d031d2f8afbdd8ee7c	-	ol9_aarch64_u4_baseos_base
	openssl-libs-3.0.7-27.0.3.el9.aarch64.rpm	4eb909dc9723dc0b542f3f6f38eb28b0	-	ol9_aarch64_baseos_latest
	openssl-libs-3.0.7-27.0.3.el9.aarch64.rpm	4eb909dc9723dc0b542f3f6f38eb28b0	-	ol9_aarch64_u4_baseos_base
	openssl-perl-3.0.7-27.0.3.el9.aarch64.rpm	7dcfad88a72ef8e8e6c9388ef6dfc6d1	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	openssl-3.0.7-27.0.3.el9.src.rpm	a39dbf5fbbc6c10691ed49c5579ffb7d	-	ol9_x86_64_appstream
	openssl-3.0.7-27.0.3.el9.src.rpm	a39dbf5fbbc6c10691ed49c5579ffb7d	-	ol9_x86_64_baseos_latest
	openssl-3.0.7-27.0.3.el9.src.rpm	a39dbf5fbbc6c10691ed49c5579ffb7d	-	ol9_x86_64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	4612c9b8274c6725fca19660ec1fd4d8	-	ol9_x86_64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	4612c9b8274c6725fca19660ec1fd4d8	-	ol9_x86_64_u4_baseos_base
	openssl-3.0.7-27.0.3.el9.x86_64.rpm	06f1bfb9daea8994d4f7969736e7cd68	-	ol9_x86_64_baseos_latest
	openssl-3.0.7-27.0.3.el9.x86_64.rpm	06f1bfb9daea8994d4f7969736e7cd68	-	ol9_x86_64_u4_baseos_base
	openssl-devel-3.0.7-27.0.3.el9.i686.rpm	46c8b6bbd0cc4fdaeebdb2aa7ff1013a	-	ol9_x86_64_appstream
	openssl-devel-3.0.7-27.0.3.el9.x86_64.rpm	4396506e78b3744b82713f7960e1d9ac	-	ol9_x86_64_appstream
	openssl-fips-provider-3.0.7-2.0.1.el9.i686.rpm	5798d2dbe8486cbbc5a3da01a2b399cf	-	ol9_x86_64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.i686.rpm	5798d2dbe8486cbbc5a3da01a2b399cf	-	ol9_x86_64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.x86_64.rpm	15786da98965d8c78460998b666ac081	-	ol9_x86_64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.x86_64.rpm	15786da98965d8c78460998b666ac081	-	ol9_x86_64_u4_baseos_base
	openssl-libs-3.0.7-27.0.3.el9.i686.rpm	71524429d76fa18a8dc16edc27f10d7b	-	ol9_x86_64_baseos_latest
	openssl-libs-3.0.7-27.0.3.el9.i686.rpm	71524429d76fa18a8dc16edc27f10d7b	-	ol9_x86_64_u4_baseos_base
	openssl-libs-3.0.7-27.0.3.el9.x86_64.rpm	330327106d8cc86ac05836506d896a8d	-	ol9_x86_64_baseos_latest
	openssl-libs-3.0.7-27.0.3.el9.x86_64.rpm	330327106d8cc86ac05836506d896a8d	-	ol9_x86_64_u4_baseos_base
	openssl-perl-3.0.7-27.0.3.el9.x86_64.rpm	04391954cbcd75b2403ac33eda650da0	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691