Updated openssl097a and openssl098e packages that fix one security issueare now available for Red Hat Enterprise Linux 5 and 6 respectively.The Red Hat Security Response Team has rated this update as havingImportant security impact. A Common Vulnerability Scoring System (CVSS)base score, which gives a detailed severity rating, is available from theCVE link in the References section.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)and Transport Layer Security (TLS v1) protocols, as well as afull-strength, general purpose cryptography library.It was found that OpenSSL clients and servers could be forced, via aspecially crafted handshake packet, to use weak keying material forcommunication. A man-in-the-middle attacker could use this flaw to decryptand modify traffic between a client and a server. (CVE-2014-0224)Note: In order to exploit this flaw, both the server and the client must beusing a vulnerable version of OpenSSL; the server must be using OpenSSLversion 1.0.1 and above, and the client must be using any version ofOpenSSL. For more information about this flaw, refer to:https://access.redhat.com/site/articles/904433Red Hat would like to thank the OpenSSL project for reporting this issue.Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporterof this issue.All OpenSSL users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. For the update to takeeffect, all services linked to the OpenSSL library (such as httpd and otherSSL-enabled services) must be restarted or the system rebooted.
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
openssl097a-0.9.7a-12.el5_10.1.src.rpm
    MD5: 19af3e117e7b6465e17dfd3bfdd93022SHA-256: 80b8e81e522b41857637c1092f40b49cab068a91d4d9ee86baddf0201873bd90
 
IA-32:
openssl097a-0.9.7a-12.el5_10.1.i386.rpm
    MD5: 63a204f2d68437dc54a83f92424011d1SHA-256: 8bd83b5fea5df3b03379011ee7316b1561565d98436c53febd2c2ee3c54a900f
openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm
    MD5: c3b2dcb01c6325453c8a533a615fd760SHA-256: a5e84e61162b71f0f9544161ce5d9b6c1afb1adfc339385f3a2c7be35574d822
 
IA-64:
openssl097a-0.9.7a-12.el5_10.1.i386.rpm
    MD5: 63a204f2d68437dc54a83f92424011d1SHA-256: 8bd83b5fea5df3b03379011ee7316b1561565d98436c53febd2c2ee3c54a900f
openssl097a-0.9.7a-12.el5_10.1.ia64.rpm
    MD5: a87fc18c19c05bc5cb8b6b67a784c99dSHA-256: e3cec84513e0beec9b68e1686fc9842bad08bef8cd863ad9a33ba9c26ded6dda
openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm
    MD5: c3b2dcb01c6325453c8a533a615fd760SHA-256: a5e84e61162b71f0f9544161ce5d9b6c1afb1adfc339385f3a2c7be35574d822
openssl097a-debuginfo-0.9.7a-12.el5_10.1.ia64.rpm
    MD5: 091b7c34b464163b76b245c9e22b4ad8SHA-256: ad8734a539ae16cbb0f19e40a2a1084dfc27604c9b075541aaf582a9ff921003
 
PPC:
openssl097a-0.9.7a-12.el5_10.1.ppc.rpm
    MD5: ff0a1cb4dbe95e6b261760759a819943SHA-256: 4ac0da6bc862a057dfb69a00846dbc340fb3a03e6bcca7abb33b31cb0321e991
openssl097a-0.9.7a-12.el5_10.1.ppc64.rpm
    MD5: 6b6a25f21e3c27e2cfb182308af80085SHA-256: 65f121b4c3231356ea328d84407b6515c7bf61d26c5c72f6cf05a2ccb2c67c0d
openssl097a-debuginfo-0.9.7a-12.el5_10.1.ppc.rpm
    MD5: 86833938b8a71f8f1dfcd84d64bc516aSHA-256: 85be513ad9c8b92dfe18a9ccd3bf6ac9ad736fa20a089ec6ba0bf8e4d53d9372
openssl097a-debuginfo-0.9.7a-12.el5_10.1.ppc64.rpm
    MD5: d6f790a6ad0094d06a03f94e083604f8SHA-256: 62d21dab7fc4b09d2972651dd8bc0c2e9dce5d14a4a0299282319b3474e46fb6
 
s390x:
openssl097a-0.9.7a-12.el5_10.1.s390.rpm
    MD5: 9d4a4a7e5fb3845b6ec1d5b1354a0b65SHA-256: 2b32b23986995f5db6901cd07fa9b3c237bec5a3ffee4a2c2a82261a2a2cd253
openssl097a-0.9.7a-12.el5_10.1.s390x.rpm
    MD5: 377c1c434385b42e9e793f473f11bcd5SHA-256: b2e241d2663eb509e9503200c7afa07f648b53a24708e24556976c3d0a3e0b96
openssl097a-debuginfo-0.9.7a-12.el5_10.1.s390.rpm
    MD5: a3289cb120062926706a46cc356a2255SHA-256: 79b963aaedaa9d87ac2d8fe72e088f8e31db11ca3da6b5dea025143056414822
openssl097a-debuginfo-0.9.7a-12.el5_10.1.s390x.rpm
    MD5: 0f3a940e89ba85f6f686c32d4dd996beSHA-256: 8cd830d6543f2e05d390a55d38f275f15cc7d4fc11d679a96d5ba6d835151b40
 
x86_64:
openssl097a-0.9.7a-12.el5_10.1.i386.rpm
    MD5: 63a204f2d68437dc54a83f92424011d1SHA-256: 8bd83b5fea5df3b03379011ee7316b1561565d98436c53febd2c2ee3c54a900f
openssl097a-0.9.7a-12.el5_10.1.x86_64.rpm
    MD5: 4a56c28ff8afbb29a33cf359eb1263b8SHA-256: ca3201e4f9ffd08df6cc65d1e1a4ffd9146c7e7e2e9d759e10316469be298138
openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm
    MD5: c3b2dcb01c6325453c8a533a615fd760SHA-256: a5e84e61162b71f0f9544161ce5d9b6c1afb1adfc339385f3a2c7be35574d822
openssl097a-debuginfo-0.9.7a-12.el5_10.1.x86_64.rpm
    MD5: 14c2b09c32908907b517a9a7cee7fa1fSHA-256: c544472a22c211092cff19159bf86fa5f57a4bc70fa9c9cac94e88916e04e317
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
openssl097a-0.9.7a-12.el5_10.1.src.rpm
    MD5: 19af3e117e7b6465e17dfd3bfdd93022SHA-256: 80b8e81e522b41857637c1092f40b49cab068a91d4d9ee86baddf0201873bd90
 
IA-32:
openssl097a-0.9.7a-12.el5_10.1.i386.rpm
    MD5: 63a204f2d68437dc54a83f92424011d1SHA-256: 8bd83b5fea5df3b03379011ee7316b1561565d98436c53febd2c2ee3c54a900f
openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm
    MD5: c3b2dcb01c6325453c8a533a615fd760SHA-256: a5e84e61162b71f0f9544161ce5d9b6c1afb1adfc339385f3a2c7be35574d822
 
x86_64:
openssl097a-0.9.7a-12.el5_10.1.i386.rpm
    MD5: 63a204f2d68437dc54a83f92424011d1SHA-256: 8bd83b5fea5df3b03379011ee7316b1561565d98436c53febd2c2ee3c54a900f
openssl097a-0.9.7a-12.el5_10.1.x86_64.rpm
    MD5: 4a56c28ff8afbb29a33cf359eb1263b8SHA-256: ca3201e4f9ffd08df6cc65d1e1a4ffd9146c7e7e2e9d759e10316469be298138
openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm
    MD5: c3b2dcb01c6325453c8a533a615fd760SHA-256: a5e84e61162b71f0f9544161ce5d9b6c1afb1adfc339385f3a2c7be35574d822
openssl097a-debuginfo-0.9.7a-12.el5_10.1.x86_64.rpm
    MD5: 14c2b09c32908907b517a9a7cee7fa1fSHA-256: c544472a22c211092cff19159bf86fa5f57a4bc70fa9c9cac94e88916e04e317
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
openssl098e-0.9.8e-18.el6_5.2.src.rpm
    MD5: 36d96da1802b6305c3bc39a5fcebe97fSHA-256: 2561299d0983881128cb96e9be9f0fdcb62a93182bc7424de1d4b0051ef990d2
 
IA-32:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
 
x86_64:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: c423f22408c58136ddc7d67876d74a42SHA-256: c4257156e48aad24db60ebac28d9cbf9a107958d512202ccce164fcf844cea31
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: 35f76ed2b7a506088c0e39d99def1c9dSHA-256: dcd8c17d11582d013fcb3d7aa926a3e5073db8c4e9a08e069d26f5d67b5e9b81
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
openssl098e-0.9.8e-18.el6_5.2.src.rpm
    MD5: 36d96da1802b6305c3bc39a5fcebe97fSHA-256: 2561299d0983881128cb96e9be9f0fdcb62a93182bc7424de1d4b0051ef990d2
 
x86_64:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: c423f22408c58136ddc7d67876d74a42SHA-256: c4257156e48aad24db60ebac28d9cbf9a107958d512202ccce164fcf844cea31
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: 35f76ed2b7a506088c0e39d99def1c9dSHA-256: dcd8c17d11582d013fcb3d7aa926a3e5073db8c4e9a08e069d26f5d67b5e9b81
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
openssl098e-0.9.8e-18.el6_5.2.src.rpm
    MD5: 36d96da1802b6305c3bc39a5fcebe97fSHA-256: 2561299d0983881128cb96e9be9f0fdcb62a93182bc7424de1d4b0051ef990d2
 
IA-32:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
 
PPC:
openssl098e-0.9.8e-18.el6_5.2.ppc.rpm
    MD5: 249e4ecad4c723bf724344701c99ca62SHA-256: b1d6d3ecc86c2df0c8f43b9bff93ec35b674482be1633b62d4bf8f3d76fe5e83
openssl098e-0.9.8e-18.el6_5.2.ppc64.rpm
    MD5: 27d9b533663ffe3687cf0e0f0f612818SHA-256: f95ec65fb0b6f9af69d555a73205796595d5ed09ef9e6202db613f1c5153f39c
openssl098e-debuginfo-0.9.8e-18.el6_5.2.ppc.rpm
    MD5: 0e24d5cc64a34bec50a1356acfe14119SHA-256: 24268c14010ec91f4c867128c56053412584fd6e8fd85ed791d87c7104e0ab93
openssl098e-debuginfo-0.9.8e-18.el6_5.2.ppc64.rpm
    MD5: 9e560b637c9abcbfd9c260f43bbf6fb0SHA-256: e8006fe2a4b5ab19fed619dcd22d02c4710611ce1ad3fad32c3075650cbce2d2
 
s390x:
openssl098e-0.9.8e-18.el6_5.2.s390.rpm
    MD5: 057fdd45396f51209f9988405f88d179SHA-256: 57b031581fc8c097bac4758342122863117a76e609c86129d5922916e42aaf97
openssl098e-0.9.8e-18.el6_5.2.s390x.rpm
    MD5: 67a0526f2780a4fcedea7c6f83999cb4SHA-256: a1f2a4f4cf3042ff896af899a7a8cfc875a771f91ffa213e3476400251e7f489
openssl098e-debuginfo-0.9.8e-18.el6_5.2.s390.rpm
    MD5: f0e84c740b6b61422c94c671200da4edSHA-256: d71f13e1813a3d94240617b4400c3e60512f7a2c4ddb2b06e978114939366760
openssl098e-debuginfo-0.9.8e-18.el6_5.2.s390x.rpm
    MD5: c030e006a8d0d1b28286bd8891cb6ca4SHA-256: 4b19ad55f6ec0c8ad3640323e54a921b7206886dad006bd892ab2cac06df098b
 
x86_64:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: c423f22408c58136ddc7d67876d74a42SHA-256: c4257156e48aad24db60ebac28d9cbf9a107958d512202ccce164fcf844cea31
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: 35f76ed2b7a506088c0e39d99def1c9dSHA-256: dcd8c17d11582d013fcb3d7aa926a3e5073db8c4e9a08e069d26f5d67b5e9b81
 
Red Hat Enterprise Linux Server AUS (v. 6.5)

SRPMS:
openssl098e-0.9.8e-18.el6_5.2.src.rpm
    MD5: 36d96da1802b6305c3bc39a5fcebe97fSHA-256: 2561299d0983881128cb96e9be9f0fdcb62a93182bc7424de1d4b0051ef990d2
 
x86_64:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: c423f22408c58136ddc7d67876d74a42SHA-256: c4257156e48aad24db60ebac28d9cbf9a107958d512202ccce164fcf844cea31
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: 35f76ed2b7a506088c0e39d99def1c9dSHA-256: dcd8c17d11582d013fcb3d7aa926a3e5073db8c4e9a08e069d26f5d67b5e9b81
 
Red Hat Enterprise Linux Server EUS (v. 6.5.z)

SRPMS:
openssl098e-0.9.8e-18.el6_5.2.src.rpm
    MD5: 36d96da1802b6305c3bc39a5fcebe97fSHA-256: 2561299d0983881128cb96e9be9f0fdcb62a93182bc7424de1d4b0051ef990d2
 
IA-32:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
 
PPC:
openssl098e-0.9.8e-18.el6_5.2.ppc.rpm
    MD5: 249e4ecad4c723bf724344701c99ca62SHA-256: b1d6d3ecc86c2df0c8f43b9bff93ec35b674482be1633b62d4bf8f3d76fe5e83
openssl098e-0.9.8e-18.el6_5.2.ppc64.rpm
    MD5: 27d9b533663ffe3687cf0e0f0f612818SHA-256: f95ec65fb0b6f9af69d555a73205796595d5ed09ef9e6202db613f1c5153f39c
openssl098e-debuginfo-0.9.8e-18.el6_5.2.ppc.rpm
    MD5: 0e24d5cc64a34bec50a1356acfe14119SHA-256: 24268c14010ec91f4c867128c56053412584fd6e8fd85ed791d87c7104e0ab93
openssl098e-debuginfo-0.9.8e-18.el6_5.2.ppc64.rpm
    MD5: 9e560b637c9abcbfd9c260f43bbf6fb0SHA-256: e8006fe2a4b5ab19fed619dcd22d02c4710611ce1ad3fad32c3075650cbce2d2
 
s390x:
openssl098e-0.9.8e-18.el6_5.2.s390.rpm
    MD5: 057fdd45396f51209f9988405f88d179SHA-256: 57b031581fc8c097bac4758342122863117a76e609c86129d5922916e42aaf97
openssl098e-0.9.8e-18.el6_5.2.s390x.rpm
    MD5: 67a0526f2780a4fcedea7c6f83999cb4SHA-256: a1f2a4f4cf3042ff896af899a7a8cfc875a771f91ffa213e3476400251e7f489
openssl098e-debuginfo-0.9.8e-18.el6_5.2.s390.rpm
    MD5: f0e84c740b6b61422c94c671200da4edSHA-256: d71f13e1813a3d94240617b4400c3e60512f7a2c4ddb2b06e978114939366760
openssl098e-debuginfo-0.9.8e-18.el6_5.2.s390x.rpm
    MD5: c030e006a8d0d1b28286bd8891cb6ca4SHA-256: 4b19ad55f6ec0c8ad3640323e54a921b7206886dad006bd892ab2cac06df098b
 
x86_64:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: c423f22408c58136ddc7d67876d74a42SHA-256: c4257156e48aad24db60ebac28d9cbf9a107958d512202ccce164fcf844cea31
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: 35f76ed2b7a506088c0e39d99def1c9dSHA-256: dcd8c17d11582d013fcb3d7aa926a3e5073db8c4e9a08e069d26f5d67b5e9b81
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
openssl098e-0.9.8e-18.el6_5.2.src.rpm
    MD5: 36d96da1802b6305c3bc39a5fcebe97fSHA-256: 2561299d0983881128cb96e9be9f0fdcb62a93182bc7424de1d4b0051ef990d2
 
IA-32:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
 
x86_64:
openssl098e-0.9.8e-18.el6_5.2.i686.rpm
    MD5: bedab7eb0bf4aa63eff2228bee693991SHA-256: d51b513736b132b6d40d0501ca31ecd7c20932174454e75b5584ffe421836048
openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: c423f22408c58136ddc7d67876d74a42SHA-256: c4257156e48aad24db60ebac28d9cbf9a107958d512202ccce164fcf844cea31
openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm
    MD5: 3a013dd908f6626798f4b74f2840a0cdSHA-256: 1802a5fdce316c4da2879470dd9243ec00aa4c0315034707653be523e285479e
openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm
    MD5: 35f76ed2b7a506088c0e39d99def1c9dSHA-256: dcd8c17d11582d013fcb3d7aa926a3e5073db8c4e9a08e069d26f5d67b5e9b81
 
(The unlinked packages above are only available from the Red Hat Network)
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply