- Issued:
- 2020-12-15
- Updated:
- 2020-12-15
RHSA-2020:5476 - Security Advisory
Synopsis
Important: openssl security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for openssl is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
- openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Reject certificates with explicit EC parameters in strict mode (BZ#1891541)
- Add FIPS selftest for HKDF, SSKDF, SSHKDF, and TLS12PRF; add DH_compute_key KAT to DH selftest (BZ#1891542)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
Fixes
- BZ - 1903409 - CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 8
| SRPM | |
|---|---|
| openssl-1.1.1g-12.el8_3.src.rpm | SHA-256: 8d6803736dfd6a285a7c194e24aa647e3cc255f098b3553e0c31f612135da997 |
| x86_64 | |
| openssl-1.1.1g-12.el8_3.x86_64.rpm | SHA-256: f3d2c8827b12d0e434567180529490e16d8df5dc7abeb2c386c759ce6f33efc9 |
| openssl-debuginfo-1.1.1g-12.el8_3.i686.rpm | SHA-256: 2a2f974f024dd44ef3382d1aa8db5060982e1882bc8258b9fcfa706f7d473af8 |
| openssl-debuginfo-1.1.1g-12.el8_3.x86_64.rpm | SHA-256: c6d97e97f49c3c20d5ff80d8dbc92508134a6b69d3e67b70aad52045ea160405 |
| openssl-debugsource-1.1.1g-12.el8_3.i686.rpm | SHA-256: 115cdb05458241920f00f99a7181308f734ff42e65e72a2728639604de660cc5 |
| openssl-debugsource-1.1.1g-12.el8_3.x86_64.rpm | SHA-256: e7637f7ca43f2c9b3f6cb6b4a91a736d2536404f12c21210b7e5d9664039ad42 |
| openssl-devel-1.1.1g-12.el8_3.i686.rpm | SHA-256: 56101326891679f519ca82a2c8e27b318b10fbca0d461417803fbb1eec106d8f |
| openssl-devel-1.1.1g-12.el8_3.x86_64.rpm | SHA-256: 3561b1a2b574caccf0e7d27351111de3affe01ea68a30f7a78fa2fe843e8090b |
| openssl-libs-1.1.1g-12.el8_3.i686.rpm | SHA-256: b4bd3f145f1a61a8219185f16ec41a9874ac53cf53b3c593dd789f2abe9f3681 |
| openssl-libs-1.1.1g-12.el8_3.x86_64.rpm | SHA-256: 48dcfdf2bdfd84c0a7cab26e7626929f773db792910399a1b18108cb0e32208a |
| openssl-libs-debuginfo-1.1.1g-12.el8_3.i686.rpm | SHA-256: 4d004b6c1e434c7f198b3ece494209130a73a91c13addf151bda8e5a4a980056 |
| openssl-libs-debuginfo-1.1.1g-12.el8_3.x86_64.rpm | SHA-256: f11d82240b05a50688b9d8e5cdca5579bf9a41305dc4777b25631ba0186e5071 |
| openssl-perl-1.1.1g-12.el8_3.x86_64.rpm | SHA-256: fbcb70e37fbcd80e52581756699599c588ea78d28725cea21481ed2ff91ec62e |
Red Hat Enterprise Linux for IBM z Systems 8
| SRPM | |
|---|---|
| openssl-1.1.1g-12.el8_3.src.rpm | SHA-256: 8d6803736dfd6a285a7c194e24aa647e3cc255f098b3553e0c31f612135da997 |
| s390x | |
| openssl-1.1.1g-12.el8_3.s390x.rpm | SHA-256: 7ae97486e77f29ed3d0cf7aca627337af27027f0bd478f6771b57ebf50b66288 |
| openssl-debuginfo-1.1.1g-12.el8_3.s390x.rpm | SHA-256: e1b4216b2394ac44e8a6fbef6aeafd20d13d0b4b339de946d931cbe8c6518faf |
| openssl-debugsource-1.1.1g-12.el8_3.s390x.rpm | SHA-256: b34ecbda0c437c38fe98c8ac2148333c80260d7a51b1f433f2e7d0068fa2f74d |
| openssl-devel-1.1.1g-12.el8_3.s390x.rpm | SHA-256: d67d8f6e663d46524d69c686572d7d60bb5d5d2e78321f29491437b4f48598cd |
| openssl-libs-1.1.1g-12.el8_3.s390x.rpm | SHA-256: 7192f82aba74c24c800eb27ffe209e8a96a28fd767b824b6c9992d1e9e795c93 |
| openssl-libs-debuginfo-1.1.1g-12.el8_3.s390x.rpm | SHA-256: 266c2fc1a2fb3d1a6de38b010e357ba1931601b628559ae02c463c06d884058b |
| openssl-perl-1.1.1g-12.el8_3.s390x.rpm | SHA-256: 0485bc2536b8c4aa041d5ed7378b5e77e8ec8250e17bdf99820096a6b8dfdf3a |
Red Hat Enterprise Linux for Power, little endian 8
| SRPM | |
|---|---|
| openssl-1.1.1g-12.el8_3.src.rpm | SHA-256: 8d6803736dfd6a285a7c194e24aa647e3cc255f098b3553e0c31f612135da997 |
| ppc64le | |
| openssl-1.1.1g-12.el8_3.ppc64le.rpm | SHA-256: 8ac62007a08795ad1e7e2fc94fa7ca7acb873c96a54ccaeb284ef312e6539f5c |
| openssl-debuginfo-1.1.1g-12.el8_3.ppc64le.rpm | SHA-256: 41f92b2a16ff4840dac882bd47ee6a1d6ac47c76ccdc72d1224a6e4e4bebe2fe |
| openssl-debugsource-1.1.1g-12.el8_3.ppc64le.rpm | SHA-256: 6243870e47293af30c8a85e98b96c102c1cb37b0f449918e91c30fd0ae73d200 |
| openssl-devel-1.1.1g-12.el8_3.ppc64le.rpm | SHA-256: 48404dec9b1abfba1411ad6bc73c10f1d7e7c3c8c0a9d6e9514fe7ca9fa3d37f |
| openssl-libs-1.1.1g-12.el8_3.ppc64le.rpm | SHA-256: bc9c74fc948afad3e9c2e08599b6e8840538e2a462a913604a7ac397b33aeea2 |
| openssl-libs-debuginfo-1.1.1g-12.el8_3.ppc64le.rpm | SHA-256: 03f3067e229dfe57cbc23aa83ddf0f60bc1d67dd42c9a60dd56178d557184716 |
| openssl-perl-1.1.1g-12.el8_3.ppc64le.rpm | SHA-256: 969f71d5a1c7afa8f834afe2c15d378042fa7742f3f8606761e604dd0243ca7e |
Red Hat Enterprise Linux for ARM 64 8
| SRPM | |
|---|---|
| openssl-1.1.1g-12.el8_3.src.rpm | SHA-256: 8d6803736dfd6a285a7c194e24aa647e3cc255f098b3553e0c31f612135da997 |
| aarch64 | |
| openssl-1.1.1g-12.el8_3.aarch64.rpm | SHA-256: 2428f4d05aab9c2eddc09e4c5d661409c88ca0066ef8e8f2d40a8171e48878a8 |
| openssl-debuginfo-1.1.1g-12.el8_3.aarch64.rpm | SHA-256: 17ac1acb0498389d5f386af3994c60d58905ba57f3c1e8d7418541e5d42c5c35 |
| openssl-debugsource-1.1.1g-12.el8_3.aarch64.rpm | SHA-256: c134bc4c1ed334eed31de23dfef39d89ec77a2f60de0d8d02f758f4de2780349 |
| openssl-devel-1.1.1g-12.el8_3.aarch64.rpm | SHA-256: 0adffa70c88fa7c088f506ecc20b594f0661fc66aa8fbfdab382f2106bd35074 |
| openssl-libs-1.1.1g-12.el8_3.aarch64.rpm | SHA-256: c95781bcb432583821dc43f5ba7b0f28424260761a04b55bf7ff30ef380fd60d |
| openssl-libs-debuginfo-1.1.1g-12.el8_3.aarch64.rpm | SHA-256: acd304a8d1dc9a0479b016fbf4f5e14c7c76b47b089784419119eca457ed9ab6 |
| openssl-perl-1.1.1g-12.el8_3.aarch64.rpm | SHA-256: aea07279684352f78c71ac99817f3c403cb8e610402d168a8de256844f65cf4c |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.