Bug 14215

Summary: [CVE 21] openssl 1.1.1w CVE
Product: [ROSA-based products] ROSA Fresh Reporter: Vladimir Potapov <v.potapov>
Component: System (kernel, glibc, systemd, bash, PAM...)Assignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: normal    
Priority: Normal CC: a.proklov
Version: AllFlags: v.potapov: qa_verified+
v.potapov: secteam_verified?
a.proklov: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: CVE-2023-5678
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Vladimir Potapov 2024-01-11 10:26:48 MSK 
https://nvd.nist.gov/vuln/detail/CVE-2023-5678 medium
Comment 1 Aleksandr Proklov 2024-01-12 06:42:33 MSK 
Fixes for 1.1.1/1.0.2 are available to premium support customers only. See:

https://www.openssl.org/support/contracts.html

--------------
покупайте премиум доступ - запатчим.
Comment 2 Vladimir Potapov 2024-01-15 17:34:46 MSK 
(In reply to Aleksandr Proklov from comment #1)
> Fixes for 1.1.1/1.0.2 are available to premium support customers only. See:
> 
> https://www.openssl.org/support/contracts.html
> 
> --------------
> покупайте премиум доступ - запатчим.

Лови! https://gitlab.com/redhat/centos-stream/rpms/openssl/-/blob/c8s/openssl-1.1.1-cve-2023-5678.patch
Comment 4 Vladimir Potapov 2024-01-16 11:43:45 MSK 
(In reply to Aleksandr Proklov from comment #3)
> уязвимость закрыта патчем
> 
> openssl-1.1.1w-3
> 
> https://abf.rosalinux.ru/build_lists/4956214
> https://abf.rosalinux.ru/build_lists/4956215 х64
> https://abf.rosalinux.ru/build_lists/4956216
> https://abf.rosalinux.ru/build_lists/4956217
> https://abf.rosalinux.ru/build_lists/4956218
**************************************************
The update sent to testings
Comment 5 Vladimir Potapov 2024-01-23 15:40:28 MSK 
openssl-1.1.1w-3
https://abf.rosalinux.ru/build_lists/4956214
https://abf.rosalinux.ru/build_lists/4956215 х64
https://abf.rosalinux.ru/build_lists/4956216
https://abf.rosalinux.ru/build_lists/4956217
https://abf.rosalinux.ru/build_lists/4956218
************************** Advisory **************************
CVE fix via patch
**************************************************************
QA Verified