[ol6_addons] openssl-fips-devel-1.0.1m-2.0.1.el6.x86_64

Name:	openssl-fips-devel
Version:	1.0.1m
Release:	2.0.1.el6
Architecture:	x86_64
Group:	Development/Libraries
Size:	2510464
License:	OpenSSL
RPM:	openssl-fips-devel-1.0.1m-2.0.1.el6.x86_64.rpm
Source RPM:	openssl-fips-1.0.1m-2.0.1.el6.src.rpm
Build Date:	Tue Mar 24 2015
Build Host:	ca-build44.us.oracle.com
Vendor:	Oracle America
URL:	http://www.openssl.org/
Summary:	Files for development of applications which will use OpenSSL
Description:	OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

Mon Mar 23 2015 Tianyue Lan <tianyue.lan@oracle.com> - 1.0.1m-2.0.1

- update to upstream 1.0.1m
- update to fips canister 2.0.9
- regenerated below patches 
      openssl-1.0.1-beta2-rpmbuild.patch
      openssl-1.0.1m-rhcompat.patch
      openssl-1.0.1m-ecc-suiteb.patch
      openssl-1.0.1m-fips-mode.patch
      openssl-1.0.1m-version.patch
      openssl-1.0.1m-evp-devel.patch

Thu Dec 11 2014 Dwight Engen <dwight.engen@oracle.com> 1.0.1j-2.0.4

- [Orabug 20182267] The openssl-fips-devel package should Provide:
  openssl-devel and openssl-devel(x86-64) like the standard -devel
  package
- The openssl-fips-devel package should include fips.h and fips_rand.h
  for apps that want to build against FIPS* APIs

Thu Dec 04 2014 Dwight Engen <dwight.engen@oracle.com> 1.0.1j-2.0.3

- [Orabug 20086847] reintroduce patch openssl-1.0.1e-ecc-suiteb.patch,
  update ec_curve.c which gets copied into build tree to match the patch
  (ie only have curves which are advertised). The change items from the
  orignal patch are as follows:
- do not advertise ECC curves we do not support
- fix CPU identification on Cyrix CPUs

Fri Oct 31 2014 Dwight Engen <dwight.engen@oracle.com> 1.0.1j-2.0.2
```
- update README.FIPS with step-by-step install instructions
```

Mon Oct 20 2014 Dwight Engen <dwight.engen@oracle.com> 1.0.1j-2.0.1

- update to upstream 1.0.1j
- change name to openssl-fips
- change Obsoletes: openssl to Conflicts: openssl
- add Provides: openssl

Tue Sep 30 2014 Dwight Engen <dwight.engen@oracle.com> 1.0.1i-2.0.3.fips

- update to fips canister 2.0.8 to remove Dual EC DRBG
- run gcc -v so the gcc build version is captured in the build log

Fri Sep 12 2014 Dwight Engen <dwight.engen@oracle.com> 1.0.1i-2.0.2.fips

- flip EVP_CIPH_* flag bits for compatibility with original RH patched pkg

Wed Aug 13 2014 Dwight Engen <dwight.engen@oracle.com> 1.0.1i-2.0.1.fips

- build against upstream 1.0.1i
- build against fips validated canister 2.0.7
- add patch to support fips=1
- rename pkg to openssl-fips and Obsolete openssl

Mon Jun 02 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-16.14

- fix CVE-2010-5298 - possible use of memory after free
- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment
- fix CVE-2014-0198 - possible NULL pointer dereference
- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet
- fix CVE-2014-0224 - SSL/TLS MITM vulnerability
- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH

Mon Apr 07 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-16.7

- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension