ELSA-2024-2447

ULN >
Oracle Linux Errata repository >
ELSA-2024-2447

ELSA-2024-2447 - openssl and openssl-fips-provider security update

Type:	SECURITY
Impact:	LOW
Release Date:	2024-05-03

Description

openssl
[1:3.0.7-27.0.3]
- Enable openssl-fips-provider dependency [Orabug: 36504822]

[1:3.0.7-27.0.2]
- Temporary disable openssl-fips-provider dependency [Orabug: 36504822]

[1:3.0.7-27.0.1]
- Replace upstream references [Orabug: 34340177]

[1:3.0.7-27]
- Use certified FIPS module instead of freshly built one in Red Hat distribution
Related: RHEL-23474

[1:3.0.7-26]
- Avoid implicit function declaration when building openssl
Related: RHEL-1780
- In FIPS mode, prevent any other operations when rsa_keygen_pairwise_test fails
Resolves: RHEL-17104
- Add a directory for OpenSSL providers configuration
Resolves: RHEL-17193
- Eliminate memory leak in OpenSSL when setting elliptic curves on SSL context
Resolves: RHEL-19515
- POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)
Resolves: RHEL-21151
- Excessive time spent checking invalid RSA public keys (CVE-2023-6237)
Resolves: RHEL-21654
- SSL ECDHE Kex fails when pkcs11 engine is set in config file
Resolves: RHEL-20249
- Denial of service via null dereference in PKCS#12
Resolves: RHEL-22486
- Use certified FIPS module instead of freshly built one in Red Hat distribution
Resolves: RHEL-23474

openssl-fips-provider
[3.0.7-2.0.1]
- Add bundle with Oracle Linux 9 OpenSSL FIPS Provider module files [Orabug: 36504822]
- Replace upstream references [Orabug: 34340177]

[3.0.7-2]
- Denote conflict with old versions of openssl-libs package
Related: RHEL-23474

[3.0.7-1]
Initial packaging

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	openssl-3.0.7-27.0.3.el9.src.rpm	275e3abe7ebc84fc7b1c7bd549b79b06ed157b39b7ba1198c2fe93ce0b37e365	-	ol9_aarch64_appstream
	openssl-3.0.7-27.0.3.el9.src.rpm	275e3abe7ebc84fc7b1c7bd549b79b06ed157b39b7ba1198c2fe93ce0b37e365	-	ol9_aarch64_baseos_latest
	openssl-3.0.7-27.0.3.el9.src.rpm	275e3abe7ebc84fc7b1c7bd549b79b06ed157b39b7ba1198c2fe93ce0b37e365	-	ol9_aarch64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	08505a3363ffdb98aa6fe7ab34ad2e10f2852aaa5176345c1773f476f2349252	-	ol9_aarch64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	08505a3363ffdb98aa6fe7ab34ad2e10f2852aaa5176345c1773f476f2349252	-	ol9_aarch64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	08505a3363ffdb98aa6fe7ab34ad2e10f2852aaa5176345c1773f476f2349252	-	ol9_aarch64_userspace_ksplice
	openssl-3.0.7-27.0.3.el9.aarch64.rpm	b91ab67de38cd94d3dc5eb7dbedcdb9675cd81370dce33925fd5ee8beb0e8343	-	ol9_aarch64_baseos_latest
	openssl-3.0.7-27.0.3.el9.aarch64.rpm	b91ab67de38cd94d3dc5eb7dbedcdb9675cd81370dce33925fd5ee8beb0e8343	-	ol9_aarch64_u4_baseos_base
	openssl-devel-3.0.7-27.0.3.el9.aarch64.rpm	523c326389b2864796004d1dfab08832948262c6f4264f666a9a5383733d07af	-	ol9_aarch64_appstream
	openssl-fips-provider-3.0.7-2.0.1.el9.aarch64.rpm	b9d2297072adb56f860e74a16e0e3e667a4001c379a7453ffaa10019f1564030	-	ol9_aarch64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.aarch64.rpm	b9d2297072adb56f860e74a16e0e3e667a4001c379a7453ffaa10019f1564030	-	ol9_aarch64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.aarch64.rpm	b9d2297072adb56f860e74a16e0e3e667a4001c379a7453ffaa10019f1564030	-	ol9_aarch64_userspace_ksplice
	openssl-libs-3.0.7-27.0.3.el9.aarch64.rpm	68d065b7baaad512c3b8cf73c2ee2a86fd248543dcb13e5582a2a3af344a6e4a	-	ol9_aarch64_baseos_latest
	openssl-libs-3.0.7-27.0.3.el9.aarch64.rpm	68d065b7baaad512c3b8cf73c2ee2a86fd248543dcb13e5582a2a3af344a6e4a	-	ol9_aarch64_u4_baseos_base
	openssl-perl-3.0.7-27.0.3.el9.aarch64.rpm	13f4e09411adbff6d2c31a8327e11fbbbda7012f71f4cba016b4777272c4ef22	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	openssl-3.0.7-27.0.3.el9.src.rpm	275e3abe7ebc84fc7b1c7bd549b79b06ed157b39b7ba1198c2fe93ce0b37e365	-	ol9_x86_64_appstream
	openssl-3.0.7-27.0.3.el9.src.rpm	275e3abe7ebc84fc7b1c7bd549b79b06ed157b39b7ba1198c2fe93ce0b37e365	-	ol9_x86_64_baseos_latest
	openssl-3.0.7-27.0.3.el9.src.rpm	275e3abe7ebc84fc7b1c7bd549b79b06ed157b39b7ba1198c2fe93ce0b37e365	-	ol9_x86_64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	08505a3363ffdb98aa6fe7ab34ad2e10f2852aaa5176345c1773f476f2349252	-	ol9_x86_64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	08505a3363ffdb98aa6fe7ab34ad2e10f2852aaa5176345c1773f476f2349252	-	ol9_x86_64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.src.rpm	08505a3363ffdb98aa6fe7ab34ad2e10f2852aaa5176345c1773f476f2349252	-	ol9_x86_64_userspace_ksplice
	openssl-3.0.7-27.0.3.el9.x86_64.rpm	5187a7d89058a7aeafe7e1f6fae1a798e545865eae758a01d77fca68319027d0	-	ol9_x86_64_baseos_latest
	openssl-3.0.7-27.0.3.el9.x86_64.rpm	5187a7d89058a7aeafe7e1f6fae1a798e545865eae758a01d77fca68319027d0	-	ol9_x86_64_u4_baseos_base
	openssl-devel-3.0.7-27.0.3.el9.i686.rpm	3eac34b256571b106235f205419e07704839691abd3f696daa696f1ef5e2f86d	-	ol9_x86_64_appstream
	openssl-devel-3.0.7-27.0.3.el9.x86_64.rpm	93a98ab8970fd16ae7a1ae0f236dca8e4421d57d83c1f302ea4e0b3041ef5ba3	-	ol9_x86_64_appstream
	openssl-fips-provider-3.0.7-2.0.1.el9.i686.rpm	77afaf06b7a90f31433496337ceec79165531a68b049c4a59aafc086bdbff521	-	ol9_x86_64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.i686.rpm	77afaf06b7a90f31433496337ceec79165531a68b049c4a59aafc086bdbff521	-	ol9_x86_64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.i686.rpm	77afaf06b7a90f31433496337ceec79165531a68b049c4a59aafc086bdbff521	-	ol9_x86_64_userspace_ksplice
	openssl-fips-provider-3.0.7-2.0.1.el9.x86_64.rpm	a5d03264169f2c3820380217e8de3eafdce22a1a173263eb49b843f79d3afa28	-	ol9_x86_64_baseos_latest
	openssl-fips-provider-3.0.7-2.0.1.el9.x86_64.rpm	a5d03264169f2c3820380217e8de3eafdce22a1a173263eb49b843f79d3afa28	-	ol9_x86_64_u4_baseos_base
	openssl-fips-provider-3.0.7-2.0.1.el9.x86_64.rpm	a5d03264169f2c3820380217e8de3eafdce22a1a173263eb49b843f79d3afa28	-	ol9_x86_64_userspace_ksplice
	openssl-libs-3.0.7-27.0.3.el9.i686.rpm	b1a65dd29dafc993ba93ed0801556e068bd2b45b330ec9c4b30c007305ed1f27	-	ol9_x86_64_baseos_latest
	openssl-libs-3.0.7-27.0.3.el9.i686.rpm	b1a65dd29dafc993ba93ed0801556e068bd2b45b330ec9c4b30c007305ed1f27	-	ol9_x86_64_u4_baseos_base
	openssl-libs-3.0.7-27.0.3.el9.x86_64.rpm	5f5027b70848f670853195065b1531efe42a3b95c83be2f4ce48d9da59ad8cd1	-	ol9_x86_64_baseos_latest
	openssl-libs-3.0.7-27.0.3.el9.x86_64.rpm	5f5027b70848f670853195065b1531efe42a3b95c83be2f4ce48d9da59ad8cd1	-	ol9_x86_64_u4_baseos_base
	openssl-perl-3.0.7-27.0.3.el9.x86_64.rpm	1754d7a14e754efe9a18410c799edcbdf6ef5dbabf35c700d7fdb0fb1efb6473	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691