[ol7_u8_security_validation] openssl-devel-10:1.0.2k-23.0.1.el7_9_fips.aarch64

Name:	openssl-devel
Epoch:	10
Version:	1.0.2k
Release:	23.0.1.el7_9_fips
Architecture:	aarch64
Group:	Development/Libraries
Size:	3271793
License:	OpenSSL
RPM:	openssl-devel-1.0.2k-23.0.1.el7_9_fips.aarch64.rpm
Source RPM:	openssl-1.0.2k-23.0.1.el7_9_fips.src.rpm
Build Date:	Thu Jan 13 2022
Build Host:	build-ol7-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.openssl.org/
Summary:	Files for development of applications which will use OpenSSL
Description:	OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

Tue Jan 11 2022 John Mcwalters <john.mcwalters@oracle.com> 1.0.2k-23.0.1

- Change Epoch from 1 to 10
- Fix DH self-test to add shared secret comparison [Orabug: 32467026]
- Add DH support changes for SP 800-56A rev3 requirements [Orabug: 32467059]
- Add TLS KDF self-test [Orabug: 32467193]
- Add EC keys pairwise consistency test [Orabug: 32467059]

Sat Nov 20 2021 Sahana Prasad <sahana@redhat.com> 1.0.2k-23

- fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings
- Resolves: rhbz#1996054

Wed Sep 01 2021 Sahana Prasad <sahana@redhat.com> 1.0.2k-22

- fix CVE-2021-23841 openssl: NULL pointer dereference
  in X509_issuer_and_serial_hash()
- fix CVE-2021-23840 openssl: integer overflow in CipherUpdate
- Resolves: rhbz#1932132, rhbz#1932126

Fri Dec 04 2020 Sahana Prasad <sahana@redhat.com> 1.0.2k-21

- remove ASN1_F_ASN1_ITEM_EMBED_D2I from openssl-1.0.2k-cve-2020-1971.patch

Fri Dec 04 2020 Sahana Prasad <sahana@redhat.com> 1.0.2k-20

- fix CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

Tue Apr 09 2019 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-19

- close the RSA decryption 9 lives of Bleichenbacher cat
  timing side channel (#1649568)

Fri Apr 05 2019 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-18

- fix CVE-2018-0734 - DSA signature local timing side channel
- fix CVE-2019-1559 - 0-byte record padding oracle
- close the RSA decryption One & done EM side channel (#1619558)

Wed Feb 06 2019 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-17

- use SHA-256 in FIPS RSA pairwise key check
- fix CVE-2018-5407 (and CVE-2018-0735) - EC signature local
  timing side-channel key extraction

Tue Aug 14 2018 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-16

- fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA
- fix incorrect error message on FIPS DSA parameter generation (#1603597)

Tue Jun 19 2018 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-14
```
- ppc64le is not multilib architecture (#1585004)
```