On Tuesday, 8 November 2022 08:51:32 CET, Matthias Apitz wrote:
El día martes, noviembre 08, 2022 a las 08:26:54a. m. +0100,
Tomas Mraz escribió:
Hi,
Red Hat patches its OpenSSL implementation with some additional API
calls. That means you cannot use builds from an unpatched upstream
OpenSSL tarball in place of the system libcrypto and libssl libraries.
The proper way is to always obtain updated system packages from your ...
Thanks for your answer and explanation. We updated all our server on SuSE
Linux SLES and RedHat to openssl 1.1.1l due to an announced
security problem (do
not remember the CVE, perhaps you will know better). The RH 8.6 server
has:
# /usr/bin/openssl version
OpenSSL 1.1.1k FIPS 25 Mar 2021
we use:
# /usr/local/sisis-pap/bin/openssl version
OpenSSL 1.1.1l 24 Aug 2021
and have linked all our application servers agains this version.
Please see the backporting policy:
https://access.redhat.com/security/updates/backporting
and contact Red Hat Support if you have questions about specific CVEs.
--
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
