Red Hat Product Errata RHSA-2020:5566 - Security Advisory

Issued:: 2020-12-16
Updated:: 2020-12-16

RHSA-2020:5566 - Security Advisory

Overview
Updated Packages

Synopsis

Important: openssl security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openssl is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

BZ - 1903409 - CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

CVEs

CVE-2020-1971

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
openssl-1.0.2k-21.el7_9.src.rpm	SHA-256: 9f0497c4a1768eca8985d46044243a7b19c4fc273bb5292596abaef990a2276e
x86_64
openssl-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 845e4660598353babb2833db37b10512afc8a49b329a34bf8d72ae84d5d04c38
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm	SHA-256: 6226df3ee47e77ef9b6b508929e4b6349fac35ef404c190c87bc11b64f034a93
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm	SHA-256: 6226df3ee47e77ef9b6b508929e4b6349fac35ef404c190c87bc11b64f034a93
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 1ae1a2bf643427ba46efd089afdc53caa833b2b28d5fd622cda365f87f3d1a65
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 1ae1a2bf643427ba46efd089afdc53caa833b2b28d5fd622cda365f87f3d1a65
openssl-devel-1.0.2k-21.el7_9.i686.rpm	SHA-256: 18d8f035f6ba0e79debaf2d9b6e68c61deac1440c2115080fb817930ae6bbd6c
openssl-devel-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: e086ff3dc76249276ea4ebcd467dc5c35b76822ba648eb6619cc24187c7784b4
openssl-libs-1.0.2k-21.el7_9.i686.rpm	SHA-256: ea27106bd71f95f069583184e283a3c7e2d24c2a8705f017e81afb2e237d8e4b
openssl-libs-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 98cf8700fb0ba1d2b3211c00197f169d2fd632644a3935cf7c9dfa596d287995
openssl-perl-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 301b32b51107e1543208a94e4b5aef2302277230bebaec41f22a9fed153ad030
openssl-static-1.0.2k-21.el7_9.i686.rpm	SHA-256: 56ac53aa562523340f52c1566ba70bb4d70aba32ea4132dbfdbd8384be2e7dc6
openssl-static-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: fd431b1ce6f6010f463bdfd67d80168cd05da8c4a814658da5766206506d6661

Red Hat Enterprise Linux Workstation 7

SRPM
openssl-1.0.2k-21.el7_9.src.rpm	SHA-256: 9f0497c4a1768eca8985d46044243a7b19c4fc273bb5292596abaef990a2276e
x86_64
openssl-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 845e4660598353babb2833db37b10512afc8a49b329a34bf8d72ae84d5d04c38
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm	SHA-256: 6226df3ee47e77ef9b6b508929e4b6349fac35ef404c190c87bc11b64f034a93
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm	SHA-256: 6226df3ee47e77ef9b6b508929e4b6349fac35ef404c190c87bc11b64f034a93
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 1ae1a2bf643427ba46efd089afdc53caa833b2b28d5fd622cda365f87f3d1a65
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 1ae1a2bf643427ba46efd089afdc53caa833b2b28d5fd622cda365f87f3d1a65
openssl-devel-1.0.2k-21.el7_9.i686.rpm	SHA-256: 18d8f035f6ba0e79debaf2d9b6e68c61deac1440c2115080fb817930ae6bbd6c
openssl-devel-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: e086ff3dc76249276ea4ebcd467dc5c35b76822ba648eb6619cc24187c7784b4
openssl-libs-1.0.2k-21.el7_9.i686.rpm	SHA-256: ea27106bd71f95f069583184e283a3c7e2d24c2a8705f017e81afb2e237d8e4b
openssl-libs-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 98cf8700fb0ba1d2b3211c00197f169d2fd632644a3935cf7c9dfa596d287995
openssl-perl-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 301b32b51107e1543208a94e4b5aef2302277230bebaec41f22a9fed153ad030
openssl-static-1.0.2k-21.el7_9.i686.rpm	SHA-256: 56ac53aa562523340f52c1566ba70bb4d70aba32ea4132dbfdbd8384be2e7dc6
openssl-static-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: fd431b1ce6f6010f463bdfd67d80168cd05da8c4a814658da5766206506d6661

Red Hat Enterprise Linux Desktop 7

SRPM
openssl-1.0.2k-21.el7_9.src.rpm	SHA-256: 9f0497c4a1768eca8985d46044243a7b19c4fc273bb5292596abaef990a2276e
x86_64
openssl-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 845e4660598353babb2833db37b10512afc8a49b329a34bf8d72ae84d5d04c38
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm	SHA-256: 6226df3ee47e77ef9b6b508929e4b6349fac35ef404c190c87bc11b64f034a93
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm	SHA-256: 6226df3ee47e77ef9b6b508929e4b6349fac35ef404c190c87bc11b64f034a93
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 1ae1a2bf643427ba46efd089afdc53caa833b2b28d5fd622cda365f87f3d1a65
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 1ae1a2bf643427ba46efd089afdc53caa833b2b28d5fd622cda365f87f3d1a65
openssl-devel-1.0.2k-21.el7_9.i686.rpm	SHA-256: 18d8f035f6ba0e79debaf2d9b6e68c61deac1440c2115080fb817930ae6bbd6c
openssl-devel-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: e086ff3dc76249276ea4ebcd467dc5c35b76822ba648eb6619cc24187c7784b4
openssl-libs-1.0.2k-21.el7_9.i686.rpm	SHA-256: ea27106bd71f95f069583184e283a3c7e2d24c2a8705f017e81afb2e237d8e4b
openssl-libs-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 98cf8700fb0ba1d2b3211c00197f169d2fd632644a3935cf7c9dfa596d287995
openssl-perl-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 301b32b51107e1543208a94e4b5aef2302277230bebaec41f22a9fed153ad030
openssl-static-1.0.2k-21.el7_9.i686.rpm	SHA-256: 56ac53aa562523340f52c1566ba70bb4d70aba32ea4132dbfdbd8384be2e7dc6
openssl-static-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: fd431b1ce6f6010f463bdfd67d80168cd05da8c4a814658da5766206506d6661

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
openssl-1.0.2k-21.el7_9.src.rpm	SHA-256: 9f0497c4a1768eca8985d46044243a7b19c4fc273bb5292596abaef990a2276e
s390x
openssl-1.0.2k-21.el7_9.s390x.rpm	SHA-256: 656f45cf091e87a8dc3ac9cb102a173aceb1a7a22186d2451af4a40c1e8d10b2
openssl-debuginfo-1.0.2k-21.el7_9.s390.rpm	SHA-256: 2ee54a16903f41814a8472b949eb5e915d934ce873bcb9d1883e52a8de45f7b4
openssl-debuginfo-1.0.2k-21.el7_9.s390.rpm	SHA-256: 2ee54a16903f41814a8472b949eb5e915d934ce873bcb9d1883e52a8de45f7b4
openssl-debuginfo-1.0.2k-21.el7_9.s390x.rpm	SHA-256: c8fb7ad20805dfd3f0fd4a05c28884326ed5f52e8cbd9454026c2d02d6fda5e2
openssl-debuginfo-1.0.2k-21.el7_9.s390x.rpm	SHA-256: c8fb7ad20805dfd3f0fd4a05c28884326ed5f52e8cbd9454026c2d02d6fda5e2
openssl-devel-1.0.2k-21.el7_9.s390.rpm	SHA-256: a14680d7ecbe89e254047dcb9ebb36b26aca0ec4475de4254e8f2ddf68825677
openssl-devel-1.0.2k-21.el7_9.s390x.rpm	SHA-256: dd69339a973e58d6e254219f7aa5e6922cd4fa991611df6faf013c3501a67e46
openssl-libs-1.0.2k-21.el7_9.s390.rpm	SHA-256: c00c51f5357f6a5d1d2a93ab083aca75831d1cd34b3e8fd52618ef6f65f2d97d
openssl-libs-1.0.2k-21.el7_9.s390x.rpm	SHA-256: 3efa6a4a8a58c74dc92cc31ea476f423f885c10c0db0438e6a770a24ae2be806
openssl-perl-1.0.2k-21.el7_9.s390x.rpm	SHA-256: a25c7a6b5af32dae787d6ff9a22347b717979f49555c1271b4d752c53a5026d0
openssl-static-1.0.2k-21.el7_9.s390.rpm	SHA-256: f1c1a372806e25084294eb3b51c913b92ec7d46194bfcbc903a3e3e9b399aa54
openssl-static-1.0.2k-21.el7_9.s390x.rpm	SHA-256: e4d3495a29562e69c9880f421211420ce15de23b7861367b5351aa5bda24438f

Red Hat Enterprise Linux for Power, big endian 7

SRPM
openssl-1.0.2k-21.el7_9.src.rpm	SHA-256: 9f0497c4a1768eca8985d46044243a7b19c4fc273bb5292596abaef990a2276e
ppc64
openssl-1.0.2k-21.el7_9.ppc64.rpm	SHA-256: e7295e63f4c17e24d78e8c04d39622621b39dc7a3cfa62e84c6a28348deec59d
openssl-debuginfo-1.0.2k-21.el7_9.ppc.rpm	SHA-256: 5fe2ec737224cbc2570abf02d4c6189b56a2be90949738130faa0a35f37ae484
openssl-debuginfo-1.0.2k-21.el7_9.ppc.rpm	SHA-256: 5fe2ec737224cbc2570abf02d4c6189b56a2be90949738130faa0a35f37ae484
openssl-debuginfo-1.0.2k-21.el7_9.ppc64.rpm	SHA-256: d62f7c9c516b0a4401b35e1218edf953320d1127effd47a4294747767129fc6e
openssl-debuginfo-1.0.2k-21.el7_9.ppc64.rpm	SHA-256: d62f7c9c516b0a4401b35e1218edf953320d1127effd47a4294747767129fc6e
openssl-devel-1.0.2k-21.el7_9.ppc.rpm	SHA-256: 583dc669c7e29b1e092806ed8d6a67947311a33aa13cb68a33e486c10488cfd9
openssl-devel-1.0.2k-21.el7_9.ppc64.rpm	SHA-256: dcb6b2a053804f2160534cec1e128eebf4b92f731033e236fba53c891b339c4a
openssl-libs-1.0.2k-21.el7_9.ppc.rpm	SHA-256: d159fe4b05182f7e4d7151a165d9d354d921c9a3490b123f0fdc88db55744ca3
openssl-libs-1.0.2k-21.el7_9.ppc64.rpm	SHA-256: 83856c1e027dc18209f3ab669d3cf8bc9b7aa32cdcf0fec056858f26a6834e15
openssl-perl-1.0.2k-21.el7_9.ppc64.rpm	SHA-256: 00415e06503a1e09eb5d011a548e265cbc14b79cc472709884c2a33358cc8f80
openssl-static-1.0.2k-21.el7_9.ppc.rpm	SHA-256: 24a3d2d1c2649012fd14062a25ad3196e8ea0122f37fe9c67299012666f36a77
openssl-static-1.0.2k-21.el7_9.ppc64.rpm	SHA-256: 4cfe1adab7572c0c9974df5ed31ea3a65a6682d738c1bf4cf09ecabef9f6205b

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
openssl-1.0.2k-21.el7_9.src.rpm	SHA-256: 9f0497c4a1768eca8985d46044243a7b19c4fc273bb5292596abaef990a2276e
x86_64
openssl-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 845e4660598353babb2833db37b10512afc8a49b329a34bf8d72ae84d5d04c38
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm	SHA-256: 6226df3ee47e77ef9b6b508929e4b6349fac35ef404c190c87bc11b64f034a93
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm	SHA-256: 6226df3ee47e77ef9b6b508929e4b6349fac35ef404c190c87bc11b64f034a93
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 1ae1a2bf643427ba46efd089afdc53caa833b2b28d5fd622cda365f87f3d1a65
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 1ae1a2bf643427ba46efd089afdc53caa833b2b28d5fd622cda365f87f3d1a65
openssl-devel-1.0.2k-21.el7_9.i686.rpm	SHA-256: 18d8f035f6ba0e79debaf2d9b6e68c61deac1440c2115080fb817930ae6bbd6c
openssl-devel-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: e086ff3dc76249276ea4ebcd467dc5c35b76822ba648eb6619cc24187c7784b4
openssl-libs-1.0.2k-21.el7_9.i686.rpm	SHA-256: ea27106bd71f95f069583184e283a3c7e2d24c2a8705f017e81afb2e237d8e4b
openssl-libs-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 98cf8700fb0ba1d2b3211c00197f169d2fd632644a3935cf7c9dfa596d287995
openssl-perl-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: 301b32b51107e1543208a94e4b5aef2302277230bebaec41f22a9fed153ad030
openssl-static-1.0.2k-21.el7_9.i686.rpm	SHA-256: 56ac53aa562523340f52c1566ba70bb4d70aba32ea4132dbfdbd8384be2e7dc6
openssl-static-1.0.2k-21.el7_9.x86_64.rpm	SHA-256: fd431b1ce6f6010f463bdfd67d80168cd05da8c4a814658da5766206506d6661

Red Hat Enterprise Linux for Power, little endian 7

SRPM
openssl-1.0.2k-21.el7_9.src.rpm	SHA-256: 9f0497c4a1768eca8985d46044243a7b19c4fc273bb5292596abaef990a2276e
ppc64le
openssl-1.0.2k-21.el7_9.ppc64le.rpm	SHA-256: beaf3aeb589ac296e214406c4f0ed7025fba1b7fca679e5ab7ff19bf8be6f1a5
openssl-debuginfo-1.0.2k-21.el7_9.ppc64le.rpm	SHA-256: 4dcb1edf6c64e7cdb24bda6eda004879252e08533c6b194b362121f3aee5d3ca
openssl-debuginfo-1.0.2k-21.el7_9.ppc64le.rpm	SHA-256: 4dcb1edf6c64e7cdb24bda6eda004879252e08533c6b194b362121f3aee5d3ca
openssl-devel-1.0.2k-21.el7_9.ppc64le.rpm	SHA-256: 4b628d051fa3026be2d5322cd97c34a5f20c9a322686972cf1b1a5079af5fe40
openssl-libs-1.0.2k-21.el7_9.ppc64le.rpm	SHA-256: a60cf5a582058f731293b17b7bb9b28ae78d2d6a5ce44747884aede6d643d357
openssl-perl-1.0.2k-21.el7_9.ppc64le.rpm	SHA-256: 9c41e32c9359a7afc45ba3110306efc8b5416a07ce2563e025db7c5c4e7b4b8f
openssl-static-1.0.2k-21.el7_9.ppc64le.rpm	SHA-256: f438f27dcd1b29ed02bc50096a2245d068a00ac45f0e294c4481815918e8aa25

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories