ELSA-2018-4267

Опубликовано: 06 нояб. 2018

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2018-4267: openssl security update (IMPORTANT)

[1.0.2k-16.0.1]

sha256 is used for the RSA pairwise consistency test instead of sha1

[1.0.2k-16]

fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA
fix incorrect error message on FIPS DSA parameter generation (#1603597)

[1.0.2k-14]

ppc64le is not multilib architecture (#1585004)

[1.0.2k-13]

add S390x assembler updates
make CA name list comparison function case sensitive (#1548401)
fix CVE-2017-3735 - possible one byte overread with X.509 IPAdressFamily
fix CVE-2018-0732 - large prime DH DoS of TLS client
fix CVE-2018-0737 - RSA key generation cache timing vulnerability
fix CVE-2018-0739 - stack overflow parsing recursive ASN.1 structure

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

openssl

1.0.2k-16.0.1.ksplice1.el7

openssl-devel

1.0.2k-16.0.1.ksplice1.el7

openssl-libs

1.0.2k-16.0.1.ksplice1.el7

openssl-perl

1.0.2k-16.0.1.ksplice1.el7

openssl-static

1.0.2k-16.0.1.ksplice1.el7

Ссылки на источники

https://linux.oracle.com/errata/ELSA-2018-4267.html

Связанные уязвимости

openSUSE-SU-2025:0153-1

suse-cvrf

6 месяцев назад

Security update for git-lfs

openSUSE-SU-2025:0152-1

suse-cvrf

6 месяцев назад

Security update for kanidm

openSUSE-SU-2025:0148-1

suse-cvrf

6 месяцев назад

Security update for chromium

openSUSE-SU-2025:0147-1

suse-cvrf

6 месяцев назад

Security update for mozjs102

openSUSE-SU-2025:0145-1

suse-cvrf

6 месяцев назад

Security update for chromium