[El-errata] ELSA-2025-1330 Important: Oracle Linux 9 openssl security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Feb 13 14:42:52 UTC 2025
Oracle Linux Security Advisory ELSA-2025-1330
http://linux.oracle.com/errata/ELSA-2025-1330.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
openssl-3.2.2-6.0.1.el9_5.1.x86_64.rpm
openssl-devel-3.2.2-6.0.1.el9_5.1.i686.rpm
openssl-devel-3.2.2-6.0.1.el9_5.1.x86_64.rpm
openssl-libs-3.2.2-6.0.1.el9_5.1.i686.rpm
openssl-libs-3.2.2-6.0.1.el9_5.1.x86_64.rpm
openssl-perl-3.2.2-6.0.1.el9_5.1.x86_64.rpm
aarch64:
openssl-3.2.2-6.0.1.el9_5.1.aarch64.rpm
openssl-devel-3.2.2-6.0.1.el9_5.1.aarch64.rpm
openssl-libs-3.2.2-6.0.1.el9_5.1.aarch64.rpm
openssl-perl-3.2.2-6.0.1.el9_5.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//openssl-3.2.2-6.0.1.el9_5.1.src.rpm
Related CVEs:
CVE-2024-12797
Description of changes:
[3.2.2-6.0.1.1]
- Enable openssl-fips-provider dependency [Orabug: 36504822]
- Temporary disable openssl-fips-provider dependency [Orabug: 36504822]
- Replace upstream references [Orabug: 34340177]
[1:3.2.2-6.1]
- RFC7250 handshakes with unauthenticated servers don't abort as expected (CVE-2024-12797)
Resolves: RHEL-76755
More information about the El-errata
mailing list