СloudLinux Blog

CloudLinux OS 6 ELS: openssl package has been scheduled for gradual rollout

Written by Inessa Atmachian | Sep 13, 2021 4:58:33 PM

A new updated openssl package with the fix for several CVEs within CloudLinux OS 6 ELS has been scheduled for gradual rollout from our production repository.

Rollout slot: 3
Rolled out to: 0.1%
ETA for 100% rollout: September 21

Changelog

openssl-1.0.1e-62.el6.cloudlinux.els

  • Fix handling ASN.1 string as NULL terminated leads to read buffer overrun (CVE-2021-3712)
  • Fix excessively large primes in DH key generation (CVE-2018-0732)
  • Fix RSA key generation cache timing vulnerability (CVE-2018-0737)
  • Fix stack overflow parsing recursive ASN.1 structure (CVE-2018-0739)
  • Fix out-of-bounds read (CVE-2017-3735)

Update command

yum update openssl*

Immediate update (via bypass)

yum update openssl* --enablerepo=cloudlinux-rollout-3-bypass