-
Fri Oct 05 2018 Isaac Chen <isac.chen@oracle.com> - 1.0.2k-12.0.3
- Oracle bug 28672370: backport CVE-2018-0732
- Oracle bug 28672351: backport CVE-2018-0737
-
Fri Jan 26 2018 EL Errata <el-errata_ww@oracle.com> - 1.0.2k-12.0.1
- sha256 is used for the RSA pairwise consistency test instead of sha1
-
Wed Dec 13 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-12
- fix CVE-2017-3737 - incorrect handling of fatal error state
- fix CVE-2017-3738 - AVX2 Montgomery multiplication bug with 1024 bit modulus
-
Wed Dec 06 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-11
- fix deadlock in RNG in the FIPS mode in mariadb
-
Tue Nov 07 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-9
- fix CVE-2017-3736 - carry propagation bug in Montgomery multiplication
-
Wed May 17 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-8
- fix regression in openssl req -x509 command (#1450015)
-
Thu Apr 13 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-7
- handle incorrect size gracefully in aes_p8_cbc_encrypt()
-
Mon Mar 27 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-6
- allow long client hellos to be received by server
-
Mon Mar 27 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-5
- fix CPU features detection on new AMD processors
-
Thu Mar 09 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.2k-4
- add support for additional STARTTLS protocols to s_client
original backported patch by Robert Scheck (#1396209)