OracleLinux 6 ELS: openssl package with the fix for the CVE-2021-3712 and CVE-2021-23841 released - TuxCare

OracleLinux 6 ELS: openssl package with the fix for the CVE-2021-3712 and CVE-2021-23841 released

TuxCare Team

September 13, 2021

changelog, OracleLinux 6 ELS

A new updated openssl package with the fix for the CVE-2021-3712 and CVE-2021-23841 within OracleLinux OS 6 ELS is now available for download from our production repository.

CHANGELOG

openssl-1.0.1e-62.el6.cloudlinux.els

  • Fix handling ASN.1 string as NULL terminated leads to read buffer overrun (CVE-2021-3712)
  • Fix NULL pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)

UPDATE COMMAND

yum update openssl*

 

Stay in the Loop

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching