[ol7_latest_archive] openssl-devel-1:1.0.1e-51.el7_2.7.x86_64

Name:	openssl-devel
Epoch:	1
Version:	1.0.1e
Release:	51.el7_2.7
Architecture:	x86_64
Group:	Development/Libraries
Size:	2313533
License:	OpenSSL
RPM:	openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm
Source RPM:	openssl-1.0.1e-51.el7_2.7.src.rpm
Build Date:	Tue Sep 27 2016
Build Host:	x86-ol7-builder-01.us.oracle.com
Vendor:	Oracle America
URL:	http://www.openssl.org/
Summary:	Files for development of applications which will use OpenSSL
Description:	OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

Thu Sep 22 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.7

- fix CVE-2016-2177 - possible integer overflow
- fix CVE-2016-2178 - non-constant time DSA operations
- fix CVE-2016-2179 - further DoS issues in DTLS
- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()
- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue
- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()
- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check
- fix CVE-2016-6304 - unbound memory growth with OCSP status request
- fix CVE-2016-6306 - certificate message OOB reads
- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to
  112 bit effective strength
- replace expired testing certificates

Fri Apr 29 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.5

- fix CVE-2016-2105 - possible overflow in base64 encoding
- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()
- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC
- fix CVE-2016-2108 - memory corruption in ASN.1 encoder
- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO
- fix CVE-2016-0799 - memory issues in BIO_printf

Wed Feb 24 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.4

- fix CVE-2016-0702 - side channel attack on modular exponentiation
- fix CVE-2016-0705 - double-free in DSA private key parsing
- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn

Tue Feb 16 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.3

- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement
- disable SSLv2 in the generic TLS method

Mon Dec 21 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.2
```
- fix CVE-2015-7575 - disallow use of MD5 in TLS1.2
```

Fri Dec 04 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.1

- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter
- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak
- fix CVE-2015-3196 - race condition when handling PSK identity hint

Tue Jun 23 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51

- fix the CVE-2015-1791 fix (broken server side renegotiation)

Thu Jun 11 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-50

- improved fix for CVE-2015-1791
- add missing parts of CVE-2015-0209 fix for corectness although unexploitable

Tue Jun 09 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-49

- fix CVE-2014-8176 - invalid free in DTLS buffering code
- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time
- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent
- fix CVE-2015-1791 - race condition handling NewSessionTicket
- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function

Wed Jun 03 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-48

- fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on
  read in multithreaded applications