Headline

RHSA-2021:5226: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2021-3712: openssl: Read buffer overruns processing ASN.1 strings

4 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes

Skip to navigation Skip to main content

Utilities

Subscriptions
Downloads
Containers
Support Cases

Red Hat Customer Portal

Infrastructure and Management

Red Hat Enterprise Linux
Red Hat Virtualization
Red Hat Identity Management
Red Hat Directory Server
Red Hat Certificate System
Red Hat Satellite
Red Hat Subscription Management
Red Hat Update Infrastructure
Red Hat Insights
Red Hat Ansible Automation Platform

Cloud Computing

Red Hat OpenShift
Red Hat CloudForms
Red Hat OpenStack Platform
Red Hat OpenShift Container Platform
Red Hat OpenShift Data Science
Red Hat OpenShift Online
Red Hat OpenShift Dedicated
Red Hat Advanced Cluster Security for Kubernetes
Red Hat Advanced Cluster Management for Kubernetes
Red Hat Quay
Red Hat CodeReady Workspaces
Red Hat OpenShift Service on AWS

Storage

Red Hat Gluster Storage
Red Hat Hyperconverged Infrastructure
Red Hat Ceph Storage
Red Hat OpenShift Data Foundation

Runtimes

Red Hat Runtimes
Red Hat JBoss Enterprise Application Platform
Red Hat Data Grid
Red Hat JBoss Web Server
Red Hat Single Sign On
Red Hat support for Spring Boot
Red Hat build of Node.js
Red Hat build of Thorntail
Red Hat build of Eclipse Vert.x
Red Hat build of OpenJDK
Red Hat build of Quarkus
Red Hat CodeReady Studio

Integration and Automation

Red Hat Process Automation
Red Hat Process Automation Manager
Red Hat Decision Manager

All Products

Issued:

2021-12-21

Updated:

2021-12-21

RHSA-2021:5226 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: openssl security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openssl is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

BZ - 1995634 - CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings

Red Hat Enterprise Linux for x86_64 8

SRPM

openssl-1.1.1k-5.el8_5.src.rpm

SHA-256: e4e51df997a447e8e77194743821d50135bf46047918180de712f6721a9a35bf

x86_64

openssl-1.1.1k-5.el8_5.x86_64.rpm

SHA-256: 407557110adc2c3af471f8ffad61e83abe7f7d51653dc332e2577bde52ba84b9

openssl-debuginfo-1.1.1k-5.el8_5.i686.rpm

SHA-256: cfbd0940a83979a51ba6f72ace91ffbcddebffb7e2e13dd7d2d4e55740d6ab38

openssl-debuginfo-1.1.1k-5.el8_5.x86_64.rpm

SHA-256: abb74a1422926cf38dc0a6d49e1b3f6eaebc4fadc54316caa8acfffb0d979f0f

openssl-debugsource-1.1.1k-5.el8_5.i686.rpm

SHA-256: 3be61759123a4a8304b487f54c5004e14a3b0ed286634e0b616d9509571ac36b

openssl-debugsource-1.1.1k-5.el8_5.x86_64.rpm

SHA-256: 9e484b121850cd720d8b21be2fc73796a657b2528e9bbd0fcce3ca01846fa3b8

openssl-devel-1.1.1k-5.el8_5.i686.rpm

SHA-256: d410a8e28febf6f41e806f1aff42738d3604f8a818aa0b48d1925870e1ce90af

openssl-devel-1.1.1k-5.el8_5.x86_64.rpm

SHA-256: 90a4023ffb696859185b1139d39295b1c61c5bab29c43f9e9b491ac8f15d7bd6

openssl-libs-1.1.1k-5.el8_5.i686.rpm

SHA-256: 62bae5a4c68f95b0b96117aef6fbfcf4837eee8fa97dfb13a229bd70dc1eb96c

openssl-libs-1.1.1k-5.el8_5.x86_64.rpm

SHA-256: cab1aa23fc15400d291bd026fa2f2dbcde83d0ad86bceaabf5ddc16364bdeb70

openssl-libs-debuginfo-1.1.1k-5.el8_5.i686.rpm

SHA-256: 9938bb57543f27eb7ecaeda11eb7694bcc7285c3b14e37fb24b9fc5b9deff83b

openssl-libs-debuginfo-1.1.1k-5.el8_5.x86_64.rpm

SHA-256: 0af86f661d634c7b6610fa7497b9922613b532fab0ab0c15cfca4098fc919ac9

openssl-perl-1.1.1k-5.el8_5.x86_64.rpm

SHA-256: fa7c08af82be6460381e3fe0a7779fb494f97047f2c20bfc1fb985dc9d4e8b5b

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

openssl-1.1.1k-5.el8_5.src.rpm

SHA-256: e4e51df997a447e8e77194743821d50135bf46047918180de712f6721a9a35bf

s390x

openssl-1.1.1k-5.el8_5.s390x.rpm

SHA-256: 9c319c93f4f391790fc6ac3bdb7c146d34f9eea63948c936692fc5f5c357317d

openssl-debuginfo-1.1.1k-5.el8_5.s390x.rpm

SHA-256: ee4be706f3c1c011cff57a52c90c8c07e64db6806951a7e7c29e1ed555af2aea

openssl-debugsource-1.1.1k-5.el8_5.s390x.rpm

SHA-256: 40f4e6b453c6d4b82e5b9ee776e0b8059920001c9e70c4d5e732c412319a9f80

openssl-devel-1.1.1k-5.el8_5.s390x.rpm

SHA-256: e66a89cf7215e1b9b64c10d78593514722d87fb7745d86ad69fc9628cabc469f

openssl-libs-1.1.1k-5.el8_5.s390x.rpm

SHA-256: 0a44782ce47a78b49b111b2a217bbcd88ff4649574c53aa0f1c8f86168d4f846

openssl-libs-debuginfo-1.1.1k-5.el8_5.s390x.rpm

SHA-256: ac639407cac54312e2b53bbccef974e7ec70167b91e0c4fdcc5d0f8ce695366b

openssl-perl-1.1.1k-5.el8_5.s390x.rpm

SHA-256: 62f98d32938ce6fdaa5ab68edc15fd82d9412173e2d82fe113d40be49260e58f

Red Hat Enterprise Linux for Power, little endian 8

SRPM

openssl-1.1.1k-5.el8_5.src.rpm

SHA-256: e4e51df997a447e8e77194743821d50135bf46047918180de712f6721a9a35bf

ppc64le

openssl-1.1.1k-5.el8_5.ppc64le.rpm

SHA-256: d4a96ece0102454017cb7f21ca6b2666cde2dfa1cd7ff4e5f0c9550e02d94e62

openssl-debuginfo-1.1.1k-5.el8_5.ppc64le.rpm

SHA-256: fb9da967cebcb4a3466488a03232a622e9782d65eb7b442773051e9228bff697

openssl-debugsource-1.1.1k-5.el8_5.ppc64le.rpm

SHA-256: 953f5e313a9a565e7fae38e279330def2568989a54a23690063602a5f8bb3f32

openssl-devel-1.1.1k-5.el8_5.ppc64le.rpm

SHA-256: ac2fdc02bc61724403689b4bcfb483b939daf5ebd91dd884aea2dc91d40387dd

openssl-libs-1.1.1k-5.el8_5.ppc64le.rpm

SHA-256: 845ab3d83ce20c06b1f3de244cc67dfd18e4f61b746250368c86ffc1022d571a

openssl-libs-debuginfo-1.1.1k-5.el8_5.ppc64le.rpm

SHA-256: b41cc106f45f0d788eccdb871047d2d77a4ece5dd74c9795d02e6d9aaa1d4312

openssl-perl-1.1.1k-5.el8_5.ppc64le.rpm

SHA-256: b60ce5a6f9f55a6feacbdf07f0f07a1232aa8b841db2c671812e17e8c7bd70b5

Red Hat Enterprise Linux for ARM 64 8

SRPM

openssl-1.1.1k-5.el8_5.src.rpm

SHA-256: e4e51df997a447e8e77194743821d50135bf46047918180de712f6721a9a35bf

aarch64

openssl-1.1.1k-5.el8_5.aarch64.rpm

SHA-256: bb98685a6fffc3e35c46c4c1350eb2a923bb985edd6a0491b36f1eed06f5374e

openssl-debuginfo-1.1.1k-5.el8_5.aarch64.rpm

SHA-256: ff4b9545ad1efe61c64c2ebb6e509661ea3f12fd29f981c730a7069cf3013a72

openssl-debugsource-1.1.1k-5.el8_5.aarch64.rpm

SHA-256: aaab3708f04b28921b563699736a075d1ae642a1bae2ebe1f8962d82f4156930

openssl-devel-1.1.1k-5.el8_5.aarch64.rpm

SHA-256: 0af3d006cf8ce7596f3df71181b445d27ff3fdc139c2136c90a001ad0d374160

openssl-libs-1.1.1k-5.el8_5.aarch64.rpm

SHA-256: 099a0b469168e111271ea71749fbf11e330939b3510cc2164f2d9252db119475

openssl-libs-debuginfo-1.1.1k-5.el8_5.aarch64.rpm

SHA-256: 9ba2e5467676ccac4ff4c42314691338c5e8e93783602b1263aa532cb5a9ce2c

openssl-perl-1.1.1k-5.el8_5.aarch64.rpm

SHA-256: ec2fd524c6b4d5e92299314c5e65461ca118f5e7d2f126391e55deac38f182b6

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

2 years ago

Red Hat Security Data

RHSA-2023:5628: Red Hat Security Advisory: kernel security and bug fix update

2 years ago

Red Hat Security Data

RHSA-2023:5622: Red Hat Security Advisory: kernel security and bug fix update

2 years ago

Red Hat Security Data

RHSA-2023:5615: Red Hat Security Advisory: libssh2 security update

2 years ago

Red Hat Security Data

RHSA-2023:5616: Red Hat Security Advisory: python-reportlab security update

2 years ago

Red Hat Security Data