CentOS 6 ELS: openssl package with the fix for several CVEs gradual rollout - TuxCare

CentOS 6 ELS: openssl package with the fix for several CVEs gradual rollout

TuxCare Team

September 13, 2021

changelog

A new updated openssl package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.

 

Rollout slot: 3
Rolled out to: 0.1%
ETA for 100% rollout: September 21


CHANGELOG

openssl-1.0.1e-62.el6.cloudlinux.els

  • Fix handling ASN.1 string as NULL terminated leads to read buffer overrun (CVE-2021-3712)
  • Fix excessively large primes in DH key generation (CVE-2018-0732)
  • Fix RSA key generation cache timing vulnerability (CVE-2018-0737)
  • Fix stack overflow parsing recursive ASN.1 structure (CVE-2018-0739)
  • Fix out-of-bounds read (CVE-2017-3735)

UPDATE COMMAND

yum update openssl*

IMMEDIATE UPDATE (VIA BYPASS)

yum update openssl* --enablerepo=ELS6-rollout-3-bypass

 

Stay in the Loop

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching