Red Hat Customer Portal

Skip to main content

Security Advisory Important: openssl security update

Advisory: RHSA-2014:0624-1
Type: Security Advisory
Severity: Important
Issued on: 2014-06-05
Last updated on: 2014-06-05
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2014-0224

Details

Updated openssl packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
Important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.

It was found that OpenSSL clients and servers could be forced, via a
specially crafted handshake packet, to use weak keying material for
communication. A man-in-the-middle attacker could use this flaw to decrypt
and modify traffic between a client and a server. (CVE-2014-0224)

Note: In order to exploit this flaw, both the server and the client must be
using a vulnerable version of OpenSSL; the server must be using OpenSSL
version 1.0.1 and above, and the client must be using any version of
OpenSSL. For more information about this flaw, refer to:
https://access.redhat.com/site/articles/904433

Red Hat would like to thank the OpenSSL project for reporting this issue.
Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter
of this issue.

All OpenSSL users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. For the update to take
effect, all services linked to the OpenSSL library (such as httpd and other
SSL-enabled services) must be restarted or the system rebooted.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
openssl-0.9.8e-27.el5_10.3.src.rpm
File outdated by:  RHSA-2016:0302
    MD5: 3272e3435050704fe38bccafd897bd48
SHA-256: 91a8b5889c3c534053fbad42bbda404b15258432639053e9192ca41eef12fead
 
IA-32:
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: 219511a848129df97c19c7a1776a4632
SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: e1c5d23a5af189405f1c73ffc222c02a
SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
 
x86_64:
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: 219511a848129df97c19c7a1776a4632
SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 7c7f6a1473e4f02134e186b9c5ff2d81
SHA-256: e0b53c1abc5bedfaca569291aa92017d9bdfe85fcbd3c0fa9b332e7fcd63ab6b
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: e1c5d23a5af189405f1c73ffc222c02a
SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
openssl-devel-0.9.8e-27.el5_10.3.x86_64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 7ed5f4c752493a1e230963eec7526807
SHA-256: 6f59ac1d818133b4a7d6da5c4a0a1e7bb0b6eec9048035668005427fa184c2f8
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
openssl-0.9.8e-27.el5_10.3.src.rpm
File outdated by:  RHSA-2016:0302
    MD5: 3272e3435050704fe38bccafd897bd48
SHA-256: 91a8b5889c3c534053fbad42bbda404b15258432639053e9192ca41eef12fead
 
IA-32:
openssl-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: 26fd9466593fbbf38e3704add559ecf7
SHA-256: 8cb59d50a7dbfa0653c9b7b7f84225432ba851840188d78a7a221878ecb35adb
openssl-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: f46a18ae1a1468142740db219af7852a
SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: 219511a848129df97c19c7a1776a4632
SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: 16ed56fcfa4300737234603d60035b10
SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: e1c5d23a5af189405f1c73ffc222c02a
SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
openssl-perl-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: de3260310d0ffc8ede2abd2d97720bf0
SHA-256: 9c4ff27857bbbfae01ccd46c9fb8048a3b1b8557ff6e1a3f7ac529b51f3f591a
 
IA-64:
openssl-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: f46a18ae1a1468142740db219af7852a
SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-0.9.8e-27.el5_10.3.ia64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 56a27f8a881a7e16aad744fd1d428e49
SHA-256: 57fbd1e9719798cfe2ed99b32342193393e675a975a2990e769ea3cd257ae866
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: 16ed56fcfa4300737234603d60035b10
SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-debuginfo-0.9.8e-27.el5_10.3.ia64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 7df1856d15b2d04af34935e9cb6f26c3
SHA-256: 642cf6fa44dcbbba7b3d9d7c082083e21439bb207b49b8eea9a5ec4eeb19d820
openssl-devel-0.9.8e-27.el5_10.3.ia64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 4fc776afbd08d9a8b07457c2ba4dbbb9
SHA-256: 20c968687cf356b7ed2db0c367acf7d68aa6505c717ee89ceb5574fe82a8956c
openssl-perl-0.9.8e-27.el5_10.3.ia64.rpm
File outdated by:  RHSA-2016:0302
    MD5: b3e43be72af146446817fdfea6c4f10c
SHA-256: e864e873cd014fbb92e99a684a3fe57685c688bef56cfe91adec1edeb110d1cd
 
PPC:
openssl-0.9.8e-27.el5_10.3.ppc.rpm
File outdated by:  RHSA-2016:0302
    MD5: 23b892eae21357f89559ec67eb8f7901
SHA-256: 6443e29bd010d48ee74c0a6651c8454e526f250cc76f8c257969b9e5d939a6a6
openssl-0.9.8e-27.el5_10.3.ppc64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 311dfd7a1946087eb305a079d582f5a8
SHA-256: 4f3ffcb84f146b51ca89b001360998f55bdb12886aed31a68c7ab6072dc57b2e
openssl-debuginfo-0.9.8e-27.el5_10.3.ppc.rpm
File outdated by:  RHSA-2016:0302
    MD5: addab05720318d9ee0e562b24718a27b
SHA-256: ec5a3f9b8f20064dd0cc6b24b3cec03fb47d1b3f5f295452e780208d88f2ba67
openssl-debuginfo-0.9.8e-27.el5_10.3.ppc64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 115b4d3b09e03e68b4be9268fa9dc3af
SHA-256: 9bbcf321c45bea3bb6f12523aa0f6075a96b3ac8c0a093bc7fb6927186cbaded
openssl-devel-0.9.8e-27.el5_10.3.ppc.rpm
File outdated by:  RHSA-2016:0302
    MD5: 3a6619532a84daab9a5519911afd0606
SHA-256: 0ad0d4b8e82e49d5e11803ae567758de7cdd04e9832541b6092a157b2a7eb2ee
openssl-devel-0.9.8e-27.el5_10.3.ppc64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 55c30b58f4fe5b003babb08b841933e7
SHA-256: 02b5fae0fb803e9837fa875eb4d3006b1835d1bdc6d03f43f79b8555d7c239db
openssl-perl-0.9.8e-27.el5_10.3.ppc.rpm
File outdated by:  RHSA-2016:0302
    MD5: 66f1f1e0ceac44caa33e81c5adc8eff2
SHA-256: 2c9219c456d97b1ea58e4a84dff15af3b251a03c95f3613e49a03b397ad48046
 
s390x:
openssl-0.9.8e-27.el5_10.3.s390.rpm
File outdated by:  RHSA-2016:0302
    MD5: 7038bebd12722c73f2c5764fc5e10f48
SHA-256: 772ab8eb8bb0dafb96f391a8fed72dff2462c44becc4009b3b9593c6c662e4c3
openssl-0.9.8e-27.el5_10.3.s390x.rpm
File outdated by:  RHSA-2016:0302
    MD5: 2cefb544e2a661b952aeecd811888991
SHA-256: 641df4f028c1facb02592bc26ebcad91c8d41007e7b6df738d1c9cd452f8d2b9
openssl-debuginfo-0.9.8e-27.el5_10.3.s390.rpm
File outdated by:  RHSA-2016:0302
    MD5: 1f67079f1033ae2e43a48299a1ea079c
SHA-256: ba651bb892251f790c1f6667f1c61d668b25c932e0f2c07ccb43a2255ffe01d0
openssl-debuginfo-0.9.8e-27.el5_10.3.s390x.rpm
File outdated by:  RHSA-2016:0302
    MD5: 8bf2e20552832efed8469f88d537fa3f
SHA-256: 64178f93589e28d35862f931e95841416c837b10fd0c3780e4b9947977c62468
openssl-devel-0.9.8e-27.el5_10.3.s390.rpm
File outdated by:  RHSA-2016:0302
    MD5: 095548c96eda1dca52534d73eaf680da
SHA-256: b8b7f9f6bbaee2d85394161011ac990cd6b97f8155597b79db3aff6cc0abbf22
openssl-devel-0.9.8e-27.el5_10.3.s390x.rpm
File outdated by:  RHSA-2016:0302
    MD5: c41c4ae442edc536203f7283dd3f7e25
SHA-256: 051c12dc43f2109b994ab0b1d05100e6a3055a01dd679e00abca5295208e5aeb
openssl-perl-0.9.8e-27.el5_10.3.s390x.rpm
File outdated by:  RHSA-2016:0302
    MD5: f86d7cd656c78321c02993847fa5c8c3
SHA-256: 08dbf8f26d4bc9fd378ff65197e7854111adff1090d42ecfa41c7d742f69da92
 
x86_64:
openssl-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: f46a18ae1a1468142740db219af7852a
SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-0.9.8e-27.el5_10.3.x86_64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 3f802f7f32bc24f1cc046be0abd2d489
SHA-256: 8e682abc76be09e396a2cb8419968dd0e2041179e8536cf39f3c4e010df2464a
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: 219511a848129df97c19c7a1776a4632
SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: 16ed56fcfa4300737234603d60035b10
SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 7c7f6a1473e4f02134e186b9c5ff2d81
SHA-256: e0b53c1abc5bedfaca569291aa92017d9bdfe85fcbd3c0fa9b332e7fcd63ab6b
openssl-devel-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: e1c5d23a5af189405f1c73ffc222c02a
SHA-256: e79b6c231dea63b74084b51b93292cc69e766a424f35b01cd749a1c22a1d89f8
openssl-devel-0.9.8e-27.el5_10.3.x86_64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 7ed5f4c752493a1e230963eec7526807
SHA-256: 6f59ac1d818133b4a7d6da5c4a0a1e7bb0b6eec9048035668005427fa184c2f8
openssl-perl-0.9.8e-27.el5_10.3.x86_64.rpm
File outdated by:  RHSA-2016:0302
    MD5: dbdfed5b35961c43189ce1b48c106d42
SHA-256: ff5baf013c47a8d26fae9855aa48507b284aa583fdcf640d4975531775424c42
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
openssl-0.9.8e-27.el5_10.3.src.rpm
File outdated by:  RHSA-2016:0302
    MD5: 3272e3435050704fe38bccafd897bd48
SHA-256: 91a8b5889c3c534053fbad42bbda404b15258432639053e9192ca41eef12fead
 
IA-32:
openssl-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: 26fd9466593fbbf38e3704add559ecf7
SHA-256: 8cb59d50a7dbfa0653c9b7b7f84225432ba851840188d78a7a221878ecb35adb
openssl-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: f46a18ae1a1468142740db219af7852a
SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: 219511a848129df97c19c7a1776a4632
SHA-256: 5557c93466eb664f5df30786672c4ea2fa58049f9b75a5b5f385b804037fd5b2
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: 16ed56fcfa4300737234603d60035b10
SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-perl-0.9.8e-27.el5_10.3.i386.rpm
File outdated by:  RHSA-2016:0302
    MD5: de3260310d0ffc8ede2abd2d97720bf0
SHA-256: 9c4ff27857bbbfae01ccd46c9fb8048a3b1b8557ff6e1a3f7ac529b51f3f591a
 
x86_64:
openssl-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: f46a18ae1a1468142740db219af7852a
SHA-256: aa41f7231300018d1dc20177cdf24972d2538702bc4a507dcbd8d39c4ff01473
openssl-0.9.8e-27.el5_10.3.x86_64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 3f802f7f32bc24f1cc046be0abd2d489
SHA-256: 8e682abc76be09e396a2cb8419968dd0e2041179e8536cf39f3c4e010df2464a
openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm
File outdated by:  RHSA-2016:0302
    MD5: 16ed56fcfa4300737234603d60035b10
SHA-256: b5a59aab694219f927264379ada64e0d77358e5605f28284aad757c6a756bb3d
openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm
File outdated by:  RHSA-2016:0302
    MD5: 7c7f6a1473e4f02134e186b9c5ff2d81
SHA-256: e0b53c1abc5bedfaca569291aa92017d9bdfe85fcbd3c0fa9b332e7fcd63ab6b
openssl-perl-0.9.8e-27.el5_10.3.x86_64.rpm
File outdated by:  RHSA-2016:0302
    MD5: dbdfed5b35961c43189ce1b48c106d42
SHA-256: ff5baf013c47a8d26fae9855aa48507b284aa583fdcf640d4975531775424c42
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/