Описание
ELSA-2023-0946: openssl security and bug fix update (MODERATE)
[3.0.1-47.0.1]
- Replace upstream references [Orabug: 34340177]
[1:3.0.1-47]
- Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203
- Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304
- Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450
- Fixed Use-after-free following BIO_new_NDEF Resolves: CVE-2023-0215
- Fixed Invalid pointer dereference in d2i_PKCS7 functions Resolves: CVE-2023-0216
- Fixed NULL dereference validating DSA public key Resolves: CVE-2023-0217
- Fixed X.400 address type confusion in X.509 GeneralName Resolves: CVE-2023-0286
- Fixed NULL dereference during PKCS7 data verification Resolves: CVE-2023-0401
[1:3.0.1-46]
- Refactor OpenSSL fips module MAC verification Resolves: rhbz#2158412
- Disallow SHAKE in RSA-OAEP decryption in FIPS mode Resolves: rhbz#2144010
[1:3.0.1-45]
- Add support of X25519 and X448 'group' parameter in EVP_PKEY_CTX objects Resolves: rhbz#2149010
- Fix explicit indicator for PSS salt length in FIPS mode when used with negative magic values Resolves: rhbz#2144012
- Update change to default PSS salt length with patch state from upstream Related: rhbz#2144012
[1:3.0.1-44]
- SHAKE-128/256 are not allowed with RSA in FIPS mode Resolves: rhbz#2144010
- Avoid memory leaks in TLS Resolves: rhbz#2144008
- FIPS RSA CRT tests must use correct parameters Resolves: rhbz#2144006
- FIPS-140-3 permits only SHA1, SHA256, and SHA512 for DRBG-HASH/DRBG-HMAC Resolves: rhbz#2144017
- Remove support for X9.31 signature padding in FIPS mode Resolves: rhbz#2144015
- Add explicit indicator for SP 800-108 KDFs with short key lengths Resolves: rhbz#2144019
- Add explicit indicator for HMAC with short key lengths Resolves: rhbz#2144000
- Set minimum password length for PBKDF2 in FIPS mode Resolves: rhbz#2144003
- Add explicit indicator for PSS salt length in FIPS mode Resolves: rhbz#2144012
- Clamp default PSS salt length to digest size for FIPS 186-4 compliance Related: rhbz#2144012
- Forbid short RSA keys for key encapsulation/decapsulation in FIPS mode Resolves: rhbz#2145170
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
openssl
3.0.1-47.0.1.el9_1
openssl-devel
3.0.1-47.0.1.el9_1
openssl-libs
3.0.1-47.0.1.el9_1
openssl-perl
3.0.1-47.0.1.el9_1
Oracle Linux x86_64
openssl
3.0.1-47.0.1.el9_1
openssl-devel
3.0.1-47.0.1.el9_1
openssl-libs
3.0.1-47.0.1.el9_1
openssl-perl
3.0.1-47.0.1.el9_1
Ссылки на источники
Связанные уязвимости
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.