Lucene search
AlmaLinuxALSA-2020:5476HistoryDec 15, 2020 - 3:55 p.m.
Important: openssl security and bug fix update
2020-12-1515:55:57
errata.almalinux.org
19
0.004 Low
EPSS
Percentile
74.4%
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
- openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
Reject certificates with explicit EC parameters in strict mode (BZ#1891541)
-
Add FIPS selftest for HKDF, SSKDF, SSHKDF, and TLS12PRF; add DH_compute_key KAT to DH selftest (BZ#1891542)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 8 | x86_64 | openssl | < 1.1.1g-12.el8_3 | openssl-1.1.1g-12.el8_3.x86_64.rpm |
| almalinux | 8 | i686 | openssl-devel | < 1.1.1g-12.el8_3 | openssl-devel-1.1.1g-12.el8_3.i686.rpm |
| almalinux | 8 | x86_64 | openssl-devel | < 1.1.1g-12.el8_3 | openssl-devel-1.1.1g-12.el8_3.x86_64.rpm |
| almalinux | 8 | i686 | openssl-libs | < 1.1.1g-12.el8_3 | openssl-libs-1.1.1g-12.el8_3.i686.rpm |
| almalinux | 8 | x86_64 | openssl-libs | < 1.1.1g-12.el8_3 | openssl-libs-1.1.1g-12.el8_3.x86_64.rpm |
| almalinux | 8 | x86_64 | openssl-perl | < 1.1.1g-12.el8_3 | openssl-perl-1.1.1g-12.el8_3.x86_64.rpm |
References
Related
suse
suse
Security update for openssl-1_0_0 (important)
2020-12-17 00:00:00
Security update for openssl-1_0_0 (important)
2020-12-12 00:00:00
Security update for openssl-1_1 (important)
2020-12-10 00:00:00
f5
f5
K42910051 : OpenSSL vulnerability CVE-2020-1971
2021-01-14 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-20:33.openssl
2020-12-08 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2021-1637)
2021-03-12 00:00:00
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2021-1104)
2021-01-19 00:00:00
Debian: Security Advisory (DLA-2492-1)
2020-12-14 00:00:00
nessus
nessus
GLSA-202012-13 : OpenSSL: Denial of service
2020-12-24 00:00:00
RHEL 7 : openssl (RHSA-2020:5640)
2020-12-21 00:00:00
RHEL 7 : openssl (RHSA-2020:5623)
2020-12-18 00:00:00
nvd
nvd
CVE-2020-1971
2020-12-08 16:15:11
osv
osv
openssl - security update
2020-12-08 00:00:00
BIT-node-2020-1971
2024-03-06 11:08:41
openssl - security update
2020-12-14 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in OpenSSL affects Power Hardware Management Console (CVE-2020-1971).
2021-09-23 01:45:02
Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.
2021-03-14 20:09:51
Security Bulletin: z/TPF is affected by an OpenSSL vulnerability
2020-12-17 17:49:02
debiancve
debiancve
CVE-2020-1971
2020-12-08 16:15:11
redhat
redhat
cbl_mariner
cbl_mariner
CVE-2020-1971 affecting package mysql 8.0.22-2
2021-08-25 19:57:27
archlinux
archlinux
[ASA-202012-24] openssl: denial of service
2020-12-16 00:00:00
gentoo
gentoo
OpenSSL: Denial of service
2020-12-23 00:00:00
debian
debian
[SECURITY] [DSA 4807-1] openssl security update
2020-12-08 15:25:11
[SECURITY] [DSA 4807-1] openssl security update
2020-12-08 15:25:11
[SECURITY] [DLA 2493-1] openssl1.0 security update
2020-12-14 09:04:19
freebsd
freebsd
OpenSSL -- NULL pointer de-reference
2020-12-08 00:00:00
cloudlinux
cloudlinux
Fix CVE: CVE-2020-1971
2020-12-09 11:10:00
redhatcve
redhatcve
CVE-2020-1971
2020-12-08 16:10:44
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1i-alt1
2020-12-09 00:00:00
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1i-alt1
2020-12-08 00:00:00
prion
prion
Null pointer dereference
2020-12-08 16:15:00
fedora
fedora
[SECURITY] Fedora 32 Update: openssl-1.1.1i-1.fc32
2020-12-21 01:36:23
[SECURITY] Fedora 33 Update: openssl-1.1.1i-1.fc33
2020-12-16 01:43:55
veracode
veracode
Denial Of Service (DoS)
2020-12-09 10:07:39
cve
cve
CVE-2020-1971
2020-12-08 16:15:11
cvelist
cvelist
CVE-2020-1971 EDIPARTYNAME NULL pointer dereference
2020-12-08 00:00:00
alpinelinux
alpinelinux
CVE-2020-1971
2020-12-08 16:15:11
openssl
openssl
Vulnerability in OpenSSL CVE-2020-1971
2020-12-08 00:00:00
oraclelinux
oraclelinux
openssl security and bug fix update
2020-12-17 00:00:00
openssl security update
2020-12-17 00:00:00
openssl security update
2021-03-26 00:00:00
ubuntu
ubuntu
OpenSSL vulnerability
2020-12-08 00:00:00
amazon
amazon
Important: openssl
2020-12-08 19:28:00
Important: openssl, openssl11
2020-12-08 21:31:00
cloudfoundry
cloudfoundry
USN-4662-1: OpenSSL vulnerability | Cloud Foundry
2021-01-12 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerability
2020-12-22 00:47:06
ubuntucve
ubuntucve
CVE-2020-1971
2020-12-08 00:00:00
mscve
mscve
OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference
2021-10-12 07:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2020-0175
2020-12-10 00:00:00
Moderate Photon OS Security Update - PHSA-2020-3.0-0175
2020-12-10 00:00:00
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Openssl
2020-12-09 21:32:15
centos
centos
openssl security update
2020-12-18 00:03:46