Red Hat Product Errata RHSA-2022:1077 - Security Advisory
Issued:
2022-03-28
Updated:
2022-03-28

RHSA-2022:1077 - Security Advisory

Synopsis

Important: openssl security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openssl is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

  • openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.7 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.7 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7 x86_64

Fixes

  • BZ - 2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

Red Hat Enterprise Linux Server - AUS 7.7

SRPM
openssl-1.0.2k-21.el7_7.src.rpm SHA-256: fb760b9b05be9c4619f36d7d02b711909c15784704a6f3a49c870250536e4126
x86_64
openssl-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 13304ad9aaac081fe6fa418c09d74f0b332807d2f587ff5324d3188413260c03
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-devel-1.0.2k-21.el7_7.i686.rpm SHA-256: 3659c04f8dd447329511b4a88d31990fc0b8034fbf241a5f186e997a1317679c
openssl-devel-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 5e9a536c7f4b8fd74924f0b21468dbfdafe90ec7a9aa3159540fa7dcef56f93e
openssl-libs-1.0.2k-21.el7_7.i686.rpm SHA-256: 381764626a9732ab06db32b3a6449cc4a43b10a5892899340bba79fe5b523b2e
openssl-libs-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 94b98b5a51eec31b19431a6b5e878e11abb5a7cd6a9fafb2aab79399c4f4ee0c
openssl-perl-1.0.2k-21.el7_7.x86_64.rpm SHA-256: d981bc9a761639981bd52035f543d23400c0cf3eb5e48d38687576067816c7fb
openssl-static-1.0.2k-21.el7_7.i686.rpm SHA-256: 6f12dc8047a2b7f106fe738a634ff384f26d83792336786ea0fb93faed4f55a0
openssl-static-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 0bed8f8bba7d416976815ac44d2d570758411ca8bf52d06e90f9f3984f0801d4

Red Hat Enterprise Linux Server - TUS 7.7

SRPM
openssl-1.0.2k-21.el7_7.src.rpm SHA-256: fb760b9b05be9c4619f36d7d02b711909c15784704a6f3a49c870250536e4126
x86_64
openssl-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 13304ad9aaac081fe6fa418c09d74f0b332807d2f587ff5324d3188413260c03
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-devel-1.0.2k-21.el7_7.i686.rpm SHA-256: 3659c04f8dd447329511b4a88d31990fc0b8034fbf241a5f186e997a1317679c
openssl-devel-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 5e9a536c7f4b8fd74924f0b21468dbfdafe90ec7a9aa3159540fa7dcef56f93e
openssl-libs-1.0.2k-21.el7_7.i686.rpm SHA-256: 381764626a9732ab06db32b3a6449cc4a43b10a5892899340bba79fe5b523b2e
openssl-libs-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 94b98b5a51eec31b19431a6b5e878e11abb5a7cd6a9fafb2aab79399c4f4ee0c
openssl-perl-1.0.2k-21.el7_7.x86_64.rpm SHA-256: d981bc9a761639981bd52035f543d23400c0cf3eb5e48d38687576067816c7fb
openssl-static-1.0.2k-21.el7_7.i686.rpm SHA-256: 6f12dc8047a2b7f106fe738a634ff384f26d83792336786ea0fb93faed4f55a0
openssl-static-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 0bed8f8bba7d416976815ac44d2d570758411ca8bf52d06e90f9f3984f0801d4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7

SRPM
openssl-1.0.2k-21.el7_7.src.rpm SHA-256: fb760b9b05be9c4619f36d7d02b711909c15784704a6f3a49c870250536e4126
ppc64le
openssl-1.0.2k-21.el7_7.ppc64le.rpm SHA-256: eb0e4ad94634b6fcea61735ed0eee19736e9e62e13cbdfdc222deba05a434e7a
openssl-debuginfo-1.0.2k-21.el7_7.ppc64le.rpm SHA-256: 53da59b269e265f20aa8dc9127a56ad17eb6c9ac5432c4fa6a4672ecbb01f259
openssl-debuginfo-1.0.2k-21.el7_7.ppc64le.rpm SHA-256: 53da59b269e265f20aa8dc9127a56ad17eb6c9ac5432c4fa6a4672ecbb01f259
openssl-devel-1.0.2k-21.el7_7.ppc64le.rpm SHA-256: 8bac3e0bb559661e0ca1929a31c4598cfa508deff08c0f3a1cd5ee8d88a352b7
openssl-libs-1.0.2k-21.el7_7.ppc64le.rpm SHA-256: cdceefae484af9f71b3fd5bcd644237f1afae9d1f7c68887d0cf8efb2f78d9b1
openssl-perl-1.0.2k-21.el7_7.ppc64le.rpm SHA-256: 865c6ad73e3d82ec1e5ac720a94986d48c5b8774f64401055a276d3dc0f5c5a2
openssl-static-1.0.2k-21.el7_7.ppc64le.rpm SHA-256: b39ee73e61346831869dec8d331eb44b20a5562a070dd19d96b4663ecf7b54ea

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7

SRPM
openssl-1.0.2k-21.el7_7.src.rpm SHA-256: fb760b9b05be9c4619f36d7d02b711909c15784704a6f3a49c870250536e4126
x86_64
openssl-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 13304ad9aaac081fe6fa418c09d74f0b332807d2f587ff5324d3188413260c03
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-devel-1.0.2k-21.el7_7.i686.rpm SHA-256: 3659c04f8dd447329511b4a88d31990fc0b8034fbf241a5f186e997a1317679c
openssl-devel-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 5e9a536c7f4b8fd74924f0b21468dbfdafe90ec7a9aa3159540fa7dcef56f93e
openssl-libs-1.0.2k-21.el7_7.i686.rpm SHA-256: 381764626a9732ab06db32b3a6449cc4a43b10a5892899340bba79fe5b523b2e
openssl-libs-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 94b98b5a51eec31b19431a6b5e878e11abb5a7cd6a9fafb2aab79399c4f4ee0c
openssl-perl-1.0.2k-21.el7_7.x86_64.rpm SHA-256: d981bc9a761639981bd52035f543d23400c0cf3eb5e48d38687576067816c7fb
openssl-static-1.0.2k-21.el7_7.i686.rpm SHA-256: 6f12dc8047a2b7f106fe738a634ff384f26d83792336786ea0fb93faed4f55a0
openssl-static-1.0.2k-21.el7_7.x86_64.rpm SHA-256: 0bed8f8bba7d416976815ac44d2d570758411ca8bf52d06e90f9f3984f0801d4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.