LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis: Moderate: openssl security and bug fix update
Advisory ID:       SLSA-2019:2304-1
Issue Date:        2019-08-06
CVE Numbers:       CVE-2019-1559
                   CVE-2018-0734
--

Security Fix(es):

* openssl: 0-byte record padding oracle (CVE-2019-1559)

* openssl: timing side channel attack in the DSA signature algorithm
(CVE-2018-0734)
--

SL7
  x86_64
    openssl-1.0.2k-19.el7.x86_64.rpm
    openssl-libs-1.0.2k-19.el7.i686.rpm
    openssl-devel-1.0.2k-19.el7.x86_64.rpm
    openssl-libs-1.0.2k-19.el7.x86_64.rpm
    openssl-devel-1.0.2k-19.el7.i686.rpm
    openssl-static-1.0.2k-19.el7.i686.rpm
    openssl-perl-1.0.2k-19.el7.x86_64.rpm
    openssl-static-1.0.2k-19.el7.x86_64.rpm
    openssl-debuginfo-1.0.2k-19.el7.i686.rpm
    openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm

- Scientific Linux Development Team