[ol7_latest_archive] openssl098e-0.9.8e-29.el7_2.3.i686

The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols. This version of OpenSSL package is provided for compatibility
with the previous Red Hat Enterprise Linux release.

Changelog (Show File list) (Show related packages)

• Fri Mar 04 2016 Tomas Mraz <tmraz@redhat.com> 0.9.8e-29.3

  - fix CVE-2015-0293 - triggerable assert in SSLv2 server
  - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement
  - disable SSLv2 in the generic TLS method

• Tue Jun 03 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-29.2

  - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability

• Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 0.9.8e-29

  - Mass rebuild 2014-01-24

• Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 0.9.8e-28

  - Mass rebuild 2013-12-27

• Wed Jul 17 2013 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27

  - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)
  - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)
  - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB
    environment variable is set (fixes CVE-2012-4929 #857051)
  - use secure_getenv() everywhere instead of getenv() (#839735)

• Wed Jun 20 2012 Tomas Mraz <tmraz@redhat.com> 0.9.8e-26

  - merge fixes from the latest openssl-0.9.8e package

• Fri Apr 20 2012 Tomas Mraz <tmraz@redhat.com> 0.9.8e-18

  - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)

• Fri Apr 16 2010 Tomas Mraz <tmraz@redhat.com> 0.9.8e-17

  - create compat package

• Fri Mar 12 2010 Tomas Mraz <tmraz@redhat.com> 0.9.8e-16

  - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924)

• Thu Mar 04 2010 Tomas Mraz <tmraz@redhat.com> 0.9.8e-15

  - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which
    in the RHEL-5 and newer versions will crash in such case (#569774)