Oracle8: ELSA-2023-1405: openssl security Important Security Update...

What Are You Looking For?

Popular Tags

Sign Up
Oracle Linux Security Advisory ELSA-2023-1405

https://linux.oracle.com/errata/ELSA-2023-1405.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
openssl-1.1.1k-9.el8_7.x86_64.rpm
openssl-devel-1.1.1k-9.el8_7.i686.rpm
openssl-devel-1.1.1k-9.el8_7.x86_64.rpm
openssl-libs-1.1.1k-9.el8_7.i686.rpm
openssl-libs-1.1.1k-9.el8_7.x86_64.rpm
openssl-perl-1.1.1k-9.el8_7.x86_64.rpm

aarch64:
openssl-1.1.1k-9.el8_7.aarch64.rpm
openssl-devel-1.1.1k-9.el8_7.aarch64.rpm
openssl-libs-1.1.1k-9.el8_7.aarch64.rpm
openssl-perl-1.1.1k-9.el8_7.aarch64.rpm


SRPMS:
https://oss.oracle.com/ol8/SRPMS-updates//openssl-1.1.1k-9.el8_7.src.rpm

Related CVEs:

CVE-2022-4304
CVE-2022-4450
CVE-2023-0215
CVE-2023-0286




Description of changes:

[1:1.1.1k-9]
- Fixed Timing Oracle in RSA Decryption
  Resolves: CVE-2022-4304
- Fixed Double free after calling PEM_read_bio_ex
  Resolves: CVE-2022-4450
- Fixed Use-after-free following BIO_new_NDEF
  Resolves: CVE-2023-0215
- Fixed X.400 address type confusion in X.509 GeneralName
  Resolves: CVE-2023-0286

[1:1.1.1k-8]
- Fix no-ec build
  Resolves: rhbz#2071020


_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2023-1405: openssl security Important Security Update

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[1:1.1.1k-9] - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed Use-after-free following BIO_new_NDEF Resolves: CVE-2023-0215 - Fixed X.400 address type confusion in X.509 GeneralName Resolves: CVE-2023-0286 [1:1.1.1k-8] - Fix no-ec build Resolves: rhbz#2071020

SRPMs

https://oss.oracle.com/ol8/SRPMS-updates//openssl-1.1.1k-9.el8_7.src.rpm

x86_64

openssl-1.1.1k-9.el8_7.x86_64.rpm openssl-devel-1.1.1k-9.el8_7.i686.rpm openssl-devel-1.1.1k-9.el8_7.x86_64.rpm openssl-libs-1.1.1k-9.el8_7.i686.rpm openssl-libs-1.1.1k-9.el8_7.x86_64.rpm openssl-perl-1.1.1k-9.el8_7.x86_64.rpm

aarch64

openssl-1.1.1k-9.el8_7.aarch64.rpm openssl-devel-1.1.1k-9.el8_7.aarch64.rpm openssl-libs-1.1.1k-9.el8_7.aarch64.rpm openssl-perl-1.1.1k-9.el8_7.aarch64.rpm

i386

Severity
Related CVEs: CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0286

Related News

Kali Linux 2023.2 Released with 13 New Tools, Pre-Built HyperV Image

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

New Ransomware Group Uses Repurposed LockBit, Babuk Variants

Linux Kernel DoS, Info Disclosure Bugs Fixed

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy