Описание
ELSA-2019-3700: openssl security, bug fix, and enhancement update (LOW)
[1.1.1c-2]
- do not try to use EC groups disallowed in FIPS mode in TLS
- fix Valgrind regression with constant-time code
[1.1.1c-1]
- update to the 1.1.1c release
[1.1.1b-6]
- adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode
[1.1.1b-5]
- Fix small regressions related to the rebase
[1.1.1b-3]
- FIPS compliance fixes
[1.1.1b-1]
- update to the 1.1.1b release
- EVP_KDF API backport from master
- SSH KDF implementation for EVP_KDF API backport from master
- add S390x chacha20-poly1305 assembler support from master branch
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
openssl
1.1.1c-2.el8
openssl-devel
1.1.1c-2.el8
openssl-libs
1.1.1c-2.el8
openssl-perl
1.1.1c-2.el8
Oracle Linux x86_64
openssl
1.1.1c-2.el8
openssl-devel
1.1.1c-2.el8
openssl-libs
1.1.1c-2.el8
openssl-perl
1.1.1c-2.el8
Связанные CVE
Связанные уязвимости
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).