Headline
RHSA-2022:1077: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-0778: openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-03-28
Updated:
2022-03-28
RHSA-2022:1077 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: openssl security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for openssl is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
- openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
Affected Products
- Red Hat Enterprise Linux Server - AUS 7.7 x86_64
- Red Hat Enterprise Linux Server - TUS 7.7 x86_64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Fixes
- BZ - 2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
Red Hat Enterprise Linux Server - AUS 7.7
SRPM
openssl-1.0.2k-21.el7_7.src.rpm
SHA-256: fb760b9b05be9c4619f36d7d02b711909c15784704a6f3a49c870250536e4126
x86_64
openssl-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 13304ad9aaac081fe6fa418c09d74f0b332807d2f587ff5324d3188413260c03
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm
SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm
SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-devel-1.0.2k-21.el7_7.i686.rpm
SHA-256: 3659c04f8dd447329511b4a88d31990fc0b8034fbf241a5f186e997a1317679c
openssl-devel-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 5e9a536c7f4b8fd74924f0b21468dbfdafe90ec7a9aa3159540fa7dcef56f93e
openssl-libs-1.0.2k-21.el7_7.i686.rpm
SHA-256: 381764626a9732ab06db32b3a6449cc4a43b10a5892899340bba79fe5b523b2e
openssl-libs-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 94b98b5a51eec31b19431a6b5e878e11abb5a7cd6a9fafb2aab79399c4f4ee0c
openssl-perl-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: d981bc9a761639981bd52035f543d23400c0cf3eb5e48d38687576067816c7fb
openssl-static-1.0.2k-21.el7_7.i686.rpm
SHA-256: 6f12dc8047a2b7f106fe738a634ff384f26d83792336786ea0fb93faed4f55a0
openssl-static-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 0bed8f8bba7d416976815ac44d2d570758411ca8bf52d06e90f9f3984f0801d4
Red Hat Enterprise Linux Server - TUS 7.7
SRPM
openssl-1.0.2k-21.el7_7.src.rpm
SHA-256: fb760b9b05be9c4619f36d7d02b711909c15784704a6f3a49c870250536e4126
x86_64
openssl-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 13304ad9aaac081fe6fa418c09d74f0b332807d2f587ff5324d3188413260c03
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm
SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm
SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-devel-1.0.2k-21.el7_7.i686.rpm
SHA-256: 3659c04f8dd447329511b4a88d31990fc0b8034fbf241a5f186e997a1317679c
openssl-devel-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 5e9a536c7f4b8fd74924f0b21468dbfdafe90ec7a9aa3159540fa7dcef56f93e
openssl-libs-1.0.2k-21.el7_7.i686.rpm
SHA-256: 381764626a9732ab06db32b3a6449cc4a43b10a5892899340bba79fe5b523b2e
openssl-libs-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 94b98b5a51eec31b19431a6b5e878e11abb5a7cd6a9fafb2aab79399c4f4ee0c
openssl-perl-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: d981bc9a761639981bd52035f543d23400c0cf3eb5e48d38687576067816c7fb
openssl-static-1.0.2k-21.el7_7.i686.rpm
SHA-256: 6f12dc8047a2b7f106fe738a634ff384f26d83792336786ea0fb93faed4f55a0
openssl-static-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 0bed8f8bba7d416976815ac44d2d570758411ca8bf52d06e90f9f3984f0801d4
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7
SRPM
openssl-1.0.2k-21.el7_7.src.rpm
SHA-256: fb760b9b05be9c4619f36d7d02b711909c15784704a6f3a49c870250536e4126
ppc64le
openssl-1.0.2k-21.el7_7.ppc64le.rpm
SHA-256: eb0e4ad94634b6fcea61735ed0eee19736e9e62e13cbdfdc222deba05a434e7a
openssl-debuginfo-1.0.2k-21.el7_7.ppc64le.rpm
SHA-256: 53da59b269e265f20aa8dc9127a56ad17eb6c9ac5432c4fa6a4672ecbb01f259
openssl-debuginfo-1.0.2k-21.el7_7.ppc64le.rpm
SHA-256: 53da59b269e265f20aa8dc9127a56ad17eb6c9ac5432c4fa6a4672ecbb01f259
openssl-devel-1.0.2k-21.el7_7.ppc64le.rpm
SHA-256: 8bac3e0bb559661e0ca1929a31c4598cfa508deff08c0f3a1cd5ee8d88a352b7
openssl-libs-1.0.2k-21.el7_7.ppc64le.rpm
SHA-256: cdceefae484af9f71b3fd5bcd644237f1afae9d1f7c68887d0cf8efb2f78d9b1
openssl-perl-1.0.2k-21.el7_7.ppc64le.rpm
SHA-256: 865c6ad73e3d82ec1e5ac720a94986d48c5b8774f64401055a276d3dc0f5c5a2
openssl-static-1.0.2k-21.el7_7.ppc64le.rpm
SHA-256: b39ee73e61346831869dec8d331eb44b20a5562a070dd19d96b4663ecf7b54ea
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7
SRPM
openssl-1.0.2k-21.el7_7.src.rpm
SHA-256: fb760b9b05be9c4619f36d7d02b711909c15784704a6f3a49c870250536e4126
x86_64
openssl-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 13304ad9aaac081fe6fa418c09d74f0b332807d2f587ff5324d3188413260c03
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm
SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.i686.rpm
SHA-256: 93ef9cca9bf5c82e001bda3bcad299cff2b335e4ff6a6f376325d049a0fa6e32
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-debuginfo-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: e3e85310ae26caf06d2d7642b4372cb6f2d7d2ac83336ff6587f91af3c35dd37
openssl-devel-1.0.2k-21.el7_7.i686.rpm
SHA-256: 3659c04f8dd447329511b4a88d31990fc0b8034fbf241a5f186e997a1317679c
openssl-devel-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 5e9a536c7f4b8fd74924f0b21468dbfdafe90ec7a9aa3159540fa7dcef56f93e
openssl-libs-1.0.2k-21.el7_7.i686.rpm
SHA-256: 381764626a9732ab06db32b3a6449cc4a43b10a5892899340bba79fe5b523b2e
openssl-libs-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 94b98b5a51eec31b19431a6b5e878e11abb5a7cd6a9fafb2aab79399c4f4ee0c
openssl-perl-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: d981bc9a761639981bd52035f543d23400c0cf3eb5e48d38687576067816c7fb
openssl-static-1.0.2k-21.el7_7.i686.rpm
SHA-256: 6f12dc8047a2b7f106fe738a634ff384f26d83792336786ea0fb93faed4f55a0
openssl-static-1.0.2k-21.el7_7.x86_64.rpm
SHA-256: 0bed8f8bba7d416976815ac44d2d570758411ca8bf52d06e90f9f3984f0801d4
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.