-
Mon Mar 20 2023 Alan Steinberg <alan.steinberg@oracle.com> - 1.0.2k-26_fips
- Change Epoch from 1 to 10
- Fix DH self-test to add shared secret comparison [Orabug: 32467026]
- Add DH support changes for SP 800-56A rev3 requirements [Orabug: 32467059]
- Add TLS KDF self-test [Orabug: 32467193]
- Add EC keys pairwise consistency test [Orabug: 32467059]
-
Fri Mar 10 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:1.0.2k-26
- Fixes CVE-2023-0286 X.400 address type confusion in X.509 GeneralName
- Resolves: rhbz#2176790
-
Wed Mar 23 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:1.0.2k-25
- Fixes CVE-2022-2078 Infinite loop in BN_mod_sqrt() reachable when parsing certificates
- Related: rhbz#2067160
-
Thu Jan 13 2022 Sahana Prasad <sahana@redhat.com> 1.0.2k-24
- Updates patch openssl-1.0.2k-cve-2021-3712.patch to only free on push failure.
- Resolves: rhbz#2039993
-
Sat Nov 20 2021 Sahana Prasad <sahana@redhat.com> 1.0.2k-23
- fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings
- Resolves: rhbz#1996054
-
Wed Sep 01 2021 Sahana Prasad <sahana@redhat.com> 1.0.2k-22
- fix CVE-2021-23841 openssl: NULL pointer dereference
in X509_issuer_and_serial_hash()
- fix CVE-2021-23840 openssl: integer overflow in CipherUpdate
- Resolves: rhbz#1932132, rhbz#1932126
-
Fri Dec 04 2020 Sahana Prasad <sahana@redhat.com> 1.0.2k-21
- remove ASN1_F_ASN1_ITEM_EMBED_D2I from openssl-1.0.2k-cve-2020-1971.patch
-
Fri Dec 04 2020 Sahana Prasad <sahana@redhat.com> 1.0.2k-20
- fix CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference
-
Tue Apr 09 2019 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-19
- close the RSA decryption 9 lives of Bleichenbacher cat
timing side channel (#1649568)
-
Fri Apr 05 2019 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-18
- fix CVE-2018-0734 - DSA signature local timing side channel
- fix CVE-2019-1559 - 0-byte record padding oracle
- close the RSA decryption One & done EM side channel (#1619558)