[ELSA-2022-9023] openssl security update
Severity
Moderate
Affected Packages
5
CVEs
1
[1.0.2k-23.0.1]
- Change Epoch from 1 to 10
- Fix DH self-test to add shared secret comparison [Orabug: 32467026]
- Add DH support changes for SP 800-56A rev3 requirements [Orabug: 32467059]
- Add TLS KDF self-test [Orabug: 32467193]
- Add EC keys pairwise consistency test [Orabug: 32467059]
[1.0.2k-23]
- fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings
- Resolves: rhbz#1996054
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/openssl?distro=oraclelinux-7.9 | < 1.0.2k-23.0.1.el7_9_fips |
pkg:rpm/oraclelinux/openssl-static?distro=oraclelinux-7.9 | < 1.0.2k-23.0.1.el7_9_fips |
pkg:rpm/oraclelinux/openssl-perl?distro=oraclelinux-7.9 | < 1.0.2k-23.0.1.el7_9_fips |
pkg:rpm/oraclelinux/openssl-libs?distro=oraclelinux-7.9 | < 1.0.2k-23.0.1.el7_9_fips |
pkg:rpm/oraclelinux/openssl-devel?distro=oraclelinux-7.9 | < 1.0.2k-23.0.1.el7_9_fips |
- ID
- ELSA-2022-9023
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2022-9023.html
- Published
-
2022-01-14T00:00:00
(2 years ago) - Modified
-
2022-01-14T00:00:00
(2 years ago) - Rights
- Copyright 2022 Oracle, Inc.
- Other Advisories
-
- ALAS-2021-1541
- ALAS2-2021-1714
- ALAS2-2021-1721
- ALAS2-2024-2502
- ALPINE:CVE-2021-3712
- ALSA-2021:5226
- DSA-4963-1
- ELSA-2021-5226
- ELSA-2021-9632
- ELSA-2022-0064
- ELSA-2022-9017
- FREEBSD:7262F826-795E-11EC-8BE6-D4C9EF517024
- FREEBSD:96811D4A-04EC-11EC-9B84-D4C9EF517024
- GLSA-202209-02
- GLSA-202210-02
- MS:CVE-2021-3712
- openSUSE-SU-2021:1188-1
- openSUSE-SU-2021:1189-1
- openSUSE-SU-2021:1248-1
- openSUSE-SU-2021:1261-1
- openSUSE-SU-2021:2827-1
- openSUSE-SU-2021:2830-1
- openSUSE-SU-2021:2966-1
- openSUSE-SU-2021:2994-1
- RHSA-2021:5226
- RHSA-2022:0064
- RLSA-2021:5226
- RUSTSEC-2021-0098
- SECADV-20210824-2
- SUSE-SU-2021:2825-1
- SUSE-SU-2021:2826-1
- SUSE-SU-2021:2827-1
- SUSE-SU-2021:2829-1
- SUSE-SU-2021:2830-1
- SUSE-SU-2021:2831-1
- SUSE-SU-2021:2833-1
- SUSE-SU-2021:2852-1
- SUSE-SU-2021:2966-1
- SUSE-SU-2021:2966-2
- SUSE-SU-2021:2967-1
- SUSE-SU-2021:2968-1
- SUSE-SU-2021:2994-1
- SUSE-SU-2021:2995-1
- SUSE-SU-2021:2996-1
- SUSE-SU-2021:3019-1
- SUSE-SU-2021:3144-1
- USN-5051-1
- USN-5051-2
- USN-5051-3
- USN-5088-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2022-9023 | https://linux.oracle.com/errata/ELSA-2022-9023.html | |
CVE | CVE-2021-3712 | https://linux.oracle.com/cve/CVE-2021-3712.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/openssl?distro=oraclelinux-7.9 | oraclelinux | openssl | < 1.0.2k-23.0.1.el7_9_fips | oraclelinux-7.9 | ||
Affected | pkg:rpm/oraclelinux/openssl-static?distro=oraclelinux-7.9 | oraclelinux | openssl-static | < 1.0.2k-23.0.1.el7_9_fips | oraclelinux-7.9 | ||
Affected | pkg:rpm/oraclelinux/openssl-perl?distro=oraclelinux-7.9 | oraclelinux | openssl-perl | < 1.0.2k-23.0.1.el7_9_fips | oraclelinux-7.9 | ||
Affected | pkg:rpm/oraclelinux/openssl-libs?distro=oraclelinux-7.9 | oraclelinux | openssl-libs | < 1.0.2k-23.0.1.el7_9_fips | oraclelinux-7.9 | ||
Affected | pkg:rpm/oraclelinux/openssl-devel?distro=oraclelinux-7.9 | oraclelinux | openssl-devel | < 1.0.2k-23.0.1.el7_9_fips | oraclelinux-7.9 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |