-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2020.4426.3
                          openssl security update
                             18 December 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           openssl
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-1971  

Reference:         ESB-2020.4394
                   ESB-2020.4385
                   ESB-2020.4365
                   ESB-2020.4348
                   ESB-2020.4323
                   ESB-2020.4320

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:5422
   https://access.redhat.com/errata/RHSA-2020:5476
   https://access.redhat.com/errata/RHSA-2020:5588
   https://access.redhat.com/errata/RHSA-2020:5566
   https://access.redhat.com/errata/RHSA-2020:5623

Comment: This bulletin contains five (5) Red Hat security advisories.

Revision History:  December 18 2020: Additional associated advisory for RH 7.7 Extended Update Support
                   December 17 2020: Additional advisories for RH 7 and RH 8.0 Services for SAP Solutions
                   December 16 2020: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: openssl security update
Advisory ID:       RHSA-2020:5422-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:5422
Issue date:        2020-12-15
CVE Names:         CVE-2020-1971 
=====================================================================

1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.2
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library.

Security Fix(es):

* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

1903409 - CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v. 8.2):

Source:
openssl-1.1.1c-16.el8_2.src.rpm

aarch64:
openssl-1.1.1c-16.el8_2.aarch64.rpm
openssl-debuginfo-1.1.1c-16.el8_2.aarch64.rpm
openssl-debugsource-1.1.1c-16.el8_2.aarch64.rpm
openssl-devel-1.1.1c-16.el8_2.aarch64.rpm
openssl-libs-1.1.1c-16.el8_2.aarch64.rpm
openssl-libs-debuginfo-1.1.1c-16.el8_2.aarch64.rpm
openssl-perl-1.1.1c-16.el8_2.aarch64.rpm

ppc64le:
openssl-1.1.1c-16.el8_2.ppc64le.rpm
openssl-debuginfo-1.1.1c-16.el8_2.ppc64le.rpm
openssl-debugsource-1.1.1c-16.el8_2.ppc64le.rpm
openssl-devel-1.1.1c-16.el8_2.ppc64le.rpm
openssl-libs-1.1.1c-16.el8_2.ppc64le.rpm
openssl-libs-debuginfo-1.1.1c-16.el8_2.ppc64le.rpm
openssl-perl-1.1.1c-16.el8_2.ppc64le.rpm

s390x:
openssl-1.1.1c-16.el8_2.s390x.rpm
openssl-debuginfo-1.1.1c-16.el8_2.s390x.rpm
openssl-debugsource-1.1.1c-16.el8_2.s390x.rpm
openssl-devel-1.1.1c-16.el8_2.s390x.rpm
openssl-libs-1.1.1c-16.el8_2.s390x.rpm
openssl-libs-debuginfo-1.1.1c-16.el8_2.s390x.rpm
openssl-perl-1.1.1c-16.el8_2.s390x.rpm

x86_64:
openssl-1.1.1c-16.el8_2.x86_64.rpm
openssl-debuginfo-1.1.1c-16.el8_2.i686.rpm
openssl-debuginfo-1.1.1c-16.el8_2.x86_64.rpm
openssl-debugsource-1.1.1c-16.el8_2.i686.rpm
openssl-debugsource-1.1.1c-16.el8_2.x86_64.rpm
openssl-devel-1.1.1c-16.el8_2.i686.rpm
openssl-devel-1.1.1c-16.el8_2.x86_64.rpm
openssl-libs-1.1.1c-16.el8_2.i686.rpm
openssl-libs-1.1.1c-16.el8_2.x86_64.rpm
openssl-libs-debuginfo-1.1.1c-16.el8_2.i686.rpm
openssl-libs-debuginfo-1.1.1c-16.el8_2.x86_64.rpm
openssl-perl-1.1.1c-16.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX9h9AtzjgjWX9erEAQhhhw/+JgSy0COaf8kGW0zDOXQ926S28Prc/Who
b5Rwb7tW92AQWexu5k23RNDAV+oWyISR2KOlMP5Pd1RYnziixVVoDILaJsVVhC8j
yNE4VF1nYBTSYAuzQp66n3dTR2QC/ydGK3nbaNIN37pSAubz/1Qa5sjsQQWIc3d9
pbtY7ePExwPY/U7XkUFbPdcgms2ZBy5dOOab2VsBT+SCKtrO1jUAvLmX9uFTu6lU
sc61QD50nvXLQ/tnzQBC8GoJg9QJdX7W8dqGYdShKmlQAiRJQTiysLKjDayPeVsm
KhB8dMnlx3XrLCs1U2kE7q72L7mWK59N8XExkmAKNRsTaGkCc+p5mSvB1mpwQYa1
k+fZglx9ZQKojJn8bJsLkuP1HBHzCefgRevyaiKkEGlIsqtjqc79u+n7HnQDBkBm
o8Kqy1jctBk10/HiU+jEYa6KgJZRcz6Waen28U8GRP4d+QRMCGoonEPkjBV6x3vd
cjfneCBVp2bdhyq9K6+vpsitqWHv55KyFJIzAwKQIPRmpB0fwYA+Q368wvehdJzu
+unJ7lMddoPKro83AblZkQdorsjxL31cujWiFV0kwdbZ+y4XFlf76EybqOhu1UOa
AFRcJp36dqwP57Q9MfeEd7VTMl7951gTvQ5VWc++z5yiUcVnFR0gaRfVLwsvRf4c
/+B/TaRTh3w=
=oUGU
- -----END PGP SIGNATURE-----

- ----------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: openssl security and bug fix update
Advisory ID:       RHSA-2020:5476-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:5476
Issue date:        2020-12-15
CVE Names:         CVE-2020-1971 
=====================================================================

1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library.

Security Fix(es):

* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Reject certificates with explicit EC parameters in strict mode
(BZ#1891541)

* Add FIPS selftest for HKDF, SSKDF, SSHKDF, and TLS12PRF; add
DH_compute_key KAT to DH selftest (BZ#1891542)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

1903409 - CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
openssl-1.1.1g-12.el8_3.src.rpm

aarch64:
openssl-1.1.1g-12.el8_3.aarch64.rpm
openssl-debuginfo-1.1.1g-12.el8_3.aarch64.rpm
openssl-debugsource-1.1.1g-12.el8_3.aarch64.rpm
openssl-devel-1.1.1g-12.el8_3.aarch64.rpm
openssl-libs-1.1.1g-12.el8_3.aarch64.rpm
openssl-libs-debuginfo-1.1.1g-12.el8_3.aarch64.rpm
openssl-perl-1.1.1g-12.el8_3.aarch64.rpm

ppc64le:
openssl-1.1.1g-12.el8_3.ppc64le.rpm
openssl-debuginfo-1.1.1g-12.el8_3.ppc64le.rpm
openssl-debugsource-1.1.1g-12.el8_3.ppc64le.rpm
openssl-devel-1.1.1g-12.el8_3.ppc64le.rpm
openssl-libs-1.1.1g-12.el8_3.ppc64le.rpm
openssl-libs-debuginfo-1.1.1g-12.el8_3.ppc64le.rpm
openssl-perl-1.1.1g-12.el8_3.ppc64le.rpm

s390x:
openssl-1.1.1g-12.el8_3.s390x.rpm
openssl-debuginfo-1.1.1g-12.el8_3.s390x.rpm
openssl-debugsource-1.1.1g-12.el8_3.s390x.rpm
openssl-devel-1.1.1g-12.el8_3.s390x.rpm
openssl-libs-1.1.1g-12.el8_3.s390x.rpm
openssl-libs-debuginfo-1.1.1g-12.el8_3.s390x.rpm
openssl-perl-1.1.1g-12.el8_3.s390x.rpm

x86_64:
openssl-1.1.1g-12.el8_3.x86_64.rpm
openssl-debuginfo-1.1.1g-12.el8_3.i686.rpm
openssl-debuginfo-1.1.1g-12.el8_3.x86_64.rpm
openssl-debugsource-1.1.1g-12.el8_3.i686.rpm
openssl-debugsource-1.1.1g-12.el8_3.x86_64.rpm
openssl-devel-1.1.1g-12.el8_3.i686.rpm
openssl-devel-1.1.1g-12.el8_3.x86_64.rpm
openssl-libs-1.1.1g-12.el8_3.i686.rpm
openssl-libs-1.1.1g-12.el8_3.x86_64.rpm
openssl-libs-debuginfo-1.1.1g-12.el8_3.i686.rpm
openssl-libs-debuginfo-1.1.1g-12.el8_3.x86_64.rpm
openssl-perl-1.1.1g-12.el8_3.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX9joRtzjgjWX9erEAQhWQA//VeMjB37DyaClg+y1tGngBnpaSIVdkg46
Sy50TsNa+rH7oYE7SSsOxRMJHU+91oCgQczO+0/Xf0uZqL/3t29oRSzV4EYiJLjc
kmu5tX26bWfv5JXU8+Nd1H5c3cZMpFf3sOKV5PZD564X1tHjGkCFDWDOrXCHUjH6
6dbDl9/hfIJkPYbgG/iLNhd5VP8U0KrKuWUkvQedvyEmc/CDJ4b0dRKlHaCdX68K
PxQAzsXhqvVPBwbapMafFdoLJvIEuFrdKuhPdHxEslCw0dwr4079eY+B8juVb6IU
ejHIWZ/TqEqzWhqSYwl27NFPEg9C/OHrpfJglsd3xXZ2RTZL0pHuJ7FJp/q3z6Fw
0o2KQWQHVsaEwqT+CDN/h6sg+MFLhV4+BJY20pj/k4M7mCH3iNI0Mqnc1834Y/rG
w3C7ewQHiwHIeNOryaxfQMJ9a3wyau7ei5t/Zw3nmzcsnZA6vwiYiDYM7mgO0UT/
cd6bM8Ex6/v5VJH9CTEzxiA/b9QxYD/Qnfuj0LenGyPHVraV5MtBLZtfmQK8P4Cn
AWe9oC2pHgOjeCC7Dz26qj1FiQssvpnnoGgidYs3AEZ/YJ2ArPhlV95O6Fyvh9/p
8U4x+0I7b4uLLRVgCAbiBek2RnABi6hnnPCiDB58QJj0IVZYUledzX4toI20GynI
C+m3FMSSCc4=
=zFrP
- -----END PGP SIGNATURE-----

- -------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: openssl security update
Advisory ID:       RHSA-2020:5588-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:5588
Issue date:        2020-12-16
CVE Names:         CVE-2020-1971 
=====================================================================

1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.0
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.0) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library.

Security Fix(es):

* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

1903409 - CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.0):

Source:
openssl-1.1.1-9.el8_0.src.rpm

aarch64:
openssl-1.1.1-9.el8_0.aarch64.rpm
openssl-debuginfo-1.1.1-9.el8_0.aarch64.rpm
openssl-debugsource-1.1.1-9.el8_0.aarch64.rpm
openssl-devel-1.1.1-9.el8_0.aarch64.rpm
openssl-libs-1.1.1-9.el8_0.aarch64.rpm
openssl-libs-debuginfo-1.1.1-9.el8_0.aarch64.rpm
openssl-perl-1.1.1-9.el8_0.aarch64.rpm

ppc64le:
openssl-1.1.1-9.el8_0.ppc64le.rpm
openssl-debuginfo-1.1.1-9.el8_0.ppc64le.rpm
openssl-debugsource-1.1.1-9.el8_0.ppc64le.rpm
openssl-devel-1.1.1-9.el8_0.ppc64le.rpm
openssl-libs-1.1.1-9.el8_0.ppc64le.rpm
openssl-libs-debuginfo-1.1.1-9.el8_0.ppc64le.rpm
openssl-perl-1.1.1-9.el8_0.ppc64le.rpm

s390x:
openssl-1.1.1-9.el8_0.s390x.rpm
openssl-debuginfo-1.1.1-9.el8_0.s390x.rpm
openssl-debugsource-1.1.1-9.el8_0.s390x.rpm
openssl-devel-1.1.1-9.el8_0.s390x.rpm
openssl-libs-1.1.1-9.el8_0.s390x.rpm
openssl-libs-debuginfo-1.1.1-9.el8_0.s390x.rpm
openssl-perl-1.1.1-9.el8_0.s390x.rpm

x86_64:
openssl-1.1.1-9.el8_0.x86_64.rpm
openssl-debuginfo-1.1.1-9.el8_0.i686.rpm
openssl-debuginfo-1.1.1-9.el8_0.x86_64.rpm
openssl-debugsource-1.1.1-9.el8_0.i686.rpm
openssl-debugsource-1.1.1-9.el8_0.x86_64.rpm
openssl-devel-1.1.1-9.el8_0.i686.rpm
openssl-devel-1.1.1-9.el8_0.x86_64.rpm
openssl-libs-1.1.1-9.el8_0.i686.rpm
openssl-libs-1.1.1-9.el8_0.x86_64.rpm
openssl-libs-debuginfo-1.1.1-9.el8_0.i686.rpm
openssl-libs-debuginfo-1.1.1-9.el8_0.x86_64.rpm
openssl-perl-1.1.1-9.el8_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX9okStzjgjWX9erEAQj9Iw/8DLEapcZzDHzcpFQ0/BF7mYjDu9A1ikIO
wgjoE9yN31hNW6FKjuLdzwzPFz85QDsUnSZJh/uuRPO0bWTZXOfFSjmWi7Zj9AGV
ujH7eSH8XlP5fdfYNxZY2wcxkrpoqvCadUV22VM072sy2487MSvseXtYarloGsxj
0mK2zrSH1uJC4jaEo8HBTlW7fYMYJDOoyxIM+mODdN5Z18HTwgJ2kFZWFuTkXjl4
spRXGNuTnKTLHwVI7wnEKUv8tf9E7RMingOEZs6DHptjNiyhzrIue8qFpAlvQOG2
rTCBIUY0VXvD/RtqlvXIwLg17b3vBIVhqJoC6/5ePC3QQndI76KffZGNBAoFtVB+
cb7aAzXal0CVRoYM/38Y9jTtdbaz1ROUZoZqV1BBT+HwztPDlRnBTI6NhojF6cSI
LAJ4CpaKseqSkbatmccd603/PubByHoK6CJM7TH4UOa2/NZuqUXTMLj/42CZGlLA
aJvnl3qUZk+vEkq+U0s8f9d7POXlINuvPKoHGSZkXbsf4izEQL0UmZnEckRl2tO+
JBjbkqPcL/YVFLC9V1m51GqFyhe3Q3+jKZHxHaXukQmd5SeQktw3gLdlK5qfD/w7
BX+CPEscKO/BSHZ57vheufKNRN/j00ZcWuLh3cHmzvGLUd/DLT9CNi4HHdTU+3cq
Bfe6JUbroj0=
=0+02
- -----END PGP SIGNATURE-----

- -------------------------------------------------------------------------------

Subject:	[RHSA-2020:5566-01] Important: openssl security update
From:	"Security announcements for all Red Hat products and services." <rhsa-announce@redhat.com>
Reply-To:	rhsa-announce@redhat.com
Date:	Wed, 16 Dec 2020 04:08:22 -0500
To:	rhsa-announce@redhat.com


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: openssl security update
Advisory ID:       RHSA-2020:5566-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:5566
Issue date:        2020-12-16
CVE Names:         CVE-2020-1971 
=====================================================================

1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library.

Security Fix(es):

* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

1903409 - CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
openssl-1.0.2k-21.el7_9.src.rpm

x86_64:
openssl-1.0.2k-21.el7_9.x86_64.rpm
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm
openssl-libs-1.0.2k-21.el7_9.i686.rpm
openssl-libs-1.0.2k-21.el7_9.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm
openssl-devel-1.0.2k-21.el7_9.i686.rpm
openssl-devel-1.0.2k-21.el7_9.x86_64.rpm
openssl-perl-1.0.2k-21.el7_9.x86_64.rpm
openssl-static-1.0.2k-21.el7_9.i686.rpm
openssl-static-1.0.2k-21.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
openssl-1.0.2k-21.el7_9.src.rpm

x86_64:
openssl-1.0.2k-21.el7_9.x86_64.rpm
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm
openssl-libs-1.0.2k-21.el7_9.i686.rpm
openssl-libs-1.0.2k-21.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm
openssl-devel-1.0.2k-21.el7_9.i686.rpm
openssl-devel-1.0.2k-21.el7_9.x86_64.rpm
openssl-perl-1.0.2k-21.el7_9.x86_64.rpm
openssl-static-1.0.2k-21.el7_9.i686.rpm
openssl-static-1.0.2k-21.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
openssl-1.0.2k-21.el7_9.src.rpm

ppc64:
openssl-1.0.2k-21.el7_9.ppc64.rpm
openssl-debuginfo-1.0.2k-21.el7_9.ppc.rpm
openssl-debuginfo-1.0.2k-21.el7_9.ppc64.rpm
openssl-devel-1.0.2k-21.el7_9.ppc.rpm
openssl-devel-1.0.2k-21.el7_9.ppc64.rpm
openssl-libs-1.0.2k-21.el7_9.ppc.rpm
openssl-libs-1.0.2k-21.el7_9.ppc64.rpm

ppc64le:
openssl-1.0.2k-21.el7_9.ppc64le.rpm
openssl-debuginfo-1.0.2k-21.el7_9.ppc64le.rpm
openssl-devel-1.0.2k-21.el7_9.ppc64le.rpm
openssl-libs-1.0.2k-21.el7_9.ppc64le.rpm

s390x:
openssl-1.0.2k-21.el7_9.s390x.rpm
openssl-debuginfo-1.0.2k-21.el7_9.s390.rpm
openssl-debuginfo-1.0.2k-21.el7_9.s390x.rpm
openssl-devel-1.0.2k-21.el7_9.s390.rpm
openssl-devel-1.0.2k-21.el7_9.s390x.rpm
openssl-libs-1.0.2k-21.el7_9.s390.rpm
openssl-libs-1.0.2k-21.el7_9.s390x.rpm

x86_64:
openssl-1.0.2k-21.el7_9.x86_64.rpm
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm
openssl-devel-1.0.2k-21.el7_9.i686.rpm
openssl-devel-1.0.2k-21.el7_9.x86_64.rpm
openssl-libs-1.0.2k-21.el7_9.i686.rpm
openssl-libs-1.0.2k-21.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
openssl-debuginfo-1.0.2k-21.el7_9.ppc.rpm
openssl-debuginfo-1.0.2k-21.el7_9.ppc64.rpm
openssl-perl-1.0.2k-21.el7_9.ppc64.rpm
openssl-static-1.0.2k-21.el7_9.ppc.rpm
openssl-static-1.0.2k-21.el7_9.ppc64.rpm

ppc64le:
openssl-debuginfo-1.0.2k-21.el7_9.ppc64le.rpm
openssl-perl-1.0.2k-21.el7_9.ppc64le.rpm
openssl-static-1.0.2k-21.el7_9.ppc64le.rpm

s390x:
openssl-debuginfo-1.0.2k-21.el7_9.s390.rpm
openssl-debuginfo-1.0.2k-21.el7_9.s390x.rpm
openssl-perl-1.0.2k-21.el7_9.s390x.rpm
openssl-static-1.0.2k-21.el7_9.s390.rpm
openssl-static-1.0.2k-21.el7_9.s390x.rpm

x86_64:
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm
openssl-perl-1.0.2k-21.el7_9.x86_64.rpm
openssl-static-1.0.2k-21.el7_9.i686.rpm
openssl-static-1.0.2k-21.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
openssl-1.0.2k-21.el7_9.src.rpm

x86_64:
openssl-1.0.2k-21.el7_9.x86_64.rpm
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm
openssl-devel-1.0.2k-21.el7_9.i686.rpm
openssl-devel-1.0.2k-21.el7_9.x86_64.rpm
openssl-libs-1.0.2k-21.el7_9.i686.rpm
openssl-libs-1.0.2k-21.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm
openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm
openssl-perl-1.0.2k-21.el7_9.x86_64.rpm
openssl-static-1.0.2k-21.el7_9.i686.rpm
openssl-static-1.0.2k-21.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX9nOg9zjgjWX9erEAQhvEA//ZUkN9uw2GQy/4aTFGa1sA8stVE0uVsTh
VxJxP7IzR37X19nMi4JMDDBdpOhIm2H0HVHVabD3IlU8Zofp49manAl73UAf5pv0
SQH05pUNNFc524Us37x5RBWSlF6+Q4R3uzaZUV7aw/a2lhrMpNrcXjCuJ4uZWF6v
yfFbRjr1uqiXDRJ3gO6TGRpdwYWqPSpUN49/wyzX5oXDHpuaSJG18V2uR6e2MvRM
ZGDkTM8wLm2VZ/EFMaDWNd47f2L0Dvscl4+AblRiBSkq+NJtun2GXxrslRhRMJqR
qBk2i1i4fbL9YZNve5uNXzo3OOruhndTbVycmxPpKFVEFrYFdd26rQv7lnXA+jwO
8wc3qiIc38nPpSw1pVMyD/pWm/FkcjdGzBZKKKDcpUy/nWsbMcBDMSSXtz8HTZeB
yycBocrKCp2XgkmN++pasGoYTS3DtYwFOWAiaAmDzutGO0dn0V8vN6vHSjhIszJd
eAY0Jyq4nFKr/u+vaREJfAUYWY8vDuBFJdy3zBTze+3vU3YhzFWNGe2IAV/1Kvuq
9JRSV7h2NezuYTMSVe+8O2pjPJSBKlDnvjP3ElDRSLZEPCFnko+4mMsQG5y3sHZG
cvmmbUjzL43huCaKYVaLLYA7TdXKy5bMnMOkJIxoSYmGB+4fdWQMu9grE8E4xmv5
hM3iICgHTq4=
=aX1d
- -----END PGP SIGNATURE-----

- --------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: openssl security update
Advisory ID:       RHSA-2020:5623-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:5623
Issue date:        2020-12-17
CVE Names:         CVE-2020-1971 
=====================================================================

1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 7.7
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.7) - ppc64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library.

Security Fix(es):

* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

1903409 - CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

6. Package List:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.7):

Source:
openssl-1.0.2k-20.el7_7.src.rpm

x86_64:
openssl-1.0.2k-20.el7_7.x86_64.rpm
openssl-debuginfo-1.0.2k-20.el7_7.i686.rpm
openssl-debuginfo-1.0.2k-20.el7_7.x86_64.rpm
openssl-libs-1.0.2k-20.el7_7.i686.rpm
openssl-libs-1.0.2k-20.el7_7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7):

x86_64:
openssl-debuginfo-1.0.2k-20.el7_7.i686.rpm
openssl-debuginfo-1.0.2k-20.el7_7.x86_64.rpm
openssl-devel-1.0.2k-20.el7_7.i686.rpm
openssl-devel-1.0.2k-20.el7_7.x86_64.rpm
openssl-perl-1.0.2k-20.el7_7.x86_64.rpm
openssl-static-1.0.2k-20.el7_7.i686.rpm
openssl-static-1.0.2k-20.el7_7.x86_64.rpm

Red Hat Enterprise Linux Server EUS (v. 7.7):

Source:
openssl-1.0.2k-20.el7_7.src.rpm

ppc64:
openssl-1.0.2k-20.el7_7.ppc64.rpm
openssl-debuginfo-1.0.2k-20.el7_7.ppc.rpm
openssl-debuginfo-1.0.2k-20.el7_7.ppc64.rpm
openssl-devel-1.0.2k-20.el7_7.ppc.rpm
openssl-devel-1.0.2k-20.el7_7.ppc64.rpm
openssl-libs-1.0.2k-20.el7_7.ppc.rpm
openssl-libs-1.0.2k-20.el7_7.ppc64.rpm

ppc64le:
openssl-1.0.2k-20.el7_7.ppc64le.rpm
openssl-debuginfo-1.0.2k-20.el7_7.ppc64le.rpm
openssl-devel-1.0.2k-20.el7_7.ppc64le.rpm
openssl-libs-1.0.2k-20.el7_7.ppc64le.rpm

s390x:
openssl-1.0.2k-20.el7_7.s390x.rpm
openssl-debuginfo-1.0.2k-20.el7_7.s390.rpm
openssl-debuginfo-1.0.2k-20.el7_7.s390x.rpm
openssl-devel-1.0.2k-20.el7_7.s390.rpm
openssl-devel-1.0.2k-20.el7_7.s390x.rpm
openssl-libs-1.0.2k-20.el7_7.s390.rpm
openssl-libs-1.0.2k-20.el7_7.s390x.rpm

x86_64:
openssl-1.0.2k-20.el7_7.x86_64.rpm
openssl-debuginfo-1.0.2k-20.el7_7.i686.rpm
openssl-debuginfo-1.0.2k-20.el7_7.x86_64.rpm
openssl-devel-1.0.2k-20.el7_7.i686.rpm
openssl-devel-1.0.2k-20.el7_7.x86_64.rpm
openssl-libs-1.0.2k-20.el7_7.i686.rpm
openssl-libs-1.0.2k-20.el7_7.x86_64.rpm

Red Hat Enterprise Linux Server Optional EUS (v. 7.7):

ppc64:
openssl-debuginfo-1.0.2k-20.el7_7.ppc.rpm
openssl-debuginfo-1.0.2k-20.el7_7.ppc64.rpm
openssl-perl-1.0.2k-20.el7_7.ppc64.rpm
openssl-static-1.0.2k-20.el7_7.ppc.rpm
openssl-static-1.0.2k-20.el7_7.ppc64.rpm

ppc64le:
openssl-debuginfo-1.0.2k-20.el7_7.ppc64le.rpm
openssl-perl-1.0.2k-20.el7_7.ppc64le.rpm
openssl-static-1.0.2k-20.el7_7.ppc64le.rpm

s390x:
openssl-debuginfo-1.0.2k-20.el7_7.s390.rpm
openssl-debuginfo-1.0.2k-20.el7_7.s390x.rpm
openssl-perl-1.0.2k-20.el7_7.s390x.rpm
openssl-static-1.0.2k-20.el7_7.s390.rpm
openssl-static-1.0.2k-20.el7_7.s390x.rpm

x86_64:
openssl-debuginfo-1.0.2k-20.el7_7.i686.rpm
openssl-debuginfo-1.0.2k-20.el7_7.x86_64.rpm
openssl-perl-1.0.2k-20.el7_7.x86_64.rpm
openssl-static-1.0.2k-20.el7_7.i686.rpm
openssl-static-1.0.2k-20.el7_7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX9uMhtzjgjWX9erEAQhz8Q//Wq3KXZn9RMx/m44JhL2ed9zHWWlIQ6Rw
R4qabRFb82b3iArrub6vttRkaDSfi52ky0MUpa98kIc21HWdklRtEumLr3AQkDAr
hLaVMMES5ayYGXAp9p1A8XVjgZdj/d09MXyYwUcaEdySmJUMC5q8HiU3Vt4VcJqV
njHuKv68sSoSPDHlQMc7iXqp+qPooIPjSfQ+m8CV6O0sgP6i8hjCspaFUiU8N//M
YBVVd5JHQ6cKGVM0pqtDHOa5vsL2mw2nDq+4MLfKDLeG7NfW9/KqqHsnLZFVnUyo
GL+d6d1mCNuE3uB6cr0iC43bByS0Yr7d3J+hNUAc2bNE3ICDcgPaWQ7KmGn2UlVR
uASC4TIb1Xdljg33FgiNfd7bxcU0SYNasqMbgtXi+g1ZWR4EmDVLfFLsM6d/7k3h
dR1yAQdUE4Z/AfE8JRe9laszd3BO6/G17Gj2fP7bKGxcV9Wv7MuTyAmh9xfIUdZk
ZTUMobAD+Xwq1zZpQxjtg8T6iVJDAmdllIX81KOU57XwR3Tt4EJqhusaSOrDNJDX
buS3mTvzm3jQQ94FhXwpQU2u2hZF4WrMcRV9pt1X1Ball82kyBI46m/9UQ8wq9bn
McWIzI1BAYn5cPtOStMhJL95S6pp5+oX/SWpxoyXlLrVV3nq6Rp6MxwXx8a65tyq
D9VI3IDTwsY=
=xLC2
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX9vuZ+NLKJtyKPYoAQh6GQ/+PPDQSslkz88cxtW7e6+iLDnfyAamM56+
WKDipw6oCx5c+LHu/5InMgiYXzQHukK6iAO8GGDRIipe0fjY/G5SeDjldu0hZ72V
kFEEJqVgTsOsuCBkna8BJpCHcVya/anMxFZiUqg8S3EhRJXEuxza7NgXXdtjDbwf
CqaotmGp/RwdTasOT8xKMOe2g1CQaKVmOXFgavAsMelVAixLKKMwmljRrn2HhU9b
vCpuJG7qzbMsh+ERqmeb+IOwNF06TdysKqYkut10GDcZoSoKixWkaGwRkIMq7Ufc
t9M0sG/zfA05yagkz8Kpr8FmKwxO5HQ7c8ds06ERxZPH+7mkv5H2xIMow8JDN/Ri
c+b/b8PKz0T7T/tJfUVT0cJizFh9FdCC2+lxJJdGHwBsUC8ohLpl7kkKlen1Z8kr
5GCPE0uTMBcDO+Jjzy6Eoj3O3XDOehDbKjnpcOtRZ/BVc0XzY12On5dF3OBc92PO
0dZyaYUePR6b2NlUTavc7VPv/hYkYg+Attfw3lanZU7aCXLsTfYrPkvUstOlXWmi
EmFaud7qACiL2iP1RFrjl2QmN2Zd+TXY6q406XfHKFJZrz3ShzdDDbAGvmhjVhn7
kCQm6RGa1+Ygi8197suwLucJf8bqvTCT5QG/YDqwC1DodSb9eTfNOm8CaIildR4e
OwlRS8bNrfI=
=kQ/I
-----END PGP SIGNATURE-----