ALSA-2023:7877

[ALSA-2023:7877] Low: openssl security update

Type:

security

Severity:

low

Release date:

2023-12-20

Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

* openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)
* OpenSSL: Excessive time spent checking DH q parameter value (CVE-2023-3817)
* openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow (CVE-2023-5678)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	openssl-1.1.1k-12.el8_9.aarch64.rpm	67f541e4b37ffd155dc1b7a2e1122467315a671c342520da158529bf43d5665b
aarch64	openssl-perl-1.1.1k-12.el8_9.aarch64.rpm	b21c60f689738c42de58e3fff837a238b3eb095e40333dbfc2be168aafa8a6ac
aarch64	openssl-libs-1.1.1k-12.el8_9.aarch64.rpm	bb0009f1fb0f018398a005b7f00ea94ac0671b2782eff2fa08e94bbc21d85e67
aarch64	openssl-devel-1.1.1k-12.el8_9.aarch64.rpm	dee198c1ad63849839bf6abf106fcfa74cb2a7305906265685cf25edb254a8e1
i686	openssl-libs-1.1.1k-12.el8_9.i686.rpm	9d81254e5e3b13f4b97d567711723f99cd320e2f48a55e2b4417d9895d16d4e5
i686	openssl-devel-1.1.1k-12.el8_9.i686.rpm	dc1db1d29fad3009895a7b9b2e2b8516627c8b0bd1580589cd70cd7ab5d0c98b
ppc64le	openssl-devel-1.1.1k-12.el8_9.ppc64le.rpm	51e05738886e88527193b7fa91d6a5e900ae32cbc534f1dd4a8dafeb7de05628
ppc64le	openssl-perl-1.1.1k-12.el8_9.ppc64le.rpm	57e7af5860e39d650e1fd214261332e956e321d8f782982128c99e6e1e2053f7
ppc64le	openssl-libs-1.1.1k-12.el8_9.ppc64le.rpm	742f1d6a36a76ea4fcddb3491b18002db26f616a97080e7c6ae779864b0f3a51
ppc64le	openssl-1.1.1k-12.el8_9.ppc64le.rpm	af5b3a558ccaca71322b96867ee2018f3354c7974cca9a4cf7d717fab5938e8b
s390x	openssl-devel-1.1.1k-12.el8_9.s390x.rpm	00a2665756f7a2e0c7ef8d84282b0e5a4eeaf0ef61ac5a92bade9404b233b24e
s390x	openssl-libs-1.1.1k-12.el8_9.s390x.rpm	2f26818acc22a8bec9473425ffa6db17993dfcf512eed3ce6798e452dbdd43e8
s390x	openssl-perl-1.1.1k-12.el8_9.s390x.rpm	9de161dca8857183de2d163a21c5470ffa3d4d3cdcc9924e8ebc8c71ff7c865f
s390x	openssl-1.1.1k-12.el8_9.s390x.rpm	a5df1e90c3579169db49ec684aa58dd2b6163c0d4eadc08635954dc50d076629
x86_64	openssl-1.1.1k-12.el8_9.x86_64.rpm	200fb9a58e99c9b959018c440e65fc40b49c6d06cab99a40c8a349e38bb330b6
x86_64	openssl-libs-1.1.1k-12.el8_9.x86_64.rpm	2204418af379a749ed66d62cc55b7f3537eced0922a4716fbf8999b3e1409975
x86_64	openssl-perl-1.1.1k-12.el8_9.x86_64.rpm	254cf7d411ce7d2ba2b2c987faefc4b72a931b9f464512755c08d241295b64a1
x86_64	openssl-devel-1.1.1k-12.el8_9.x86_64.rpm	563667676e100bb9bff389a36b8d97ac1b770c9d6cedb4904dbabf0c384391fb

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.