I am unable to install this update via dnf on Rocky Linux 8.9. I get the following error:
Last metadata expiration check: 0:36:19 ago on Wed 01 May 2024 03:51:58 PM MDT.
Error:
Problem: package openssl3-3.2.1-1.1.el8.x86_64 from epel requires libcrypto.so.3()(64bit), but none of the providers can be installed
- package openssl3-3.2.1-1.1.el8.x86_64 from epel requires libssl.so.3()(64bit), but none of the providers can be installed
- package openssl3-3.2.1-1.1.el8.x86_64 from epel requires libcrypto.so.3(OPENSSL_3.0.0)(64bit), but none of the providers can be installed
- package openssl3-3.2.1-1.1.el8.x86_64 from epel requires libssl.so.3(OPENSSL_3.0.0)(64bit), but none of the providers can be installed
- package openssl3-3.2.1-1.1.el8.x86_64 from epel requires libcrypto.so.3(OPENSSL_3.0.1)(64bit), but none of the providers can be installed
- package openssl3-3.2.1-1.1.el8.x86_64 from epel requires libcrypto.so.3(OPENSSL_3.0.9)(64bit), but none of the providers can be installed
- package openssl3-3.2.1-1.1.el8.x86_64 from epel requires libcrypto.so.3(OPENSSL_3.2.0)(64bit), but none of the providers can be installed
- package openssl3-3.2.1-1.1.el8.x86_64 from epel requires libssl.so.3(OPENSSL_3.2.0)(64bit), but none of the providers can be installed
- package openssl3-3.2.1-1.1.el8.x86_64 from epel requires openssl3-libs(x86-64) = 3.2.1-1.1.el8, but none of the providers can be installed
- conflicting requests
- nothing provides openssl-fips-provider needed by openssl3-libs-3.2.1-1.1.el8.x86_64 from epel
(try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
BZ#2182590 CVE-2023-0465 openssl3: openssl: Invalid certificate policies in leaf certificates are silently ignored [epel-8]
0
0
BZ#2182602 CVE-2023-0466 openssl3: openssl: Certificate policy check not enabled [epel-8]
0
0
BZ#2188526 CVE-2023-1255 openssl3: openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM [epel-8]
0
0
BZ#2211109 CVE-2023-2650 openssl3: openssl: Possible DoS translating ASN.1 object identifiers [epel-8]
0
0
BZ#2223821 TRIAGE-CVE-2023-2975 openssl3: openSSL: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries [epel-8]
0
0
BZ#2228050 CVE-2023-3817 openssl3: OpenSSL: Excessive time spent checking DH q parameter value [epel-all]
0
0
BZ#2248621 CVE-2023-5678 openssl3: openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow [epel-8]
0
0
BZ#2249063 CVE-2023-5363 openssl3: openssl: Incorrect cipher key and IV length processing [epel-8]
0
0
BZ#2257573 CVE-2023-6129 openssl3: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC [epel-all]
0
0
BZ#2258505 CVE-2023-6237 openssl3: openssl: Excessive time spent checking invalid RSA public keys [epel-all]
0
0
BZ#2276143 openssl3 epel-8 SIGILL on ppc64le Power8
This update has been submitted for testing by salimma.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
how to install openssl-fips-provider
This update has been submitted for stable by bodhi.
This update has been pushed to stable.
I am unable to install this update via
dnfon Rocky Linux 8.9. I get the following error:Apologies for not noticing this earlier - my
mock --postinstallworkflow was temporarily broken for EL8.This update fixes the issue - FEDORA-EPEL-2024-2139fb0f65
No worries, much appreciated!