ALSA-2024:2447

[ALSA-2024:2447] Low: openssl and openssl-fips-provider security update

Type:

security

Severity:

low

Release date:

2024-05-07

Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

* openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries (CVE-2023-2975)
* openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)
* OpenSSL: Excessive time spent checking DH q parameter value (CVE-2023-3817)
* openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow (CVE-2023-5678)
* openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)
* openssl: Excessive time spent checking invalid RSA public keys (CVE-2023-6237)
* openssl: denial of service via null dereference (CVE-2024-0727)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	openssl-perl-3.0.7-27.el9.aarch64.rpm	07393c120722cbcb88f731263acc09eea08ef9ed76a5adbcc09d9691697aa7ee
aarch64	openssl-devel-3.0.7-27.el9.aarch64.rpm	25c61f5163b7780645ed4bd6b200fb6c73ddab0c17178d7c9e45ffcf9d18af77
aarch64	openssl-libs-3.0.7-27.el9.aarch64.rpm	a81a6132e9d8c384219572c2105961d1816977c6295a1f89e1f8d6a040ba49bc
aarch64	openssl-3.0.7-27.el9.aarch64.rpm	bab0d5aa943fe3f9802bc0b7717b9dd8e73e976ad948e5e1dbb1f2a5595f5400
i686	openssl-libs-3.0.7-27.el9.i686.rpm	1a6991ac853f9b61d4ff97b9e0ec090dca42dc498881e97801d5ca1a3628b3f0
i686	openssl-devel-3.0.7-27.el9.i686.rpm	ee2d4c73a82a1983a36dab63037fdc6e6c7eb831bdd0f87736299427f99afc5b
ppc64le	openssl-devel-3.0.7-27.el9.ppc64le.rpm	b910cb9112fba73da1a6d959b7e1874ce8b883581d4aef64588afc1e0497f630
ppc64le	openssl-3.0.7-27.el9.ppc64le.rpm	dc067ccf525e1606e8848fb2c1102e91be927ac024ff307c3b0a5a4575995ccf
ppc64le	openssl-perl-3.0.7-27.el9.ppc64le.rpm	dd46715dbb14fc0074be7278bec324399431d63f80e54b607615348382b6f4f2
ppc64le	openssl-libs-3.0.7-27.el9.ppc64le.rpm	ee46763b0709119b6cb8738a2cdd28139ff5add7ab126afc844835a576e9bcb0
s390x	openssl-libs-3.0.7-27.el9.s390x.rpm	3d54ba0af88dc390d4fbb7c15011a75c575fdbea623997f6d4b20d4c4fd6cf75
s390x	openssl-devel-3.0.7-27.el9.s390x.rpm	a9b6f2800503a2d199717f9c57b36f5a8aa8da761961a8e043d3ef2a3aa9dc8b
s390x	openssl-perl-3.0.7-27.el9.s390x.rpm	d3ee05bd35fa9648b874d7dfc82867205412da2d8defd39619666e32094099da
s390x	openssl-3.0.7-27.el9.s390x.rpm	dadce6d3ebfe29ac1b89edb1dd4d7cde08665c28cbe775f33e9b29a011bd2b20
x86_64	openssl-perl-3.0.7-27.el9.x86_64.rpm	0b536c723bcdc5e2d7d6d45a73f00910a0c3f1ce8c9cd163ed0206574dcaee9f
x86_64	openssl-devel-3.0.7-27.el9.x86_64.rpm	127b2c05695e907f11be419da27960af6d61b1b3630107e8c4fe769a5eaa9c77
x86_64	openssl-libs-3.0.7-27.el9.x86_64.rpm	d541d3311e82d9743d848fa95ea854472966479190eddcc3a39b083d64e1bfca
x86_64	openssl-3.0.7-27.el9.x86_64.rpm	fe27c582e6e3f9a048c2c5f3c5b3e300b87b54948eb8138662b5ff0d4e3e238f

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.