Bug Fix Advisory openssl bug fix update

Advisory: RHBA-2017:0660-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2017-03-21
Last updated on: 2017-03-21
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)

Details

An update for openssl is now available for Red Hat Enterprise Linux 6.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library.

For detailed information on changes in this release, see the Red Hat Enterprise
Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked
from the References section.

Users of openssl are advised to upgrade to these updated packages.


Solution

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
openssl-1.0.1e-57.el6.src.rpm     MD5: 35881e55e4bec9bf2ea1b89b503f8991
SHA-256: 35cf930351629f3c86e8b21ccbf14b7aa8a22e0b72acf05792c7053d3419e405
 
IA-32:
openssl-1.0.1e-57.el6.i686.rpm     MD5: b2857b9aa205aeed2414bf4d369e51e7
SHA-256: 8c571cdfd4dbc77ef3fd2a3489e86a10362ce6b59eca288112ee4cb59aa8ebf3
openssl-debuginfo-1.0.1e-57.el6.i686.rpm     MD5: 91fc277cd3c2e372dc4254a9048dfe40
SHA-256: 745f1c6702b3d8ce737ea21aed4ebd27738c9224f75923352da6c4ad38eff59a
openssl-devel-1.0.1e-57.el6.i686.rpm     MD5: 3cb860f62f2391b126f2f1d3f18439ac
SHA-256: 232b7bcc7e0b2423772ab7159825e6bf5b69148895e5f935b4a3de4f6116a3dc
openssl-perl-1.0.1e-57.el6.i686.rpm     MD5: 7ecf77779c1ff6505859df64c94cbd32
SHA-256: b2578fe5396e7270edd4a893ce1a36cb83e497f0bc1b5b1a0eb5e14447ab0d57
openssl-static-1.0.1e-57.el6.i686.rpm     MD5: 6ba915008e03e7c9fcb3db4a5cf630d1
SHA-256: 792d42304f1f9a14e89d9e692fdb2fb82769cad76cf5388e2c001b3a482ccdfb
 
x86_64:
openssl-1.0.1e-57.el6.i686.rpm     MD5: b2857b9aa205aeed2414bf4d369e51e7
SHA-256: 8c571cdfd4dbc77ef3fd2a3489e86a10362ce6b59eca288112ee4cb59aa8ebf3
openssl-1.0.1e-57.el6.x86_64.rpm     MD5: 61079b86dcf25a51b4268d40eda4ee37
SHA-256: ae216504beb69929a84cf5c2a3b3fbc06ee59978fd7ac5f6a03731c3f39fa191
openssl-debuginfo-1.0.1e-57.el6.i686.rpm     MD5: 91fc277cd3c2e372dc4254a9048dfe40
SHA-256: 745f1c6702b3d8ce737ea21aed4ebd27738c9224f75923352da6c4ad38eff59a
openssl-debuginfo-1.0.1e-57.el6.x86_64.rpm     MD5: e75478ee712982221292e562470cd6ae
SHA-256: e0ca5d32969ba988e25d0ce17382571a55d5680a0bfb037a248d14c08c6be8a6
openssl-devel-1.0.1e-57.el6.i686.rpm     MD5: 3cb860f62f2391b126f2f1d3f18439ac
SHA-256: 232b7bcc7e0b2423772ab7159825e6bf5b69148895e5f935b4a3de4f6116a3dc
openssl-devel-1.0.1e-57.el6.x86_64.rpm     MD5: a94554fc6c7dd6b84163542b0b017192
SHA-256: 2490b980ecfbae724a016a3130b4b3e67751797d89103d30fecc7e2e79debe6e
openssl-perl-1.0.1e-57.el6.x86_64.rpm     MD5: b419c6ca67c4e8a37f558c33b17d3f29
SHA-256: 69882f1525deef90e088da026e63cc6267674cc921fa6ace3986415e7fdd4ed9
openssl-static-1.0.1e-57.el6.x86_64.rpm     MD5: 66ba25374b9f9dcefce1bf886d374eae
SHA-256: f5720439c7ab25dd5541bf761a0ca543df42c3cdedf14180ce4d8ac03b736c43
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
openssl-1.0.1e-57.el6.src.rpm     MD5: 35881e55e4bec9bf2ea1b89b503f8991
SHA-256: 35cf930351629f3c86e8b21ccbf14b7aa8a22e0b72acf05792c7053d3419e405
 
x86_64:
openssl-1.0.1e-57.el6.i686.rpm     MD5: b2857b9aa205aeed2414bf4d369e51e7
SHA-256: 8c571cdfd4dbc77ef3fd2a3489e86a10362ce6b59eca288112ee4cb59aa8ebf3
openssl-1.0.1e-57.el6.x86_64.rpm     MD5: 61079b86dcf25a51b4268d40eda4ee37
SHA-256: ae216504beb69929a84cf5c2a3b3fbc06ee59978fd7ac5f6a03731c3f39fa191
openssl-debuginfo-1.0.1e-57.el6.i686.rpm     MD5: 91fc277cd3c2e372dc4254a9048dfe40
SHA-256: 745f1c6702b3d8ce737ea21aed4ebd27738c9224f75923352da6c4ad38eff59a
openssl-debuginfo-1.0.1e-57.el6.x86_64.rpm     MD5: e75478ee712982221292e562470cd6ae
SHA-256: e0ca5d32969ba988e25d0ce17382571a55d5680a0bfb037a248d14c08c6be8a6
openssl-devel-1.0.1e-57.el6.i686.rpm     MD5: 3cb860f62f2391b126f2f1d3f18439ac
SHA-256: 232b7bcc7e0b2423772ab7159825e6bf5b69148895e5f935b4a3de4f6116a3dc
openssl-devel-1.0.1e-57.el6.x86_64.rpm     MD5: a94554fc6c7dd6b84163542b0b017192
SHA-256: 2490b980ecfbae724a016a3130b4b3e67751797d89103d30fecc7e2e79debe6e
openssl-perl-1.0.1e-57.el6.x86_64.rpm     MD5: b419c6ca67c4e8a37f558c33b17d3f29
SHA-256: 69882f1525deef90e088da026e63cc6267674cc921fa6ace3986415e7fdd4ed9
openssl-static-1.0.1e-57.el6.x86_64.rpm     MD5: 66ba25374b9f9dcefce1bf886d374eae
SHA-256: f5720439c7ab25dd5541bf761a0ca543df42c3cdedf14180ce4d8ac03b736c43
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
openssl-1.0.1e-57.el6.src.rpm     MD5: 35881e55e4bec9bf2ea1b89b503f8991
SHA-256: 35cf930351629f3c86e8b21ccbf14b7aa8a22e0b72acf05792c7053d3419e405
 
IA-32:
openssl-1.0.1e-57.el6.i686.rpm     MD5: b2857b9aa205aeed2414bf4d369e51e7
SHA-256: 8c571cdfd4dbc77ef3fd2a3489e86a10362ce6b59eca288112ee4cb59aa8ebf3
openssl-debuginfo-1.0.1e-57.el6.i686.rpm     MD5: 91fc277cd3c2e372dc4254a9048dfe40
SHA-256: 745f1c6702b3d8ce737ea21aed4ebd27738c9224f75923352da6c4ad38eff59a
openssl-devel-1.0.1e-57.el6.i686.rpm     MD5: 3cb860f62f2391b126f2f1d3f18439ac
SHA-256: 232b7bcc7e0b2423772ab7159825e6bf5b69148895e5f935b4a3de4f6116a3dc
openssl-perl-1.0.1e-57.el6.i686.rpm     MD5: 7ecf77779c1ff6505859df64c94cbd32
SHA-256: b2578fe5396e7270edd4a893ce1a36cb83e497f0bc1b5b1a0eb5e14447ab0d57
openssl-static-1.0.1e-57.el6.i686.rpm     MD5: 6ba915008e03e7c9fcb3db4a5cf630d1
SHA-256: 792d42304f1f9a14e89d9e692fdb2fb82769cad76cf5388e2c001b3a482ccdfb
 
PPC:
openssl-1.0.1e-57.el6.ppc.rpm     MD5: 491803131b84dcfbeedf342aefcb3e18
SHA-256: f4c96aec071edf48a4465beaee2419ce8f86b1f24e71d0aae7dd5f7722079a01
openssl-1.0.1e-57.el6.ppc64.rpm     MD5: 1163a1e2423a3225bc211f791c690b4e
SHA-256: 56d1cc5744848b3bab7c36adf76bda8107bc194360a78ceb68b73dec587301f9
openssl-debuginfo-1.0.1e-57.el6.ppc.rpm     MD5: 38d774161eb684a4c0efe1b90e9ede98
SHA-256: b9da7382094092aa03ec0535335f289bc6f27b8de3c6060f337bad817fc67e85
openssl-debuginfo-1.0.1e-57.el6.ppc64.rpm     MD5: 32b319196bc1f4c964ad7745aaa6f042
SHA-256: 7ad294be51a2f19703f3513d4d39ed16437035f4ab9ffb4aa64c0214f08a2440
openssl-devel-1.0.1e-57.el6.ppc.rpm     MD5: 0619a5d309c6480efc24406b46422476
SHA-256: 5406c48c201a42951d3625060ad5959a40b2dfe10debd7b8c9fb46c64d559f27
openssl-devel-1.0.1e-57.el6.ppc64.rpm     MD5: 238922a06cbf869c637af2458cadf285
SHA-256: f4c1bf0cae754603e65c890e8b6cb74f6574265977202fd22c44e9a851b732f3
openssl-perl-1.0.1e-57.el6.ppc64.rpm     MD5: 66e49a5e2712fa611bda951ae75c4efe
SHA-256: aa13a241f101160cfc30fc3dd4d466ccb1a7147ae38b721ef5034245b8529abf
openssl-static-1.0.1e-57.el6.ppc64.rpm     MD5: 5f54fe0b2e89f7ac742cc15f20329cb9
SHA-256: a231bda87590b857fb26560604faba6d8c256a82523e502fa198cf146d4503c8
 
s390x:
openssl-1.0.1e-57.el6.s390.rpm     MD5: 9cc7dc705d2861d5c95768ce0e2206e8
SHA-256: 74210adbb79210d92a140c60a0adc6b9851af4efafba8fac76e039143b617b8f
openssl-1.0.1e-57.el6.s390x.rpm     MD5: 4f9735920fa45a89390f24e7716f8282
SHA-256: 2de8612831e077e3acb32d8acccbe2e524243feb17fea156774de3b4a0a07e47
openssl-debuginfo-1.0.1e-57.el6.s390.rpm     MD5: 6ec4631347dbc1791d05fcbb60035f68
SHA-256: b9ed4d11b16aaac1d2e8061f5490d313accb4936b14d57972d49efc5b7cf5b0c
openssl-debuginfo-1.0.1e-57.el6.s390x.rpm     MD5: 80539bcd56d71ed3c13b66defe283f7f
SHA-256: 42cb59d3344e412f9d7031747d0d73d4d98f8057a510b2699fa62e7e8c34922b
openssl-devel-1.0.1e-57.el6.s390.rpm     MD5: e03c3107867bd0fcf2e608514e9cfbd7
SHA-256: da9147d2ba82633699e6141a14baf684fbd4c9e6bcb7da770b528519aaf379a3
openssl-devel-1.0.1e-57.el6.s390x.rpm     MD5: 0b820b91d9eac3afcd95a177e2828c78
SHA-256: 97d3a7c3bc6ad018a1597d701bf7717fa77918681565cbaa5e29f976db272729
openssl-perl-1.0.1e-57.el6.s390x.rpm     MD5: 09217242a1026809bebf666b98f33dbf
SHA-256: 0c9ad2f1ac7e96b964f5c31dcba2ac7fdd44a9224a8188959578ffb7c228c2dd
openssl-static-1.0.1e-57.el6.s390x.rpm     MD5: 0381b8dead57bc583c8929a8a5b0f540
SHA-256: 8fd82853e283b33007448ae3caaaf0c83e9c5a9cf8a13a0fbaf41c3a3b759cc7
 
x86_64:
openssl-1.0.1e-57.el6.i686.rpm     MD5: b2857b9aa205aeed2414bf4d369e51e7
SHA-256: 8c571cdfd4dbc77ef3fd2a3489e86a10362ce6b59eca288112ee4cb59aa8ebf3
openssl-1.0.1e-57.el6.x86_64.rpm     MD5: 61079b86dcf25a51b4268d40eda4ee37
SHA-256: ae216504beb69929a84cf5c2a3b3fbc06ee59978fd7ac5f6a03731c3f39fa191
openssl-debuginfo-1.0.1e-57.el6.i686.rpm     MD5: 91fc277cd3c2e372dc4254a9048dfe40
SHA-256: 745f1c6702b3d8ce737ea21aed4ebd27738c9224f75923352da6c4ad38eff59a
openssl-debuginfo-1.0.1e-57.el6.x86_64.rpm     MD5: e75478ee712982221292e562470cd6ae
SHA-256: e0ca5d32969ba988e25d0ce17382571a55d5680a0bfb037a248d14c08c6be8a6
openssl-devel-1.0.1e-57.el6.i686.rpm     MD5: 3cb860f62f2391b126f2f1d3f18439ac
SHA-256: 232b7bcc7e0b2423772ab7159825e6bf5b69148895e5f935b4a3de4f6116a3dc
openssl-devel-1.0.1e-57.el6.x86_64.rpm     MD5: a94554fc6c7dd6b84163542b0b017192
SHA-256: 2490b980ecfbae724a016a3130b4b3e67751797d89103d30fecc7e2e79debe6e
openssl-perl-1.0.1e-57.el6.x86_64.rpm     MD5: b419c6ca67c4e8a37f558c33b17d3f29
SHA-256: 69882f1525deef90e088da026e63cc6267674cc921fa6ace3986415e7fdd4ed9
openssl-static-1.0.1e-57.el6.x86_64.rpm     MD5: 66ba25374b9f9dcefce1bf886d374eae
SHA-256: f5720439c7ab25dd5541bf761a0ca543df42c3cdedf14180ce4d8ac03b736c43
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
openssl-1.0.1e-57.el6.src.rpm     MD5: 35881e55e4bec9bf2ea1b89b503f8991
SHA-256: 35cf930351629f3c86e8b21ccbf14b7aa8a22e0b72acf05792c7053d3419e405
 
IA-32:
openssl-1.0.1e-57.el6.i686.rpm     MD5: b2857b9aa205aeed2414bf4d369e51e7
SHA-256: 8c571cdfd4dbc77ef3fd2a3489e86a10362ce6b59eca288112ee4cb59aa8ebf3
openssl-debuginfo-1.0.1e-57.el6.i686.rpm     MD5: 91fc277cd3c2e372dc4254a9048dfe40
SHA-256: 745f1c6702b3d8ce737ea21aed4ebd27738c9224f75923352da6c4ad38eff59a
openssl-devel-1.0.1e-57.el6.i686.rpm     MD5: 3cb860f62f2391b126f2f1d3f18439ac
SHA-256: 232b7bcc7e0b2423772ab7159825e6bf5b69148895e5f935b4a3de4f6116a3dc
openssl-perl-1.0.1e-57.el6.i686.rpm     MD5: 7ecf77779c1ff6505859df64c94cbd32
SHA-256: b2578fe5396e7270edd4a893ce1a36cb83e497f0bc1b5b1a0eb5e14447ab0d57
openssl-static-1.0.1e-57.el6.i686.rpm     MD5: 6ba915008e03e7c9fcb3db4a5cf630d1
SHA-256: 792d42304f1f9a14e89d9e692fdb2fb82769cad76cf5388e2c001b3a482ccdfb
 
x86_64:
openssl-1.0.1e-57.el6.i686.rpm     MD5: b2857b9aa205aeed2414bf4d369e51e7
SHA-256: 8c571cdfd4dbc77ef3fd2a3489e86a10362ce6b59eca288112ee4cb59aa8ebf3
openssl-1.0.1e-57.el6.x86_64.rpm     MD5: 61079b86dcf25a51b4268d40eda4ee37
SHA-256: ae216504beb69929a84cf5c2a3b3fbc06ee59978fd7ac5f6a03731c3f39fa191
openssl-debuginfo-1.0.1e-57.el6.i686.rpm     MD5: 91fc277cd3c2e372dc4254a9048dfe40
SHA-256: 745f1c6702b3d8ce737ea21aed4ebd27738c9224f75923352da6c4ad38eff59a
openssl-debuginfo-1.0.1e-57.el6.x86_64.rpm     MD5: e75478ee712982221292e562470cd6ae
SHA-256: e0ca5d32969ba988e25d0ce17382571a55d5680a0bfb037a248d14c08c6be8a6
openssl-devel-1.0.1e-57.el6.i686.rpm     MD5: 3cb860f62f2391b126f2f1d3f18439ac
SHA-256: 232b7bcc7e0b2423772ab7159825e6bf5b69148895e5f935b4a3de4f6116a3dc
openssl-devel-1.0.1e-57.el6.x86_64.rpm     MD5: a94554fc6c7dd6b84163542b0b017192
SHA-256: 2490b980ecfbae724a016a3130b4b3e67751797d89103d30fecc7e2e79debe6e
openssl-perl-1.0.1e-57.el6.x86_64.rpm     MD5: b419c6ca67c4e8a37f558c33b17d3f29
SHA-256: 69882f1525deef90e088da026e63cc6267674cc921fa6ace3986415e7fdd4ed9
openssl-static-1.0.1e-57.el6.x86_64.rpm     MD5: 66ba25374b9f9dcefce1bf886d374eae
SHA-256: f5720439c7ab25dd5541bf761a0ca543df42c3cdedf14180ce4d8ac03b736c43
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1335097 - openssl contains time bomb
1335914 - Disable the MD5 as a signing algorithm in openssl library
1335921 - openssl: Disable TLS connections with less than 1024-bit DH parameters
1337461 - Disable/remove export ciphersuites in OpenSSL
1376741 - need backport of "use correct digest when exporting keying material." from upstream, RFC violation [rhel-6]
1386350 - OpenSSL incorrectly handles TLS_FALLBACK_SCSV if it is at the beginning of the cipher list in Client Hello [rhel-6]


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/