[ol7_latest_archive] openssl-devel-1:1.0.1e-51.el7_2.1.x86_64

Name:	openssl-devel
Epoch:	1
Version:	1.0.1e
Release:	51.el7_2.1
Architecture:	x86_64
Group:	Development/Libraries
Size:	2313392
License:	OpenSSL
RPM:	openssl-devel-1.0.1e-51.el7_2.1.x86_64.rpm
Source RPM:	openssl-1.0.1e-51.el7_2.1.src.rpm
Build Date:	Mon Dec 14 2015
Build Host:	x86-ol7-builder-02.us.oracle.com
Vendor:	Oracle America
URL:	http://www.openssl.org/
Summary:	Files for development of applications which will use OpenSSL
Description:	OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

Fri Dec 04 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.1

- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter
- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak
- fix CVE-2015-3196 - race condition when handling PSK identity hint

Tue Jun 23 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51

- fix the CVE-2015-1791 fix (broken server side renegotiation)

Thu Jun 11 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-50

- improved fix for CVE-2015-1791
- add missing parts of CVE-2015-0209 fix for corectness although unexploitable

Tue Jun 09 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-49

- fix CVE-2014-8176 - invalid free in DTLS buffering code
- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time
- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent
- fix CVE-2015-1791 - race condition handling NewSessionTicket
- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function

Wed Jun 03 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-48

- fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on
  read in multithreaded applications

Mon May 25 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-47

- fix CVE-2015-4000 - prevent the logjam attack on client - restrict
  the DH key size to at least 768 bits (limit will be increased in future)

Wed Mar 25 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-46

- drop the AES-GCM restriction of 2^32 operations because the IV is
  always 96 bits (32 bit fixed field + 64 bit invocation field)

Thu Mar 19 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-45

- update fix for CVE-2015-0287 to what was released upstream

Wed Mar 18 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-44

- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0292 - integer underflow in base64 decoder
- fix CVE-2015-0293 - triggerable assert in SSLv2 server

Mon Mar 16 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-43
```
- fix broken error detection when unwrapping unpadded key
```