Re: RedHat 8.6 libk5crypto.so.3 misses symbol EVP_KDF with openssl 1.1.1l

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tuesday, 8 November 2022 08:51:32 CET, Matthias Apitz wrote:
El día martes, noviembre 08, 2022 a las 08:26:54a. m. +0100, Tomas Mraz escribió:

Hi,

Red Hat patches its OpenSSL implementation with some additional API
calls. That means you cannot use builds from an unpatched upstream
OpenSSL tarball in place of the system libcrypto and libssl libraries.

The proper way is to always obtain updated system packages from your ...

Thanks for your answer and explanation. We updated all our server on SuSE
Linux SLES and RedHat to openssl 1.1.1l due to an announced security problem (do
not remember the CVE, perhaps you will know better). The RH 8.6 server
has:

# /usr/bin/openssl version
OpenSSL 1.1.1k  FIPS 25 Mar 2021

we use:

# /usr/local/sisis-pap/bin/openssl version
OpenSSL 1.1.1l  24 Aug 2021

and have linked all our application servers agains this version.

Please see the backporting policy: https://access.redhat.com/security/updates/backporting
and contact Red Hat Support if you have questions about specific CVEs.
--
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux