[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2023-3722 -- Oracle openssl

ID: oval:org.secpod.oval:def:1506618Date: (C)2023-07-03   (M)2024-04-29
Class: PATCHFamily: unix




[3.0.7-16.0.1] - Replace upstream references [Orabug: 34340177] [1:3.0.7-16] - Fix possible DoS translating ASN.1 object identifiers Resolves: CVE-2023-2650 - Release the DRBG in global default libctx early Resolves: rhbz#2211396 [1:3.0.7-15.1] - Re-enable DHX keys in FIPS mode, disable FIPS 186-4 parameter validation and generation in FIPS mode Resolves: rhbz#2178030 [1:3.0.7-15] - Enforce using EMS in FIPS mode - alerts tuning Related: rhbz#2157951 [1:3.0.7-14] - Input buffer over-read in AES-XTS implementation on 64 bit ARM Resolves: rhbz#2188554 [1:3.0.7-13] - Enforce using EMS in FIPS mode Resolves: rhbz#2157951 - Fix excessive resource usage in verifying X509 policy constraints Resolves: rhbz#2186661 - Fix invalid certificate policies in leaf certificates check Resolves: rhbz#2187429 - Certificate policy check not enabled Resolves: rhbz#2187431 - OpenSSL rsa_verify_recover key length checks in FIPS mode Resolves: rhbz#2186819 [1:3.0.7-12] - Change explicit FIPS indicator for RSA decryption to unapproved Resolves: rhbz#2179379 [1:3.0.7-11] - Add missing reference to patchfile to add explicit FIPS indicator to RSA encryption and RSASVE and fix the gettable parameter list for the RSA asymmetric cipher implementation. Resolves: rhbz#2179379 [1:3.0.7-10] - Add explicit FIPS indicator to RSA encryption and RSASVE Resolves: rhbz#2179379 [1:3.0.7-9] - Fix explicit FIPS indicator for X9.42 KDF when used with output lengths < 14 bytes Resolves: rhbz#2175864 [1:3.0.7-8] - Fix Wpointer-sign compiler warning Resolves: rhbz#2178034 [1:3.0.7-7] - Add explicit FIPS indicators to key derivation functions Resolves: rhbz#2175860 rhbz#2175864 - Zeroize FIPS module integrity check MAC after check Resolves: rhbz#2175873 - Add explicit FIPS indicator for IV generation in AES-GCM Resolves: rhbz#2175868 - Add explicit FIPS indicator for PBKDF2, use test vector with FIPS-compliant salt in PBKDF2 FIPS self-test Resolves: rhbz#2178137 - Limit RSA_NO_PADDING for encryption and signature in FIPS mode Resolves: rhbz#2178029 - Pairwise consistency tests should use Digest+Sign/Verify Resolves: rhbz#2178034 - Forbid DHX keys import in FIPS mode Resolves: rhbz#2178030 - DH PCT should abort on failure Resolves: rhbz#2178039 - Increase RNG seeding buffer size to 32 Related: rhbz#2168224

Platform:
Oracle Linux 9
Product:
openssl
Reference:
ELSA-2023-3722
CVE-2023-0464
CVE-2023-0465
CVE-2023-0466
CVE-2023-1255
CVE-2023-2650
CVE    5
CVE-2023-0465
CVE-2023-0466
CVE-2023-0464
CVE-2023-2650
...
CPE    2
cpe:/a:openssl:openssl
cpe:/o:oracle:linux:9

© SecPod Technologies