↵ Return to the main page of openssl3-libs
View build
Search for updates
Package Info (Data from x86_64 build)
🠗 Changelog
🠗 Provides
🠗 Files
Date | Author | Change |
---|---|---|
2024-06-17 | Michel Lind <salimma at fedoraproject dot org> - 3.2.2-2.1 | - Merge c9s openssl changes to pick up CVE fixes |
2024-06-12 | Daiki Ueno <dueno at redhat dot com> - 1:3.2.2-2 | - Add workaround for EVP_PKEY_CTX_add1_hkdf_info with older providers Resolves: RHEL-40823 |
2024-06-05 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.2.2-1 | - Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack. Resolves: RHEL-32148 Resolves: RHEL-36792 Resolves: RHEL-38514 Resolves: RHEL-39111 |
2024-05-23 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.2.1-2 | - Update RNG changing for FIPS purpose Resolves: RHEL-35380 |
2024-05-02 | Michel Lind <salimma at fedoraproject dot org> - 3.2.1-1.2 | - Drop openssl-fips-provider requirement, accidentally included due to incorrect gating |
2024-04-22 | Michel Lind <salimma at fedoraproject dot org> - 3.2.1-1.1 | - Merge c9s openssl changes to pick up CVE fixes |
2024-04-03 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.2.1-1 | - Rebasing OpenSSL to 3.2.1 Resolves: RHEL-26271 |
2024-02-21 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.0.7-27 | - Use certified FIPS module instead of freshly built one in Red Hat distribution Related: RHEL-23474 |
2023-11-21 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.0.7-26 | - Avoid implicit function declaration when building openssl Related: RHEL-1780 - In FIPS mode, prevent any other operations when rsa_keygen_pairwise_test fails Resolves: RHEL-17104 - Add a directory for OpenSSL providers configuration Resolves: RHEL-17193 - Eliminate memory leak in OpenSSL when setting elliptic curves on SSL context Resolves: RHEL-19515 - POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129) Resolves: RHEL-21151 - Excessive time spent checking invalid RSA public keys (CVE-2023-6237) Resolves: RHEL-21654 - SSL ECDHE Kex fails when pkcs11 engine is set in config file Resolves: RHEL-20249 - Denial of service via null dereference in PKCS#12 Resolves: RHEL-22486 - Use certified FIPS module instead of freshly built one in Red Hat distribution Resolves: RHEL-23474 |
2023-10-16 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 1:3.0.7-25 | - Provide relevant diagnostics when FIPS checksum is corrupted Resolves: RHEL-5317 - Don't limit using SHA1 in KDFs in non-FIPS mode. Resolves: RHEL-5295 - Provide empty evp_properties section in main OpenSSL configuration file Resolves: RHEL-11439 - Avoid implicit function declaration when building openssl Resolves: RHEL-1780 - Forbid explicit curves when created via EVP_PKEY_fromdata Resolves: RHEL-5304 - AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries (CVE-2023-2975) Resolves: RHEL-5302 - Excessive time spent checking DH keys and parameters (CVE-2023-3446) Resolves: RHEL-5306 - Excessive time spent checking DH q parameter value (CVE-2023-3817) Resolves: RHEL-5308 - Fix incorrect cipher key and IV length processing (CVE-2023-5363) Resolves: RHEL-13251 - Switch explicit FIPS indicator for RSA-OAEP to approved following clarification with CMVP Resolves: RHEL-14083 - Backport the check required by SP800-56Br2 6.4.1.2.1 (3.c) Resolves: RHEL-14083 - Add missing ECDH Public Key Check in FIPS mode Resolves: RHEL-15990 - Excessive time spent in DH check/generation with large Q parameter value (CVE-2023-5678) Resolves: RHEL-15954 |