Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:1024

Опубликовано: 29 мар. 2021
Источник: rocky
Оценка: Important

Описание

Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

  • openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)

  • openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
opensslx86_6415.el8_3openssl-1.1.1g-15.el8_3.x86_64.rpm
openssl-develi68615.el8_3openssl-devel-1.1.1g-15.el8_3.i686.rpm
openssl-develx86_6415.el8_3openssl-devel-1.1.1g-15.el8_3.x86_64.rpm
openssl-libsi68615.el8_3openssl-libs-1.1.1g-15.el8_3.i686.rpm
openssl-libsx86_6415.el8_3openssl-libs-1.1.1g-15.el8_3.x86_64.rpm
openssl-perlx86_6415.el8_3openssl-perl-1.1.1g-15.el8_3.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-3449
CVE-2021-3450

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2021-9151

oracle-oval
больше 4 лет назад

ELSA-2021-9151: openssl security update (IMPORTANT)

oracle-oval логотип

ELSA-2021-1024

oracle-oval
больше 4 лет назад

ELSA-2021-1024: openssl security update (IMPORTANT)

suse-cvrf логотип

openSUSE-SU-2021:2353-1

suse-cvrf
больше 4 лет назад

Security update for nodejs10

suse-cvrf логотип

openSUSE-SU-2021:2327-1

suse-cvrf
больше 4 лет назад

Security update for nodejs12

suse-cvrf логотип

openSUSE-SU-2021:1061-1

suse-cvrf
больше 4 лет назад

Security update for nodejs10