Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Oracle Linux 8 ELSA-2023-7877 low: OpenSSL security fix for multiple CVEs

oracle
Calendar Grey December 20, 2023
Oracle Linux Logo Esm H88
Oracle Linux 8 has issued OpenSSL patches addressing several CVEs, reinforcing its defense against underlying security vulnerabilities. Discover further details here.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[1:1.1.1k-12] - Backport implicit rejection mechanism for RSA PKCS#1 v1.5 to RHEL-8 series (a proper fix for CVE-2020-25659) Resolves: RHEL-17696 [1:1.1.1k-11] - Fix CVE-2023-5678: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow Resolves: RHEL-16538 [1:1.1.1k-10] - Fix CVE-2023-3446: Excessive time spent checking DH keys and parameters Resolves: RHEL-14245 - Fix CVE-2023-3817: Excessive time spent checking DH q parameter value Resolves: RHEL-14239

Topics%20covered

Topics Covered

security advisory update security fix OpenSSL low severity Oracle Linux

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates//openssl-1.1.1k-12.el8_9.src.rpm

x86_64

openssl-1.1.1k-12.el8_9.x86_64.rpm openssl-devel-1.1.1k-12.el8_9.i686.rpm openssl-devel-1.1.1k-12.el8_9.x86_64.rpm openssl-libs-1.1.1k-12.el8_9.i686.rpm openssl-libs-1.1.1k-12.el8_9.x86_64.rpm openssl-perl-1.1.1k-12.el8_9.x86_64.rpm

aarch64

openssl-1.1.1k-12.el8_9.aarch64.rpm openssl-devel-1.1.1k-12.el8_9.aarch64.rpm openssl-libs-1.1.1k-12.el8_9.aarch64.rpm openssl-perl-1.1.1k-12.el8_9.aarch64.rpm

Severity
low
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2023-3446 CVE-2023-3817 CVE-2023-5678

Topics%20covered

Topics Covered

security advisory update security fix OpenSSL low severity Oracle Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here