CLSA-2023:1698949525

[CLSA-2023:1698949525] openssl: Fix of CVE-2021-3711

Type:

security

Severity:

Critical

Release date:

2023-11-02

Description:

- CVE-2021-3711: Fix an incorrect buffer size calculation leads to an overflow
- Check the plaintext buffer is large enough when decrypting SM2
- Add extended tests for SM2

Updated packages:

openssl-1.1.1g-15.el8.4.tuxcare.els10.x86_64.rpm
sha:758b1fc8651285533f72fd217f0946dc91bd84a1
openssl-devel-1.1.1g-15.el8.4.tuxcare.els10.i686.rpm
sha:8739363ed4521d16bbc3315dde9841a1d2f582e4
openssl-devel-1.1.1g-15.el8.4.tuxcare.els10.x86_64.rpm
sha:ecb940788b73759264acdd7a11d52a325b65a73e
openssl-libs-1.1.1g-15.el8.4.tuxcare.els10.i686.rpm
sha:05ff71d2b3e5c986012b49da8dae788eb31f84ac
openssl-libs-1.1.1g-15.el8.4.tuxcare.els10.x86_64.rpm
sha:d86d571cd80d6cc554c92f555aff1bbc7dfc8d2c
openssl-perl-1.1.1g-15.el8.4.tuxcare.els10.x86_64.rpm
sha:ea565ec182b6ce6f34915dc5cdd19707f173b17c
openssl-static-1.1.1g-15.el8.4.tuxcare.els10.x86_64.rpm
sha:a386b49257688ae83cf36419de59f7989e39b0c4

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.