[ol8_developer_EPEL] openssl3-devel-3.2.2-2.1.el8.x86_64

OpenSSL is a toolkit for supporting cryptography. The openssl-devel
package contains include files needed to develop applications which
support various cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

• Mon Jun 17 2024 Michel Lind <salimma@fedoraproject.org> - 3.2.2-2.1

  - Merge c9s openssl changes to pick up CVE fixes

• Wed Jun 12 2024 Daiki Ueno <dueno@redhat.com> - 1:3.2.2-2

  - Add workaround for EVP_PKEY_CTX_add1_hkdf_info with older providers
    Resolves: RHEL-40823

• Wed Jun 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-1

  - Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741,
    and Minerva attack.
    Resolves: RHEL-32148
    Resolves: RHEL-36792
    Resolves: RHEL-38514
    Resolves: RHEL-39111

• Thu May 23 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.1-2

  - Update RNG changing for FIPS purpose
    Resolves: RHEL-35380

• Thu May 02 2024 Michel Lind <salimma@fedoraproject.org> - 3.2.1-1.2

  - Drop openssl-fips-provider requirement, accidentally included due to incorrect gating

• Mon Apr 22 2024 Michel Lind <salimma@fedoraproject.org> - 3.2.1-1.1

  - Merge c9s openssl changes to pick up CVE fixes

• Wed Apr 03 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.1-1

  - Rebasing OpenSSL to 3.2.1
    Resolves: RHEL-26271

• Wed Feb 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-27

  - Use certified FIPS module instead of freshly built one in Red Hat distribution
    Related: RHEL-23474

• Tue Nov 21 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-26

  - Avoid implicit function declaration when building openssl
    Related: RHEL-1780
  - In FIPS mode, prevent any other operations when rsa_keygen_pairwise_test fails
    Resolves: RHEL-17104
  - Add a directory for OpenSSL providers configuration
    Resolves: RHEL-17193
  - Eliminate memory leak in OpenSSL when setting elliptic curves on SSL context
    Resolves: RHEL-19515
  - POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)
    Resolves: RHEL-21151
  - Excessive time spent checking invalid RSA public keys (CVE-2023-6237)
    Resolves: RHEL-21654
  - SSL ECDHE Kex fails when pkcs11 engine is set in config file
    Resolves: RHEL-20249
  - Denial of service via null dereference in PKCS#12
    Resolves: RHEL-22486
  - Use certified FIPS module instead of freshly built one in Red Hat distribution
    Resolves: RHEL-23474

• Mon Oct 16 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-25

  - Provide relevant diagnostics when FIPS checksum is corrupted
    Resolves: RHEL-5317
  - Don't limit using SHA1 in KDFs in non-FIPS mode.
    Resolves: RHEL-5295
  - Provide empty evp_properties section in main OpenSSL configuration file
    Resolves: RHEL-11439
  - Avoid implicit function declaration when building openssl
    Resolves: RHEL-1780
  - Forbid explicit curves when created via EVP_PKEY_fromdata
    Resolves: RHEL-5304
  - AES-SIV cipher implementation contains a bug that causes it to ignore empty
    associated data entries (CVE-2023-2975)
    Resolves: RHEL-5302
  - Excessive time spent checking DH keys and parameters (CVE-2023-3446)
    Resolves: RHEL-5306
  - Excessive time spent checking DH q parameter value (CVE-2023-3817)
    Resolves: RHEL-5308
  - Fix incorrect cipher key and IV length processing (CVE-2023-5363)
    Resolves: RHEL-13251
  - Switch explicit FIPS indicator for RSA-OAEP to approved following
    clarification with CMVP
    Resolves: RHEL-14083
  - Backport the check required by SP800-56Br2 6.4.1.2.1 (3.c)
    Resolves: RHEL-14083
  - Add missing ECDH Public Key Check in FIPS mode
    Resolves: RHEL-15990
  - Excessive time spent in DH check/generation with large Q parameter value (CVE-2023-5678)
    Resolves: RHEL-15954