[ol7_u8_security_validation] openssl-libs-10:1.0.2k-24.0.3.el7_9_fips.x86_64

Name:	openssl-libs
Epoch:	10
Version:	1.0.2k
Release:	24.0.3.el7_9_fips
Architecture:	x86_64
Group:	System Environment/Libraries
Size:	3224988
License:	OpenSSL
RPM:	openssl-libs-1.0.2k-24.0.3.el7_9_fips.x86_64.rpm
Source RPM:	openssl-1.0.2k-24.0.3.el7_9_fips.src.rpm
Build Date:	Fri Mar 18 2022
Build Host:	build-ol7-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.openssl.org/
Summary:	A general purpose cryptography library with TLS implementation
Description:	OpenSSL is a toolkit for supporting cryptography. The openssl-libs package contains the libraries that are used by various applications which support cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

Wed Mar 16 2022 Lukáš Lipinský <lukas.lipinsky@oracle.com> 1.0.2k-24.0.3

- fix CVE-2022-0778 openssl: Fix possible infinite loop in BN_mod_sqrt()
- Change Epoch from 1 to 10
- Fix DH self-test to add shared secret comparison [Orabug: 32467026]
- Add DH support changes for SP 800-56A rev3 requirements [Orabug: 32467059]
- Add TLS KDF self-test [Orabug: 32467193]
- Add EC keys pairwise consistency test [Orabug: 32467059]

Thu Jan 13 2022 Sahana Prasad <sahana@redhat.com> 1.0.2k-24

- Updates patch openssl-1.0.2k-cve-2021-3712.patch to only free on push failure.
- Resolves: rhbz#2039993

Sat Nov 20 2021 Sahana Prasad <sahana@redhat.com> 1.0.2k-23

- fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings
- Resolves: rhbz#1996054

Wed Sep 01 2021 Sahana Prasad <sahana@redhat.com> 1.0.2k-22

- fix CVE-2021-23841 openssl: NULL pointer dereference
  in X509_issuer_and_serial_hash()
- fix CVE-2021-23840 openssl: integer overflow in CipherUpdate
- Resolves: rhbz#1932132, rhbz#1932126

Fri Dec 04 2020 Sahana Prasad <sahana@redhat.com> 1.0.2k-21

- remove ASN1_F_ASN1_ITEM_EMBED_D2I from openssl-1.0.2k-cve-2020-1971.patch

Fri Dec 04 2020 Sahana Prasad <sahana@redhat.com> 1.0.2k-20

- fix CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

Tue Apr 09 2019 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-19

- close the RSA decryption 9 lives of Bleichenbacher cat
  timing side channel (#1649568)

Fri Apr 05 2019 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-18

- fix CVE-2018-0734 - DSA signature local timing side channel
- fix CVE-2019-1559 - 0-byte record padding oracle
- close the RSA decryption One & done EM side channel (#1619558)

Wed Feb 06 2019 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-17

- use SHA-256 in FIPS RSA pairwise key check
- fix CVE-2018-5407 (and CVE-2018-0735) - EC signature local
  timing side-channel key extraction

Tue Aug 14 2018 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-16

- fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA
- fix incorrect error message on FIPS DSA parameter generation (#1603597)