Advisory: CLSA-2024:1719925589
OS: CentOS 7 ELS
Public date: 2024-07-02 09:06:32
Project: openssl
Version: 1.0.2k-26.el7_9.tuxcare.els1
Errata link: https://errata.tuxcare.com/els_os/centos7els/CLSA-2024-1719925589.html
- CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent command injection - CVE-2022-2068: c_rehash: Fix file operations to prevent command injection - Update expired smime certificates - Add testing using old certificates (sha1) to have both types of certificates (sha1, sha256) checked with S/MIME
Update command: yum update openssl*
openssl-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm openssl-devel-1.0.2k-26.el7_9.tuxcare.els1.i686.rpm openssl-devel-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm openssl-libs-1.0.2k-26.el7_9.tuxcare.els1.i686.rpm openssl-libs-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm openssl-perl-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm openssl-static-1.0.2k-26.el7_9.tuxcare.els1.i686.rpm openssl-static-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm