What is the severity of RHSA-2023:1439?

The severity of RHSA-2023:1439 is rated as important.

How do I fix RHSA-2023:1439?

To fix RHSA-2023:1439, upgrade the affected OpenSSL packages to version 1.1.1c-21.el8_2.

What vulnerabilities are addressed in RHSA-2023:1439?

RHSA-2023:1439 addresses an X.400 address type confusion vulnerability in X.509 GeneralName (CVE-2023-0286).

Which packages are affected by RHSA-2023:1439?

The affected packages include openssl, openssl-debuginfo, openssl-debugsource, openssl-devel, and openssl-libs.

Is there a recommended action in response to RHSA-2023:1439?

It is recommended to apply the updates provided by RHSA-2023:1439 to mitigate any potential risks associated with the vulnerabilities.

Vulnerability/
RHSA-2023:1439

23/3/2023

RHSA-2023:1439: Important: openssl security update

First published: Thu Mar 23 2023(Updated: )

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.<br>Security Fix(es):<br><li> openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/openssl	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-debuginfo	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-debuginfo	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-debugsource	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-debugsource	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-devel	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-devel	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-libs	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-libs	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-libs-debuginfo	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-libs-debuginfo	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-perl	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-debuginfo	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-debugsource	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-devel	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-libs	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-libs-debuginfo	<1.1.1c-21.el8_2	1.1.1c-21.el8_2
redhat/openssl-perl	<1.1.1c-21.el8_2	1.1.1c-21.el8_2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2023:1439?
The severity of RHSA-2023:1439 is rated as important.
How do I fix RHSA-2023:1439?
To fix RHSA-2023:1439, upgrade the affected OpenSSL packages to version 1.1.1c-21.el8_2.
What vulnerabilities are addressed in RHSA-2023:1439?
RHSA-2023:1439 addresses an X.400 address type confusion vulnerability in X.509 GeneralName (CVE-2023-0286).
Which packages are affected by RHSA-2023:1439?
The affected packages include openssl, openssl-debuginfo, openssl-debugsource, openssl-devel, and openssl-libs.
Is there a recommended action in response to RHSA-2023:1439?
It is recommended to apply the updates provided by RHSA-2023:1439 to mitigate any potential risks associated with the vulnerabilities.

agent/severity
agent/type
agent/softwarecombine
agent/last-modified-date
agent/first-publish-date
agent/remedy
agent/title
agent/references
agent/description
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2023:1439
agent/software-canonical-lookup
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat