Updated openssl-ibmca packages that fix two bugs are now available for Red HatEnterprise Linux 6.

The openssl-ibmca packages provide a dynamic OpenSSL engine for the IBM eServerCryptographic Accelerator (ICA) crypto hardware on IBM eServer zSeries machines.This update fixes the following bugs:* Prior to this update, an incorrect flag was passed to the elliptic curvecrypto signing method. Consequently, the selftest in the OpenSSL library failedwhen the IBMCA engine was in use. Now, the correct flag is passed, and theOpenSSL selftest succeeds. (BZ#1075183)* Previously, the IBMCA engine truncated the SHA256 hash data computed by theLibrary for IBM Cryptographic Architecture (libica). As a consequence, thecertificate verification process used a malformed hash and failed. Now, thecorrect length is used for the SHA256 data, and certificate verificationproceeds without errors. (BZ#1193071)Users of openssl-ibmca are advised to upgrade to these updated packages, whichfix these bugs.
Before applying this update, make sure all previously released errata relevantto your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Server FasTrack (v. 6)

SRPMS:
openssl-ibmca-1.2.0-4.el6.src.rpm
    MD5: b6df9d5a674321b7f1b59f9b54a7ef02SHA-256: 8ead375de34ea6f12f3c1714f0ce1aacce8f938f6b61dc41dcb8245c695a2421
 
s390x:
openssl-ibmca-1.2.0-4.el6.s390.rpm
    MD5: 536d7a1c307a7f4c43bc99bb48a403d2SHA-256: 15dc1a15f7fef0fed70cac6272d5a3b22e4e22518be0d0a65f8df53646abb747
openssl-ibmca-1.2.0-4.el6.s390x.rpm
    MD5: ed5197a94741708384d3bda8d8c6babdSHA-256: 494b1bad4e311856593b50504ac156b3577ee18fd499907b39eaae3a99af5fd5
openssl-ibmca-debuginfo-1.2.0-4.el6.s390.rpm
    MD5: 1ccd94f460760117e334a5d0f392ee52SHA-256: 4028d5bb41cacfbb9141ac4fcdd390a89b325dca95522394794b990e3a383c04
openssl-ibmca-debuginfo-1.2.0-4.el6.s390x.rpm
    MD5: 6eb107621ad417dd2c42fae853f0506cSHA-256: e2bf16b24e6e3829f9f79398203154ab427d3f2c1bf9727fe3f0b1939de82632
 
(The unlinked packages above are only available from the Red Hat Network)
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply