RedHat 8.6 libk5crypto.so.3 misses symbol EVP_KDF with openssl 1.1.1l

Hubert Kario hkario at redhat.com
Tue Nov 8 13:44:09 UTC 2022


On Tuesday, 8 November 2022 08:51:32 CET, Matthias Apitz wrote:
> El día martes, noviembre 08, 2022 a las 08:26:54a. m. +0100, 
> Tomas Mraz escribió:
>
>> Hi,
>> 
>> Red Hat patches its OpenSSL implementation with some additional API
>> calls. That means you cannot use builds from an unpatched upstream
>> OpenSSL tarball in place of the system libcrypto and libssl libraries.
>> 
>> The proper way is to always obtain updated system packages from your ...
>
> Thanks for your answer and explanation. We updated all our server on SuSE
> Linux SLES and RedHat to openssl 1.1.1l due to an announced 
> security problem (do
> not remember the CVE, perhaps you will know better). The RH 8.6 server
> has:
>
> # /usr/bin/openssl version
> OpenSSL 1.1.1k  FIPS 25 Mar 2021
>
> we use:
>
> # /usr/local/sisis-pap/bin/openssl version
> OpenSSL 1.1.1l  24 Aug 2021
>
> and have linked all our application servers agains this version.

Please see the backporting policy: 
https://access.redhat.com/security/updates/backporting
and contact Red Hat Support if you have questions about specific CVEs.
-- 
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic



More information about the openssl-users mailing list