Skip to navigation

Security Advisory Moderate: openssl security update

Advisory: RHSA-2012:0059-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-01-24
Last updated on: 2012-01-24
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.2)
Red Hat Enterprise Linux Server EUS (v. 6.2.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-4108
CVE-2011-4576
CVE-2011-4577
CVE-2011-4619

Details

Updated openssl packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.

It was discovered that the Datagram Transport Layer Security (DTLS)
protocol implementation in OpenSSL leaked timing information when
performing certain operations. A remote attacker could possibly use this
flaw to retrieve plain text from the encrypted packets by using a DTLS
server as a padding oracle. (CVE-2011-4108)

An information leak flaw was found in the SSL 3.0 protocol implementation
in OpenSSL. Incorrect initialization of SSL record padding bytes could
cause an SSL client or server to send a limited amount of possibly
sensitive data to its SSL peer via the encrypted connection.
(CVE-2011-4576)

A denial of service flaw was found in the RFC 3779 implementation in
OpenSSL. A remote attacker could use this flaw to make an application using
OpenSSL exit unexpectedly by providing a specially-crafted X.509
certificate that has malformed RFC 3779 extension data. (CVE-2011-4577)

It was discovered that OpenSSL did not limit the number of TLS/SSL
handshake restarts required to support Server Gated Cryptography. A remote
attacker could use this flaw to make a TLS/SSL server using OpenSSL consume
an excessive amount of CPU by continuously restarting the handshake.
(CVE-2011-4619)

All OpenSSL users should upgrade to these updated packages, which contain
backported patches to resolve these issues. For the update to take effect,
all services linked to the OpenSSL library must be restarted, or the system
rebooted.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
openssl-1.0.0-20.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0376
    MD5: 92771998a9b398227caf4863f3b30fe5
SHA-256: c4bba9bace4e2bf31013a671a5580ff7a63401e78e86b6de5ff3512ba1fc9215
 
IA-32:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-perl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e80ac37fc643718834ada626930bd03a
SHA-256: afd9d6f9ca38944acd390b6352fabd52883ed84f165121e5940918def6b09cba
openssl-static-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: 43e4743f384d46e074b2add97dfbd9be
SHA-256: 1f737cc9ae3a7d4e61f8eb98139efe48bf292c12d238b7581c67eb385879a63d
 
x86_64:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: de23d43c9014ff78f426b87fab9ddc38
SHA-256: d1d8253bb918629459529f653fbb6c0f1de52dc03e52455c5433c4c2db04784f
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 46da892d75b3584c6eb3955597074b93
SHA-256: d91ae0a82af855d0a19562f41531b49ffdf812103692e8a24cdb20481711e8e5
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 384acf02aace85d1e4a310f74195a743
SHA-256: 5e6a2c0f070dbfc97aa44af848a29fbc5fd79bedb480168a95c51d15c15e9d9e
openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 387df8c3cdf4508b76beb29aad8938d4
SHA-256: 666c64534766cc4a3b2383488fbf89f32219c3745790a1f7af6248f307ca8441
openssl-static-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 72de6c005c0479b23bf574fe1a43f0ec
SHA-256: 2105b9a69a12d8fccc12589475c1d670c242fca06d6a37939404caa9f31eeced
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
openssl-1.0.0-20.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0376
    MD5: 92771998a9b398227caf4863f3b30fe5
SHA-256: c4bba9bace4e2bf31013a671a5580ff7a63401e78e86b6de5ff3512ba1fc9215
 
x86_64:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: de23d43c9014ff78f426b87fab9ddc38
SHA-256: d1d8253bb918629459529f653fbb6c0f1de52dc03e52455c5433c4c2db04784f
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 46da892d75b3584c6eb3955597074b93
SHA-256: d91ae0a82af855d0a19562f41531b49ffdf812103692e8a24cdb20481711e8e5
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 384acf02aace85d1e4a310f74195a743
SHA-256: 5e6a2c0f070dbfc97aa44af848a29fbc5fd79bedb480168a95c51d15c15e9d9e
openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 387df8c3cdf4508b76beb29aad8938d4
SHA-256: 666c64534766cc4a3b2383488fbf89f32219c3745790a1f7af6248f307ca8441
openssl-static-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 72de6c005c0479b23bf574fe1a43f0ec
SHA-256: 2105b9a69a12d8fccc12589475c1d670c242fca06d6a37939404caa9f31eeced
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
openssl-1.0.0-20.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0376
    MD5: 92771998a9b398227caf4863f3b30fe5
SHA-256: c4bba9bace4e2bf31013a671a5580ff7a63401e78e86b6de5ff3512ba1fc9215
 
IA-32:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-perl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e80ac37fc643718834ada626930bd03a
SHA-256: afd9d6f9ca38944acd390b6352fabd52883ed84f165121e5940918def6b09cba
openssl-static-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: 43e4743f384d46e074b2add97dfbd9be
SHA-256: 1f737cc9ae3a7d4e61f8eb98139efe48bf292c12d238b7581c67eb385879a63d
 
PPC:
openssl-1.0.0-20.el6_2.1.ppc.rpm
File outdated by:  RHSA-2014:0376
    MD5: fb29bfe7f5243d4e04a8909901beb00f
SHA-256: c492cf6d8181f11df679ba756ac02206b95dfeb61fd999f5b2863b9db45187cc
openssl-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0376
    MD5: fb02ef47a8e2a1a35ef9203889ce4b6b
SHA-256: c2f0c685abb0c6765f8237de5792df62ca9ee9624f4bfd8cd74b7edd5fa577c4
openssl-debuginfo-1.0.0-20.el6_2.1.ppc.rpm
File outdated by:  RHSA-2014:0376
    MD5: 82fed26b6ca8aff38d4dbd8f3c9f8168
SHA-256: 04e5cb8a8e14ca235bd1f442e54193009b96333723b2187e950db0f46182a8d8
openssl-debuginfo-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 035c544d6826907c0d7cfc28ecd58110
SHA-256: 481f2874a9a0fbf6270321dc2baa429e20b96eaf8cc304515ca042ef30fae71b
openssl-devel-1.0.0-20.el6_2.1.ppc.rpm
File outdated by:  RHSA-2014:0376
    MD5: d15502eadbf3832568a263083c0e102b
SHA-256: 921effa639532295aa01ff961dd9813c45fc87989381a8a33f786d52a22aacb1
openssl-devel-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0376
    MD5: ad232deeadf3273b837987e3e52a99fc
SHA-256: 02fa2ab136408d372c28d581e26ad0e69069e2de3729a653265200de49a21174
openssl-perl-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 1a297141575d55b7fa4a3503df574892
SHA-256: 36cda56b946e104992ec6b79ce4551959865aab35ed804fa70e3779d6d7eabe5
openssl-static-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0376
    MD5: be121e20d9ed44c2547732b08c64462c
SHA-256: 61af61664052cf85fede16adf3fb9ab4f548faa93b404fb889a98c77315bfae3
 
s390x:
openssl-1.0.0-20.el6_2.1.s390.rpm
File outdated by:  RHSA-2014:0376
    MD5: 429ed37f1307ebe1bb9fe83583cedf97
SHA-256: 5bf972dd7cb42339371249cb549326612f559024814ed497c1ac7e2206df6371
openssl-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0376
    MD5: a479f37a13b4a21b28e159c1b994b69a
SHA-256: 531e0f0729d3d5f350e37156bfbf5bff0995f4eb5509b392893ce5cc86c87f37
openssl-debuginfo-1.0.0-20.el6_2.1.s390.rpm
File outdated by:  RHSA-2014:0376
    MD5: f14012fcd461fcb2314f6e6e9cf211e0
SHA-256: dc8b70f616c45224fc5f298a9e9195ac453830220484d444ef2b7cb2166dc469
openssl-debuginfo-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0376
    MD5: a56763204e1344fa5206787d2d8ba2a6
SHA-256: efb5c82f5d84f650004edb1e3eb08bf00253398e5399b8cf156d0ff03f55bc6a
openssl-devel-1.0.0-20.el6_2.1.s390.rpm
File outdated by:  RHSA-2014:0376
    MD5: f9c227b5f63903e560f2c3765c89f959
SHA-256: cc453bf0fb5daa1d81d7b22537188c9638f08d60c25a02468601067e69507cc2
openssl-devel-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0376
    MD5: a7387a4c6b09a0deef543a7219c35004
SHA-256: b9c230a642e1fd40737030a5241cb7aff23bc487c0deac76012b558d5452e088
openssl-perl-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0376
    MD5: 6036cf51db9fb7d709e7ff24535e9be3
SHA-256: 7d4bca70fa4f46634cd38c57bafdb06508191ae0a1f7fd718b14354826707f8e
openssl-static-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0376
    MD5: 009ec0b0d38709e131d3147fb7c2c364
SHA-256: 6e45bb12063caa5e4a3dbf93febf37a77bbf479049f42ab6f2a88eabe30c94bd
 
x86_64:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: de23d43c9014ff78f426b87fab9ddc38
SHA-256: d1d8253bb918629459529f653fbb6c0f1de52dc03e52455c5433c4c2db04784f
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 46da892d75b3584c6eb3955597074b93
SHA-256: d91ae0a82af855d0a19562f41531b49ffdf812103692e8a24cdb20481711e8e5
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 384acf02aace85d1e4a310f74195a743
SHA-256: 5e6a2c0f070dbfc97aa44af848a29fbc5fd79bedb480168a95c51d15c15e9d9e
openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 387df8c3cdf4508b76beb29aad8938d4
SHA-256: 666c64534766cc4a3b2383488fbf89f32219c3745790a1f7af6248f307ca8441
openssl-static-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 72de6c005c0479b23bf574fe1a43f0ec
SHA-256: 2105b9a69a12d8fccc12589475c1d670c242fca06d6a37939404caa9f31eeced
 
Red Hat Enterprise Linux Server AUS (v. 6.2)

SRPMS:
openssl-1.0.0-20.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0376
    MD5: 92771998a9b398227caf4863f3b30fe5
SHA-256: c4bba9bace4e2bf31013a671a5580ff7a63401e78e86b6de5ff3512ba1fc9215
 
x86_64:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: de23d43c9014ff78f426b87fab9ddc38
SHA-256: d1d8253bb918629459529f653fbb6c0f1de52dc03e52455c5433c4c2db04784f
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 46da892d75b3584c6eb3955597074b93
SHA-256: d91ae0a82af855d0a19562f41531b49ffdf812103692e8a24cdb20481711e8e5
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 384acf02aace85d1e4a310f74195a743
SHA-256: 5e6a2c0f070dbfc97aa44af848a29fbc5fd79bedb480168a95c51d15c15e9d9e
openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 387df8c3cdf4508b76beb29aad8938d4
SHA-256: 666c64534766cc4a3b2383488fbf89f32219c3745790a1f7af6248f307ca8441
openssl-static-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 72de6c005c0479b23bf574fe1a43f0ec
SHA-256: 2105b9a69a12d8fccc12589475c1d670c242fca06d6a37939404caa9f31eeced
 
Red Hat Enterprise Linux Server EUS (v. 6.2.z)

SRPMS:
openssl-1.0.0-20.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0376
    MD5: 92771998a9b398227caf4863f3b30fe5
SHA-256: c4bba9bace4e2bf31013a671a5580ff7a63401e78e86b6de5ff3512ba1fc9215
 
IA-32:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-perl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: e80ac37fc643718834ada626930bd03a
SHA-256: afd9d6f9ca38944acd390b6352fabd52883ed84f165121e5940918def6b09cba
openssl-static-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: 43e4743f384d46e074b2add97dfbd9be
SHA-256: 1f737cc9ae3a7d4e61f8eb98139efe48bf292c12d238b7581c67eb385879a63d
 
PPC:
openssl-1.0.0-20.el6_2.1.ppc.rpm
File outdated by:  RHSA-2012:0699
    MD5: fb29bfe7f5243d4e04a8909901beb00f
SHA-256: c492cf6d8181f11df679ba756ac02206b95dfeb61fd999f5b2863b9db45187cc
openssl-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2012:0699
    MD5: fb02ef47a8e2a1a35ef9203889ce4b6b
SHA-256: c2f0c685abb0c6765f8237de5792df62ca9ee9624f4bfd8cd74b7edd5fa577c4
openssl-debuginfo-1.0.0-20.el6_2.1.ppc.rpm
File outdated by:  RHSA-2012:0699
    MD5: 82fed26b6ca8aff38d4dbd8f3c9f8168
SHA-256: 04e5cb8a8e14ca235bd1f442e54193009b96333723b2187e950db0f46182a8d8
openssl-debuginfo-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 035c544d6826907c0d7cfc28ecd58110
SHA-256: 481f2874a9a0fbf6270321dc2baa429e20b96eaf8cc304515ca042ef30fae71b
openssl-devel-1.0.0-20.el6_2.1.ppc.rpm
File outdated by:  RHSA-2012:0699
    MD5: d15502eadbf3832568a263083c0e102b
SHA-256: 921effa639532295aa01ff961dd9813c45fc87989381a8a33f786d52a22aacb1
openssl-devel-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2012:0699
    MD5: ad232deeadf3273b837987e3e52a99fc
SHA-256: 02fa2ab136408d372c28d581e26ad0e69069e2de3729a653265200de49a21174
openssl-perl-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 1a297141575d55b7fa4a3503df574892
SHA-256: 36cda56b946e104992ec6b79ce4551959865aab35ed804fa70e3779d6d7eabe5
openssl-static-1.0.0-20.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2012:0699
    MD5: be121e20d9ed44c2547732b08c64462c
SHA-256: 61af61664052cf85fede16adf3fb9ab4f548faa93b404fb889a98c77315bfae3
 
s390x:
openssl-1.0.0-20.el6_2.1.s390.rpm
File outdated by:  RHSA-2012:0699
    MD5: 429ed37f1307ebe1bb9fe83583cedf97
SHA-256: 5bf972dd7cb42339371249cb549326612f559024814ed497c1ac7e2206df6371
openssl-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2012:0699
    MD5: a479f37a13b4a21b28e159c1b994b69a
SHA-256: 531e0f0729d3d5f350e37156bfbf5bff0995f4eb5509b392893ce5cc86c87f37
openssl-debuginfo-1.0.0-20.el6_2.1.s390.rpm
File outdated by:  RHSA-2012:0699
    MD5: f14012fcd461fcb2314f6e6e9cf211e0
SHA-256: dc8b70f616c45224fc5f298a9e9195ac453830220484d444ef2b7cb2166dc469
openssl-debuginfo-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2012:0699
    MD5: a56763204e1344fa5206787d2d8ba2a6
SHA-256: efb5c82f5d84f650004edb1e3eb08bf00253398e5399b8cf156d0ff03f55bc6a
openssl-devel-1.0.0-20.el6_2.1.s390.rpm
File outdated by:  RHSA-2012:0699
    MD5: f9c227b5f63903e560f2c3765c89f959
SHA-256: cc453bf0fb5daa1d81d7b22537188c9638f08d60c25a02468601067e69507cc2
openssl-devel-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2012:0699
    MD5: a7387a4c6b09a0deef543a7219c35004
SHA-256: b9c230a642e1fd40737030a5241cb7aff23bc487c0deac76012b558d5452e088
openssl-perl-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2012:0699
    MD5: 6036cf51db9fb7d709e7ff24535e9be3
SHA-256: 7d4bca70fa4f46634cd38c57bafdb06508191ae0a1f7fd718b14354826707f8e
openssl-static-1.0.0-20.el6_2.1.s390x.rpm
File outdated by:  RHSA-2012:0699
    MD5: 009ec0b0d38709e131d3147fb7c2c364
SHA-256: 6e45bb12063caa5e4a3dbf93febf37a77bbf479049f42ab6f2a88eabe30c94bd
 
x86_64:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: de23d43c9014ff78f426b87fab9ddc38
SHA-256: d1d8253bb918629459529f653fbb6c0f1de52dc03e52455c5433c4c2db04784f
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 46da892d75b3584c6eb3955597074b93
SHA-256: d91ae0a82af855d0a19562f41531b49ffdf812103692e8a24cdb20481711e8e5
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2012:0699
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 384acf02aace85d1e4a310f74195a743
SHA-256: 5e6a2c0f070dbfc97aa44af848a29fbc5fd79bedb480168a95c51d15c15e9d9e
openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 387df8c3cdf4508b76beb29aad8938d4
SHA-256: 666c64534766cc4a3b2383488fbf89f32219c3745790a1f7af6248f307ca8441
openssl-static-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2012:0699
    MD5: 72de6c005c0479b23bf574fe1a43f0ec
SHA-256: 2105b9a69a12d8fccc12589475c1d670c242fca06d6a37939404caa9f31eeced
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
openssl-1.0.0-20.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0376
    MD5: 92771998a9b398227caf4863f3b30fe5
SHA-256: c4bba9bace4e2bf31013a671a5580ff7a63401e78e86b6de5ff3512ba1fc9215
 
IA-32:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-perl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e80ac37fc643718834ada626930bd03a
SHA-256: afd9d6f9ca38944acd390b6352fabd52883ed84f165121e5940918def6b09cba
openssl-static-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: 43e4743f384d46e074b2add97dfbd9be
SHA-256: 1f737cc9ae3a7d4e61f8eb98139efe48bf292c12d238b7581c67eb385879a63d
 
x86_64:
openssl-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: be93923ce49120994040472df25cf88c
SHA-256: 8d38276d241fd471fcdc4953f5465bed6506729ab222508bb44e41e2ac3c340b
openssl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: de23d43c9014ff78f426b87fab9ddc38
SHA-256: d1d8253bb918629459529f653fbb6c0f1de52dc03e52455c5433c4c2db04784f
openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: e932286b4b00a3676303a4095e253f7a
SHA-256: d822c4e0f49b216861f70e04729e31eaea90b677111a845acf6ecdfaf27cc715
openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 46da892d75b3584c6eb3955597074b93
SHA-256: d91ae0a82af855d0a19562f41531b49ffdf812103692e8a24cdb20481711e8e5
openssl-devel-1.0.0-20.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0376
    MD5: fecbe05c6bbd3ab4a3c83292fdfe792e
SHA-256: 4fbf1a9e585597d301ff839964fd1812f68b32b08fd41332eb130760ec4231f1
openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 384acf02aace85d1e4a310f74195a743
SHA-256: 5e6a2c0f070dbfc97aa44af848a29fbc5fd79bedb480168a95c51d15c15e9d9e
openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 387df8c3cdf4508b76beb29aad8938d4
SHA-256: 666c64534766cc4a3b2383488fbf89f32219c3745790a1f7af6248f307ca8441
openssl-static-1.0.0-20.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0376
    MD5: 72de6c005c0479b23bf574fe1a43f0ec
SHA-256: 2105b9a69a12d8fccc12589475c1d670c242fca06d6a37939404caa9f31eeced
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

771770 - CVE-2011-4108 openssl: DTLS plaintext recovery attack
771775 - CVE-2011-4576 openssl: uninitialized SSL 3.0 padding
771778 - CVE-2011-4577 openssl: malformed RFC 3779 data can cause assertion failures
771780 - CVE-2011-4619 openssl: SGC restart DoS attack


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/