Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2014:0624 - Security Advisory
Issued:
2014-06-05
Updated:
2014-06-05

RHSA-2014:0624 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: openssl security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated openssl packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
Important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Description

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.

It was found that OpenSSL clients and servers could be forced, via a
specially crafted handshake packet, to use weak keying material for
communication. A man-in-the-middle attacker could use this flaw to decrypt
and modify traffic between a client and a server. (CVE-2014-0224)

Note: In order to exploit this flaw, both the server and the client must be
using a vulnerable version of OpenSSL; the server must be using OpenSSL
version 1.0.1 and above, and the client must be using any version of
OpenSSL. For more information about this flaw, refer to:
https://access.redhat.com/site/articles/904433

Red Hat would like to thank the OpenSSL project for reporting this issue.
Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter
of this issue.

All OpenSSL users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. For the update to take
effect, all services linked to the OpenSSL library (such as httpd and other
SSL-enabled services) must be restarted or the system rebooted.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability

CVEs

  • CVE-2014-0224

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/site/articles/904433
  • https://access.redhat.com/site/solutions/905793
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
openssl-0.9.8e-27.el5_10.3.src.rpm SHA-256: 91a8b5889c3c534053fbad42bbda404b15258432639053e9192ca41eef12fead
x86_64
openssl-0.9.8e-27.el5_10.3.i686.rpm SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: 8e682abc76be09e396a2cb8419968dd0e2041179e8536cf39f3c4e010df2464a
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: e0b53c1abc5bedfaca569291aa92017d9bdfe85fcbd3c0fa9b332e7fcd63ab6b
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
openssl-devel-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: 6f59ac1d818133b4a7d6da5c4a0a1e7bb0b6eec9048035668005427fa184c2f8
openssl-perl-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: ff5baf013c47a8d26fae9855aa48507b284aa583fdcf640d4975531775424c42
ia64
openssl-0.9.8e-27.el5_10.3.i686.rpm SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-0.9.8e-27.el5_10.3.ia64.rpm SHA-256: 57fbd1e9719798cfe2ed99b32342193393e675a975a2990e769ea3cd257ae866
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-debuginfo-0.9.8e-27.el5_10.3.ia64.rpm SHA-256: 642cf6fa44dcbbba7b3d9d7c082083e21439bb207b49b8eea9a5ec4eeb19d820
openssl-devel-0.9.8e-27.el5_10.3.ia64.rpm SHA-256: 20c968687cf356b7ed2db0c367acf7d68aa6505c717ee89ceb5574fe82a8956c
openssl-perl-0.9.8e-27.el5_10.3.ia64.rpm SHA-256: e864e873cd014fbb92e99a684a3fe57685c688bef56cfe91adec1edeb110d1cd
i386
openssl-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 8cb59d50a7dbfa0653c9b7b7f84225432ba851840188d78a7a221878ecb35adb
openssl-0.9.8e-27.el5_10.3.i686.rpm SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
openssl-perl-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 9c4ff27857bbbfae01ccd46c9fb8048a3b1b8557ff6e1a3f7ac529b51f3f591a

Red Hat Enterprise Linux Workstation 5

SRPM
openssl-0.9.8e-27.el5_10.3.src.rpm SHA-256: 91a8b5889c3c534053fbad42bbda404b15258432639053e9192ca41eef12fead
x86_64
openssl-0.9.8e-27.el5_10.3.i686.rpm SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: 8e682abc76be09e396a2cb8419968dd0e2041179e8536cf39f3c4e010df2464a
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: e0b53c1abc5bedfaca569291aa92017d9bdfe85fcbd3c0fa9b332e7fcd63ab6b
openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: e0b53c1abc5bedfaca569291aa92017d9bdfe85fcbd3c0fa9b332e7fcd63ab6b
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
openssl-devel-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: 6f59ac1d818133b4a7d6da5c4a0a1e7bb0b6eec9048035668005427fa184c2f8
openssl-perl-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: ff5baf013c47a8d26fae9855aa48507b284aa583fdcf640d4975531775424c42
i386
openssl-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 8cb59d50a7dbfa0653c9b7b7f84225432ba851840188d78a7a221878ecb35adb
openssl-0.9.8e-27.el5_10.3.i686.rpm SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
openssl-perl-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 9c4ff27857bbbfae01ccd46c9fb8048a3b1b8557ff6e1a3f7ac529b51f3f591a

Red Hat Enterprise Linux Desktop 5

SRPM
openssl-0.9.8e-27.el5_10.3.src.rpm SHA-256: 91a8b5889c3c534053fbad42bbda404b15258432639053e9192ca41eef12fead
x86_64
openssl-0.9.8e-27.el5_10.3.i686.rpm SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: 8e682abc76be09e396a2cb8419968dd0e2041179e8536cf39f3c4e010df2464a
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: e0b53c1abc5bedfaca569291aa92017d9bdfe85fcbd3c0fa9b332e7fcd63ab6b
openssl-perl-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: ff5baf013c47a8d26fae9855aa48507b284aa583fdcf640d4975531775424c42
i386
openssl-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 8cb59d50a7dbfa0653c9b7b7f84225432ba851840188d78a7a221878ecb35adb
openssl-0.9.8e-27.el5_10.3.i686.rpm SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-perl-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 9c4ff27857bbbfae01ccd46c9fb8048a3b1b8557ff6e1a3f7ac529b51f3f591a

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
openssl-0.9.8e-27.el5_10.3.src.rpm SHA-256: 91a8b5889c3c534053fbad42bbda404b15258432639053e9192ca41eef12fead
s390x
openssl-0.9.8e-27.el5_10.3.s390.rpm SHA-256: 772ab8eb8bb0dafb96f391a8fed72dff2462c44becc4009b3b9593c6c662e4c3
openssl-0.9.8e-27.el5_10.3.s390x.rpm SHA-256: 641df4f028c1facb02592bc26ebcad91c8d41007e7b6df738d1c9cd452f8d2b9
openssl-debuginfo-0.9.8e-27.el5_10.3.s390.rpm SHA-256: ba651bb892251f790c1f6667f1c61d668b25c932e0f2c07ccb43a2255ffe01d0
openssl-debuginfo-0.9.8e-27.el5_10.3.s390x.rpm SHA-256: 64178f93589e28d35862f931e95841416c837b10fd0c3780e4b9947977c62468
openssl-devel-0.9.8e-27.el5_10.3.s390.rpm SHA-256: b8b7f9f6bbaee2d85394161011ac990cd6b97f8155597b79db3aff6cc0abbf22
openssl-devel-0.9.8e-27.el5_10.3.s390x.rpm SHA-256: 051c12dc43f2109b994ab0b1d05100e6a3055a01dd679e00abca5295208e5aeb
openssl-perl-0.9.8e-27.el5_10.3.s390x.rpm SHA-256: 08dbf8f26d4bc9fd378ff65197e7854111adff1090d42ecfa41c7d742f69da92

Red Hat Enterprise Linux for Power, big endian 5

SRPM
openssl-0.9.8e-27.el5_10.3.src.rpm SHA-256: 91a8b5889c3c534053fbad42bbda404b15258432639053e9192ca41eef12fead
ppc
openssl-0.9.8e-27.el5_10.3.ppc.rpm SHA-256: 6443e29bd010d48ee74c0a6651c8454e526f250cc76f8c257969b9e5d939a6a6
openssl-0.9.8e-27.el5_10.3.ppc64.rpm SHA-256: 4f3ffcb84f146b51ca89b001360998f55bdb12886aed31a68c7ab6072dc57b2e
openssl-debuginfo-0.9.8e-27.el5_10.3.ppc.rpm SHA-256: ec5a3f9b8f20064dd0cc6b24b3cec03fb47d1b3f5f295452e780208d88f2ba67
openssl-debuginfo-0.9.8e-27.el5_10.3.ppc64.rpm SHA-256: 9bbcf321c45bea3bb6f12523aa0f6075a96b3ac8c0a093bc7fb6927186cbaded
openssl-devel-0.9.8e-27.el5_10.3.ppc.rpm SHA-256: 0ad0d4b8e82e49d5e11803ae567758de7cdd04e9832541b6092a157b2a7eb2ee
openssl-devel-0.9.8e-27.el5_10.3.ppc64.rpm SHA-256: 02b5fae0fb803e9837fa875eb4d3006b1835d1bdc6d03f43f79b8555d7c239db
openssl-perl-0.9.8e-27.el5_10.3.ppc.rpm SHA-256: 2c9219c456d97b1ea58e4a84dff15af3b251a03c95f3613e49a03b397ad48046

Red Hat Enterprise Linux Server from RHUI 5

SRPM
openssl-0.9.8e-27.el5_10.3.src.rpm SHA-256: 91a8b5889c3c534053fbad42bbda404b15258432639053e9192ca41eef12fead
x86_64
openssl-0.9.8e-27.el5_10.3.i686.rpm SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: 8e682abc76be09e396a2cb8419968dd0e2041179e8536cf39f3c4e010df2464a
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: e0b53c1abc5bedfaca569291aa92017d9bdfe85fcbd3c0fa9b332e7fcd63ab6b
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
openssl-devel-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: 6f59ac1d818133b4a7d6da5c4a0a1e7bb0b6eec9048035668005427fa184c2f8
openssl-perl-0.9.8e-27.el5_10.3.x86_64.rpm SHA-256: ff5baf013c47a8d26fae9855aa48507b284aa583fdcf640d4975531775424c42
i386
openssl-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 8cb59d50a7dbfa0653c9b7b7f84225432ba851840188d78a7a221878ecb35adb
openssl-0.9.8e-27.el5_10.3.i686.rpm SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
openssl-perl-0.9.8e-27.el5_10.3.i386.rpm SHA-256: 9c4ff27857bbbfae01ccd46c9fb8048a3b1b8557ff6e1a3f7ac529b51f3f591a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility