↵ Return to the main page of openssl3-devel
View build
Search for updates
Package Info (Data from x86_64 build)
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files
Date | Author | Change |
---|---|---|
2024-05-02 | Michel Lind <salimma at fedoraproject dot org> - 3.2.1-1.2 | - Drop openssl-fips-provider requirement, accidentally included due to incorrect gating |
2024-04-22 | Michel Lind <salimma at fedoraproject dot org> - 3.2.1-1.1 | - Merge c9s openssl changes to pick up CVE fixes |
2024-04-03 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.2.1-1 | - Rebasing OpenSSL to 3.2.1 Resolves: RHEL-26271 |
2024-02-21 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.0.7-27 | - Use certified FIPS module instead of freshly built one in Red Hat distribution Related: RHEL-23474 |
2023-11-21 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.0.7-26 | - Avoid implicit function declaration when building openssl Related: RHEL-1780 - In FIPS mode, prevent any other operations when rsa_keygen_pairwise_test fails Resolves: RHEL-17104 - Add a directory for OpenSSL providers configuration Resolves: RHEL-17193 - Eliminate memory leak in OpenSSL when setting elliptic curves on SSL context Resolves: RHEL-19515 - POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129) Resolves: RHEL-21151 - Excessive time spent checking invalid RSA public keys (CVE-2023-6237) Resolves: RHEL-21654 - SSL ECDHE Kex fails when pkcs11 engine is set in config file Resolves: RHEL-20249 - Denial of service via null dereference in PKCS#12 Resolves: RHEL-22486 - Use certified FIPS module instead of freshly built one in Red Hat distribution Resolves: RHEL-23474 |
2023-10-16 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.0.7-25 | - Provide relevant diagnostics when FIPS checksum is corrupted Resolves: RHEL-5317 - Don't limit using SHA1 in KDFs in non-FIPS mode. Resolves: RHEL-5295 - Provide empty evp_properties section in main OpenSSL configuration file Resolves: RHEL-11439 - Avoid implicit function declaration when building openssl Resolves: RHEL-1780 - Forbid explicit curves when created via EVP_PKEY_fromdata Resolves: RHEL-5304 - AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries (CVE-2023-2975) Resolves: RHEL-5302 - Excessive time spent checking DH keys and parameters (CVE-2023-3446) Resolves: RHEL-5306 - Excessive time spent checking DH q parameter value (CVE-2023-3817) Resolves: RHEL-5308 - Fix incorrect cipher key and IV length processing (CVE-2023-5363) Resolves: RHEL-13251 - Switch explicit FIPS indicator for RSA-OAEP to approved following clarification with CMVP Resolves: RHEL-14083 - Backport the check required by SP800-56Br2 6.4.1.2.1 (3.c) Resolves: RHEL-14083 - Add missing ECDH Public Key Check in FIPS mode Resolves: RHEL-15990 - Excessive time spent in DH check/generation with large Q parameter value (CVE-2023-5678) Resolves: RHEL-15954 |
2023-07-12 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.0.7-24 | - Make FIPS module configuration more crypto-policies friendly Related: rhbz#2216256 |
2023-07-11 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.0.7-23 | - Add a workaround for lack of EMS in FIPS mode Resolves: rhbz#2216256 |
2023-07-06 | Sahana Prasad <sahana at redhat dot com> - 1:3.0.7-22 | - Remove unsupported curves from nist_curves. Resolves: rhbz#2069336 |
2023-06-26 | Sahana Prasad <sahana at redhat dot com> - 1:3.0.7-21 | - Remove the listing of brainpool curves in FIPS mode. Related: rhbz#2188180 |