[ol8_baseos_latest] openssl-devel-1:1.1.1k-15.el8_6.aarch64

Name:	openssl-devel
Epoch:	1
Version:	1.1.1k
Release:	15.el8_6
Architecture:	aarch64
Group:	Unspecified
Size:	3548857
License:	OpenSSL and ASL 2.0
RPM:	openssl-devel-1.1.1k-15.el8_6.aarch64.rpm
Source RPM:	openssl-1.1.1k-15.el8_6.src.rpm
Build Date:	Mon Feb 23 2026
Build Host:	build-ol8-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.openssl.org/
Summary:	Files for development of applications which will use OpenSSL
Description:	OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

Thu Feb 12 2026 Antonio Vieiro <avieirov@redhat.com> - 1:1.1.1k-15

- Fix CVE-2025-69419: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
  ticket_lifetime_hint exceed 1 week in TLSv1.3 and breaks compliant clients
  Resolves: RHEL-149165
  Resolves: RHEL-142715

Mon Dec 22 2025 Nikita Sanjay Patwa <npatwa@redhat.com> - 1:1.1.1k-14.1

- Backport fix for openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
  Fix CVE-2025-9230
  Resolves: RHEL-128615

Tue Sep 17 2024 Maurizio Barbaro <mbarbaro@redhat.com> - 1:1.1.1k-14

- Backport fix SSL_select_next proto from OpenSSL 3.2
  Fix CVE-2024-5535 
  Resolves: RHEL-45654

Thu Nov 30 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:1.1.1k-12

- Backport implicit rejection mechanism for RSA PKCS#1 v1.5 to RHEL-8 series
  (a proper fix for CVE-2020-25659)
  Resolves: RHEL-17694

Wed Nov 15 2023 Clemens Lang <cllang@redhat.com> - 1:1.1.1k-11

- Fix CVE-2023-5678: Generating excessively long X9.42 DH keys or checking
  excessively long X9.42 DH keys or parameters may be very slow
  Resolves: RHEL-16536

Thu Oct 19 2023 Clemens Lang <cllang@redhat.com> - 1:1.1.1k-10

- Fix CVE-2023-3446: Excessive time spent checking DH keys and parameters
  Resolves: RHEL-14243
- Fix CVE-2023-3817: Excessive time spent checking DH q parameter value
  Resolves: RHEL-14237

Thu May 04 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:1.1.1k-9

- Fixed Timing Oracle in RSA Decryption
  Resolves: CVE-2022-4304
- Fixed Double free after calling PEM_read_bio_ex
  Resolves: CVE-2022-4450
- Fixed Use-after-free following BIO_new_NDEF
  Resolves: CVE-2023-0215

Wed Feb 08 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:1.1.1k-8

- Fixed X.400 address type confusion in X.509 GeneralName
  Resolves: CVE-2023-0286

Tue Jul 05 2022 Clemens Lang <cllang@redhat.com> - 1:1.1.1k-7

- Fix CVE-2022-2097: AES OCB fails to encrypt some bytes on 32-bit x86
  Resolves: CVE-2022-2097
- Update expired certificates used in the testsuite
  Resolves: rhbz#2100554
- Fix CVE-2022-1292: openssl: c_rehash script allows command injection
  Resolves: rhbz#2090371
- Fix CVE-2022-2068: the c_rehash script allows command injection
  Resolves: rhbz#2098278

Wed Mar 23 2022 Clemens Lang <cllang@redhat.com> - 1:1.1.1k-6

- Fixes CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
- Resolves: rhbz#2067145