AlmaLinux 2227 Published by

An openssl security update has been released for AlmaLinux 9.



ALSA-2023:1405 Important: openssl security update


Type:
security

Severity:
important

Release date:
2023-03-23

Description
Security Fix(es):
* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
RHSA-2023:1405
CVE-2022-4304
CVE-2022-4450
CVE-2023-0215
CVE-2023-0286
ALSA-2023:1405

Updates packages:
openssl-devel-1.1.1k-9.el8_7.i686.rpm
openssl-libs-1.1.1k-9.el8_7.i686.rpm
openssl-libs-1.1.1k-9.el8_7.aarch64.rpm
openssl-1.1.1k-9.el8_7.aarch64.rpm
openssl-devel-1.1.1k-9.el8_7.aarch64.rpm
openssl-perl-1.1.1k-9.el8_7.aarch64.rpm
openssl-perl-1.1.1k-9.el8_7.x86_64.rpm
openssl-devel-1.1.1k-9.el8_7.x86_64.rpm
openssl-1.1.1k-9.el8_7.x86_64.rpm
openssl-libs-1.1.1k-9.el8_7.x86_64.rpm
openssl-libs-1.1.1k-9.el8_7.ppc64le.rpm
openssl-devel-1.1.1k-9.el8_7.ppc64le.rpm
openssl-1.1.1k-9.el8_7.ppc64le.rpm
openssl-perl-1.1.1k-9.el8_7.ppc64le.rpm
openssl-libs-1.1.1k-9.el8_7.s390x.rpm
openssl-perl-1.1.1k-9.el8_7.s390x.rpm
openssl-devel-1.1.1k-9.el8_7.s390x.rpm
openssl-1.1.1k-9.el8_7.s390x.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2023:1405 Important: openssl security update