Updated openssl packages that fix one bug are now available for Red HatEnterprise Linux 5.

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) andTransport Layer Security (TLS) protocols, as well as a full-strengthgeneral-purpose cryptography library. This update fixes the following bug:* Prior to this update, the certificate store access in the OpenSSL library wasnot properly locked against simultaneous accesses in multithreaded applications.As a consequence, the httpd daemon running in multithreaded mode could break thehttps service when two threads accessed the certificate store simultaneously.With this update, the certificate store access in OpenSSL is now lockedproperly, and the httpd daemon providing the https service can now properly workin the described situation. (BZ#1168938)Users of openssl are advised to upgrade to these updated packages, which fixthis bug. For the update to take effect, all services linked to the OpenSSLlibrary must be restarted, or the system rebooted.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available athttps://access.redhat.com/site/articles/11258RHEL Desktop Workstation (v. 5 client)

SRPMS:
openssl-0.9.8e-32.el5_11.src.rpm
    MD5: 50b90c6b1047820c4deebfa5cd8cf499SHA-256: 1fe827dbe0e8d2c7c035904b661a6b1a8c22965442e561824f907b69ebdbc53e
 
IA-32:
openssl-debuginfo-0.9.8e-32.el5_11.i386.rpm
    MD5: b75f0c8a577a1b079f8876bc73c94340SHA-256: 5d493431840667f45fd6b5904c31095ca594c1c7320b8f9317ecbe03f9c8956c
openssl-devel-0.9.8e-32.el5_11.i386.rpm
    MD5: 882af0729a5e12f6ae19dddb028af491SHA-256: 79ab9c9024c86ba05b5c6347c784cfa7e93d2e470b7ee99e6d676728b0c5aa0b
 
x86_64:
openssl-debuginfo-0.9.8e-32.el5_11.i386.rpm
    MD5: b75f0c8a577a1b079f8876bc73c94340SHA-256: 5d493431840667f45fd6b5904c31095ca594c1c7320b8f9317ecbe03f9c8956c
openssl-debuginfo-0.9.8e-32.el5_11.x86_64.rpm
    MD5: 890ed02152e91959e0e5ad81dd78e7a1SHA-256: 53062605087f3e8673dc28c3a7eb6b85fdf039b8ac4e48616d1508b79e298176
openssl-devel-0.9.8e-32.el5_11.i386.rpm
    MD5: 882af0729a5e12f6ae19dddb028af491SHA-256: 79ab9c9024c86ba05b5c6347c784cfa7e93d2e470b7ee99e6d676728b0c5aa0b
openssl-devel-0.9.8e-32.el5_11.x86_64.rpm
    MD5: 4697761b0549c284a8c5fbd058d7419eSHA-256: 0a9f738c31af47fe6dd09df15a59f39a06073f8eb5eb464dafce317d45887bf7
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
openssl-0.9.8e-32.el5_11.src.rpm
    MD5: 50b90c6b1047820c4deebfa5cd8cf499SHA-256: 1fe827dbe0e8d2c7c035904b661a6b1a8c22965442e561824f907b69ebdbc53e
 
IA-32:
openssl-0.9.8e-32.el5_11.i386.rpm
    MD5: ad3554cd49b88740e6473d9756821dd8SHA-256: d987a9b8e46794113210ac9f1d5c6c47a49e298c24c63c5f6efe5118148c603d
openssl-0.9.8e-32.el5_11.i686.rpm
    MD5: f7b2dfc0f2b135ac136c8168d645a33aSHA-256: 925442e513f0ee1b84ae5e6370f99008e8b2b61717025a859323b15bb1db2eb6
openssl-debuginfo-0.9.8e-32.el5_11.i386.rpm
    MD5: b75f0c8a577a1b079f8876bc73c94340SHA-256: 5d493431840667f45fd6b5904c31095ca594c1c7320b8f9317ecbe03f9c8956c
openssl-debuginfo-0.9.8e-32.el5_11.i686.rpm
    MD5: 5d29d2839ef48184a5b5426806c34c55SHA-256: 859eb11c5f308a4aa0d5e8700e743147a81effdbcb0689b2b514c67e6acf257b
openssl-devel-0.9.8e-32.el5_11.i386.rpm
    MD5: 882af0729a5e12f6ae19dddb028af491SHA-256: 79ab9c9024c86ba05b5c6347c784cfa7e93d2e470b7ee99e6d676728b0c5aa0b
openssl-perl-0.9.8e-32.el5_11.i386.rpm
    MD5: 49b79db9e44f37f460002247a0ea52a1SHA-256: 2604d06e8ac36e828cdcbdb8d4c901fb62e8ec3b63a92161075dc6cc0ecd34b4
 
IA-64:
openssl-0.9.8e-32.el5_11.i686.rpm
    MD5: f7b2dfc0f2b135ac136c8168d645a33aSHA-256: 925442e513f0ee1b84ae5e6370f99008e8b2b61717025a859323b15bb1db2eb6
openssl-0.9.8e-32.el5_11.ia64.rpm
    MD5: 7c1ab1c9ff13b21a9655f3c784df4be3SHA-256: 12e3063a7e25bb344804c23feb697249bb09a7efee412b112c62c66d3b717cd8
openssl-debuginfo-0.9.8e-32.el5_11.i686.rpm
    MD5: 5d29d2839ef48184a5b5426806c34c55SHA-256: 859eb11c5f308a4aa0d5e8700e743147a81effdbcb0689b2b514c67e6acf257b
openssl-debuginfo-0.9.8e-32.el5_11.ia64.rpm
    MD5: 99cd0a03c4fce31a1cac03c380423b8fSHA-256: 3d720acd1cfb7d84307c138c4d92d3bc64327bb13652dee7c02e48061fd87e5d
openssl-devel-0.9.8e-32.el5_11.ia64.rpm
    MD5: 5c61382dc4e32da8b4d3505747c9466eSHA-256: 8dddb7602801deeee792bee1c95fc6539c0ebb94aceb87b339fb785e26b87198
openssl-perl-0.9.8e-32.el5_11.ia64.rpm
    MD5: f479f95066671e6e23a84cd8292444c4SHA-256: 530ca54de7cadb58e0a067a23c4c7b45fa7409b29eddaf709efa6593c8abd104
 
PPC:
openssl-0.9.8e-32.el5_11.ppc.rpm
    MD5: fbf671203f3d3b35d5aa6bb38bc81921SHA-256: 0dbf5d3efd4eb38352cc81d006954a09a3f58c397433aac87defe1c79d117a8e
openssl-0.9.8e-32.el5_11.ppc64.rpm
    MD5: 5cc8033a17765b2a7a5364eb5a491460SHA-256: 12e02ff89787707e5135ceb63a3df1a24ff27d61a65f42841367be9711b6be6e
openssl-debuginfo-0.9.8e-32.el5_11.ppc.rpm
    MD5: df8312627ae6933a7344e9ca2a83f4fdSHA-256: df39ed2afa0863f692bc2701af525dc00ce013a1935f7528d11da3ee46b6ff7f
openssl-debuginfo-0.9.8e-32.el5_11.ppc64.rpm
    MD5: e336aa21331d90289ea1611082c1a599SHA-256: d029fb104a69e7b8561ca8dbce7b1d694f2483fcdcbdadf506e7a82810e6fdd3
openssl-devel-0.9.8e-32.el5_11.ppc.rpm
    MD5: 5fa4fea475a9458f1aea1edd5f518887SHA-256: 4477dda32f6655d79f36ada78b428a03fcc6934187df89f2db87f89e973ae20c
openssl-devel-0.9.8e-32.el5_11.ppc64.rpm
    MD5: 2c3775b99f4ea46448d5e986e430ecfeSHA-256: b585fb35386814fbd9fa19a54a13c91777a7da5a1225192a7c580a2cec36ac17
openssl-perl-0.9.8e-32.el5_11.ppc.rpm
    MD5: 872d4835f7099a1c9ff7bc28e308a74fSHA-256: 1a8957b858136d061b82131a4e3ec40fec8655ce2c76436d4766908f1883ff1c
 
s390x:
openssl-0.9.8e-32.el5_11.s390.rpm
    MD5: d4a25d1fd4f5720d81e86bdd3f17982bSHA-256: 89580ca3c032984fa67701256991acc9d3be073e8f2fa1b527e37f7b1c047378
openssl-0.9.8e-32.el5_11.s390x.rpm
    MD5: 7c126d36e4a2e07c86fd83a74a76e2dfSHA-256: 5b401e717dc695661749121a3ba85b873af4bee9f45d46dedb61ea07f0a4d4c7
openssl-debuginfo-0.9.8e-32.el5_11.s390.rpm
    MD5: 9fcae5d446d24edb9d58109f07f81fbaSHA-256: daa7b98b9c09d2e3e06ea8946d690d1623d1e6f89e10f6831a4ed10f0ba0ec82
openssl-debuginfo-0.9.8e-32.el5_11.s390x.rpm
    MD5: 0d694c05a65efc624e1a71575a3a9fc4SHA-256: 7141b1a9953516c1a0dc40c693ff5b0f6018cc2244e2f652427206dbd10bb945
openssl-devel-0.9.8e-32.el5_11.s390.rpm
    MD5: 6bc3e11ede3771db885a27a2fc2b417dSHA-256: 33aff42de44a8e3c5d9f81ad5bcf1c56c2da6b4a915de1dc5de3035ceb1790fe
openssl-devel-0.9.8e-32.el5_11.s390x.rpm
    MD5: a885749f04dad218bb87799855dde79bSHA-256: 84d8f17d657eb05a79d7130d8a58a7468e54c509ed12eb882faf49583985d670
openssl-perl-0.9.8e-32.el5_11.s390x.rpm
    MD5: 5711ec5f1e3abede8ce601ce20388017SHA-256: 804edb5a711cead11e598985bbcdac7cac10fffbf6812fe803ddcc4d209cb0d7
 
x86_64:
openssl-0.9.8e-32.el5_11.i686.rpm
    MD5: f7b2dfc0f2b135ac136c8168d645a33aSHA-256: 925442e513f0ee1b84ae5e6370f99008e8b2b61717025a859323b15bb1db2eb6
openssl-0.9.8e-32.el5_11.x86_64.rpm
    MD5: 8f52256bb0c646aa9ad81f4631f14fc5SHA-256: bc1c66bc2c9a39bb8c24ccc95cfee7b86660e01662a43d867840909e7e10601f
openssl-debuginfo-0.9.8e-32.el5_11.i386.rpm
    MD5: b75f0c8a577a1b079f8876bc73c94340SHA-256: 5d493431840667f45fd6b5904c31095ca594c1c7320b8f9317ecbe03f9c8956c
openssl-debuginfo-0.9.8e-32.el5_11.i686.rpm
    MD5: 5d29d2839ef48184a5b5426806c34c55SHA-256: 859eb11c5f308a4aa0d5e8700e743147a81effdbcb0689b2b514c67e6acf257b
openssl-debuginfo-0.9.8e-32.el5_11.x86_64.rpm
    MD5: 890ed02152e91959e0e5ad81dd78e7a1SHA-256: 53062605087f3e8673dc28c3a7eb6b85fdf039b8ac4e48616d1508b79e298176
openssl-devel-0.9.8e-32.el5_11.i386.rpm
    MD5: 882af0729a5e12f6ae19dddb028af491SHA-256: 79ab9c9024c86ba05b5c6347c784cfa7e93d2e470b7ee99e6d676728b0c5aa0b
openssl-devel-0.9.8e-32.el5_11.x86_64.rpm
    MD5: 4697761b0549c284a8c5fbd058d7419eSHA-256: 0a9f738c31af47fe6dd09df15a59f39a06073f8eb5eb464dafce317d45887bf7
openssl-perl-0.9.8e-32.el5_11.x86_64.rpm
    MD5: 6ebf0702c5381b24a88d51735045dc15SHA-256: eaf6be16a5d78c54ef3572b661d4eb803eec72ec71573277a3c4d3f1c769567d
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
openssl-0.9.8e-32.el5_11.src.rpm
    MD5: 50b90c6b1047820c4deebfa5cd8cf499SHA-256: 1fe827dbe0e8d2c7c035904b661a6b1a8c22965442e561824f907b69ebdbc53e
 
IA-32:
openssl-0.9.8e-32.el5_11.i386.rpm
    MD5: ad3554cd49b88740e6473d9756821dd8SHA-256: d987a9b8e46794113210ac9f1d5c6c47a49e298c24c63c5f6efe5118148c603d
openssl-0.9.8e-32.el5_11.i686.rpm
    MD5: f7b2dfc0f2b135ac136c8168d645a33aSHA-256: 925442e513f0ee1b84ae5e6370f99008e8b2b61717025a859323b15bb1db2eb6
openssl-debuginfo-0.9.8e-32.el5_11.i386.rpm
    MD5: b75f0c8a577a1b079f8876bc73c94340SHA-256: 5d493431840667f45fd6b5904c31095ca594c1c7320b8f9317ecbe03f9c8956c
openssl-debuginfo-0.9.8e-32.el5_11.i686.rpm
    MD5: 5d29d2839ef48184a5b5426806c34c55SHA-256: 859eb11c5f308a4aa0d5e8700e743147a81effdbcb0689b2b514c67e6acf257b
openssl-perl-0.9.8e-32.el5_11.i386.rpm
    MD5: 49b79db9e44f37f460002247a0ea52a1SHA-256: 2604d06e8ac36e828cdcbdb8d4c901fb62e8ec3b63a92161075dc6cc0ecd34b4
 
x86_64:
openssl-0.9.8e-32.el5_11.i686.rpm
    MD5: f7b2dfc0f2b135ac136c8168d645a33aSHA-256: 925442e513f0ee1b84ae5e6370f99008e8b2b61717025a859323b15bb1db2eb6
openssl-0.9.8e-32.el5_11.x86_64.rpm
    MD5: 8f52256bb0c646aa9ad81f4631f14fc5SHA-256: bc1c66bc2c9a39bb8c24ccc95cfee7b86660e01662a43d867840909e7e10601f
openssl-debuginfo-0.9.8e-32.el5_11.i686.rpm
    MD5: 5d29d2839ef48184a5b5426806c34c55SHA-256: 859eb11c5f308a4aa0d5e8700e743147a81effdbcb0689b2b514c67e6acf257b
openssl-debuginfo-0.9.8e-32.el5_11.x86_64.rpm
    MD5: 890ed02152e91959e0e5ad81dd78e7a1SHA-256: 53062605087f3e8673dc28c3a7eb6b85fdf039b8ac4e48616d1508b79e298176
openssl-perl-0.9.8e-32.el5_11.x86_64.rpm
    MD5: 6ebf0702c5381b24a88d51735045dc15SHA-256: eaf6be16a5d78c54ef3572b661d4eb803eec72ec71573277a3c4d3f1c769567d
 
(The unlinked packages above are only available from the Red Hat Network)
1168938 – X509_STORE_get_by_subject() and thus also SSL_Accept() are not thread safe

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply