{"id":2056,"date":"2021-09-24T14:50:16","date_gmt":"2021-09-24T06:50:16","guid":{"rendered":"https:\/\/www.wjxy.net.cn\/?p=2056"},"modified":"2023-10-04T06:32:25","modified_gmt":"2023-10-03T22:32:25","slug":"openssl-%e6%8b%92%e7%bb%9d%e6%9c%8d%e5%8a%a1%e6%bc%8f%e6%b4%9e%e4%bf%ae%e8%a1%a5","status":"publish","type":"post","link":"https:\/\/www.wjxy.net.cn\/?p=2056","title":{"rendered":"OpenSSL \u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u4fee\u8865"},"content":{"rendered":"

\u817e\u8baf\u4e91\u53d1\u6765\u4e86\u901a\u77e5\u53d1\u73b0\u6709\u65b0\u7684\u9ad8\u5371\u6f0f\u6d1e CVE-2020-1971<\/p>\n

\u6f0f\u6d1e\u63cf\u8ff0\uff1a<\/h2>\n

2020 \u5e74 12 \u6708 08 \u65e5\uff0cOpenSSL \u5b98\u65b9\u53d1\u5e03\u5b89\u5168\u516c\u544a\uff0c\u62ab\u9732 CVE-2020-1971 OpenSSL GENERAL_NAME_cmp \u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u5f53\u4e24\u4e2a GENERAL_NAME \u90fd\u5305\u542b\u540c\u4e00\u4e2a EDIPARTYNAME \u65f6\uff0c\u7531\u4e8e GENERAL_NAME_cmp \u51fd\u6570\u672a\u80fd\u6b63\u786e\u5904\u7406\uff0c\u4ece\u800c\u5bfc\u81f4\u7a7a\u6307\u9488\u5f15\u7528\uff0c\u5e76\u53ef\u80fd\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002<\/p>\n

\u817e\u8baf\u5b89\u5168\u4e13\u5bb6\u5efa\u8bae\u53d7\u5f71\u54cd\u7684 OpenSSL \u7528\u6237\u5c3d\u5feb\u91c7\u53d6\u5b89\u5168\u63aa\u65bd\u963b\u6b62\u6f0f\u6d1e\u653b\u51fb\u3002<\/p>\n

OpenSSL \u662f\u4e00\u4e2a\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u8f6f\u4ef6\u5e93\u5305\uff0c\u5e94\u7528\u7a0b\u5e8f\u53ef\u4ee5\u4f7f\u7528\u8fd9\u4e2a\u5305\u6765\u8fdb\u884c\u5b89\u5168\u901a\u4fe1\uff0c\u907f\u514d\u7a83\u542c\uff0c\u540c\u65f6\u786e\u8ba4\u53e6\u4e00\u7aef\u8fde\u63a5\u8005\u7684\u8eab\u4efd\u3002\u8fd9\u4e2a\u5305\u5e7f\u6cdb\u88ab\u5e94\u7528\u5728\u4e92\u8054\u7f51\u7684\u7f51\u9875\u670d\u52a1\u5668\u4e0a\u3002<\/p>\n

\u53d7\u5f71\u54cd\u7684\u7248\u672c\uff1a<\/h3>\n

OpenSSL 1.1.1 \uff5e 1.1.1h<\/p>\n

OpenSSL 1.0.2 \uff5e 1.0.2w<\/p>\n

\u5b89\u5168\u7248\u672c\uff1a<\/h3>\n

OpenSSL 1.1.1i<\/p>\n

OpenSSL 1.0.2x<\/p>\n

\u89e3\u51b3\u8fc7\u7a0b<\/h2>\n

\u5b98\u65b9\u7ed9\u7684\u89e3\u51b3\u529e\u6cd5\u5c31\u662f\u5347\u7ea7\u7248\u672c\uff0c\u53ea\u8981\u628a\u670d\u52a1\u5668\u4e0a OpenSSL \u7248\u672c\u5347\u7ea7\u5230\u5b89\u5168\u7684\u7248\u672c\u5c31\u884c\u4e86\u3002<\/p>\n

<\/div>\n
[root@VM_0_7_centos \/]# openssl version\r\nOpenSSL 1.0.2k-fips  26 Jan 2017\r\n<\/code><\/pre>\n
\u767b\u4e0a\u670d\u52a1\u5668\u786e\u8ba4\u4e86\u4e0b\uff0copenssl \u7248\u672c\u7684\u786e\u662f\u5728\u53d7\u5f71\u54cd\u7684\u8303\u56f4\u5185\uff0c\u90a3\u63a5\u4e0b\u662f\u8981\u5347\u7ea7\u7248\u672c\u5c31\u53ef\u4ee5\u4e86<\/p>\n
\u5347\u7ea7\u5b89\u88c5<\/h3>\n
<\/div>\n
cd \/usr\/local\/src\/\r\n\r\nwget https:\/\/www.openssl.org\/source\/openssl-1.1.1i.tar.gz\r\n\r\nyum install -y zlib\r\n\r\ntar zxf openssl-1.1.1i.tar.gz\r\n\r\ncd openssl-1.1.1i\/\r\n\r\n.\/config --prefix=\/usr\/local\/openssl shared zlib\r\n\r\nmake depend\r\n\r\nmake && make install\r\n\r\nmv \/usr\/bin\/openssl \/usr\/bin\/openssl.bak\r\n\r\nmv \/usr\/include\/openssl \/usr\/include\/openssl.bak\r\n\r\nln -s \/usr\/local\/openssl\/bin\/openssl \/usr\/bin\/openssl\r\n\r\nln -s \/usr\/local\/openssl\/include\/openssl \/usr\/include\/openssl\r\n\r\necho \/usr\/local\/openssl\/lib >> \/etc\/ld.so.conf\r\n\r\nldconfig -v\r\n<\/code><\/pre>\n
\u6700\u540e\u5728\u8f93\u5165 openssl version<\/code> \u68c0\u6d4b\u4e00\u4e0b\u662f\u5426\u5347\u7ea7\u6210\u529f\uff0c\u5982\u679c\u7248\u672c\u53f7\u8ddf\u9009\u62e9\u5347\u7ea7\u7684\u7248\u672c\u4e00\u81f4\uff0c\u5373\u4e3a\u5347\u7ea7\u6210\u529f<\/p>\n
<\/div>\n
[root@VM_0_7_centos bin]# openssl version\r\nOpenSSL 1.1.1i  8 Dec 2020<\/code><\/pre>\n
\u4f5c\u8005\uff1aJireh
\n\u94fe\u63a5\uff1ahttps:\/\/ld246.com\/article\/1607587864910
\n\u6765\u6e90\uff1a\u94fe\u6ef4
\n\u534f\u8bae\uff1aCC BY-SA 4.0 https:\/\/creativecommons.org\/licenses\/by-sa\/4.0\/<\/p>\n","protected":false},"excerpt":{"rendered":"
\u817e\u8baf\u4e91\u53d1\u6765\u4e86\u901a\u77e5\u53d1\u73b0\u6709\u65b0\u7684\u9ad8\u5371\u6f0f\u6d1e CVE-2020-1971 \u6f0f\u6d1e\u63cf\u8ff0\uff1a 2020 \u5e74 12 \u6708 08 \u65e5\uff0c […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[28],"tags":[],"_links":{"self":[{"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/posts\/2056"}],"collection":[{"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2056"}],"version-history":[{"count":1,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/posts\/2056\/revisions"}],"predecessor-version":[{"id":2057,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/posts\/2056\/revisions\/2057"}],"wp:attachment":[{"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2056"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2056"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2056"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}