Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Reject certificates with explicit EC parameters in strict mode (BZ#1891541)
* Add FIPS selftest for HKDF, SSKDF, SSHKDF, and TLS12PRF; add DH_compute_key KAT to DH selftest (BZ#1891542)
Updated packages:
-
openssl-1.1.1g-12.el8_3.x86_64.rpm
-
openssl-devel-1.1.1g-12.el8_3.i686.rpm
-
openssl-devel-1.1.1g-12.el8_3.x86_64.rpm
-
openssl-libs-1.1.1g-12.el8_3.i686.rpm
-
openssl-libs-1.1.1g-12.el8_3.x86_64.rpm
-
openssl-perl-1.1.1g-12.el8_3.x86_64.rpm