A flaw was found in OpenSSL. When the EVP_PKEY_public_check function is called in RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is a large prime, this computation takes a long time. An application that calls EVP_PKEY_public_check and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attackThe package openssl098e is provided purely for binary compatibility with older Amazon Linux versions. It does not receive security updates