An openssl security update has been released for AlmaLinux 9.
ALSA-2023:1405 Important: openssl security update
Type:
security
Severity:
important
Release date:
2023-03-23
Description
Security Fix(es):
* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
RHSA-2023:1405
CVE-2022-4304
CVE-2022-4450
CVE-2023-0215
CVE-2023-0286
ALSA-2023:1405
Updates packages:
openssl-devel-1.1.1k-9.el8_7.i686.rpm
openssl-libs-1.1.1k-9.el8_7.i686.rpm
openssl-libs-1.1.1k-9.el8_7.aarch64.rpm
openssl-1.1.1k-9.el8_7.aarch64.rpm
openssl-devel-1.1.1k-9.el8_7.aarch64.rpm
openssl-perl-1.1.1k-9.el8_7.aarch64.rpm
openssl-perl-1.1.1k-9.el8_7.x86_64.rpm
openssl-devel-1.1.1k-9.el8_7.x86_64.rpm
openssl-1.1.1k-9.el8_7.x86_64.rpm
openssl-libs-1.1.1k-9.el8_7.x86_64.rpm
openssl-libs-1.1.1k-9.el8_7.ppc64le.rpm
openssl-devel-1.1.1k-9.el8_7.ppc64le.rpm
openssl-1.1.1k-9.el8_7.ppc64le.rpm
openssl-perl-1.1.1k-9.el8_7.ppc64le.rpm
openssl-libs-1.1.1k-9.el8_7.s390x.rpm
openssl-perl-1.1.1k-9.el8_7.s390x.rpm
openssl-devel-1.1.1k-9.el8_7.s390x.rpm
openssl-1.1.1k-9.el8_7.s390x.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.
