[ol7_optional_archive] openssl-perl-1:1.0.1e-42.el7_1.4.x86_64

Name:	openssl-perl
Epoch:	1
Version:	1.0.1e
Release:	42.el7_1.4
Architecture:	x86_64
Group:	Applications/Internet
Size:	20265
License:	OpenSSL
RPM:	openssl-perl-1.0.1e-42.el7_1.4.x86_64.rpm
Source RPM:	openssl-1.0.1e-42.el7_1.4.src.rpm
Build Date:	Mon Mar 23 2015
Build Host:	ca-build56.us.oracle.com
Vendor:	Oracle America
URL:	http://www.openssl.org/
Summary:	Perl scripts provided with OpenSSL
Description:	OpenSSL is a toolkit for supporting cryptography. The openssl-perl package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit.

Changelog (Show File list) (Show related packages)

Thu Mar 19 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-42.4

- update fix for CVE-2015-0287 to what was released upstream

Wed Mar 18 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-42.3

- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0292 - integer underflow in base64 decoder
- fix CVE-2015-0293 - triggerable assert in SSLv2 server

Mon Mar 16 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-42.2
```
- fix broken error detection when unwrapping unpadded key
```

Mon Mar 02 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-42.1

- fix the RFC 5649 for key material that does not need padding

Thu Jan 15 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-42

- test in the non-FIPS RSA keygen for minimal distance of p and q
  similarly to the FIPS RSA keygen

Tue Jan 13 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-41

- fix CVE-2014-3570 - incorrect computation in BN_sqr()
- fix CVE-2014-3571 - possible crash in dtls1_get_record()
- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state
- fix CVE-2014-8275 - various certificate fingerprint issues
- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export
  ciphersuites and on server
- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate
- fix CVE-2015-0206 - possible memory leak when buffering DTLS records

Tue Oct 21 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-40

- use FIPS approved method for computation of d in RSA
- copy digest algorithm when handling SNI context switch

Wed Oct 15 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-39

- fix CVE-2014-3567 - memory leak when handling session tickets
- fix CVE-2014-3513 - memory leak in srtp support
- add support for fallback SCSV to partially mitigate CVE-2014-3566
  (padding attack on SSL3)

Wed Sep 24 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-38
```
- do FIPS algorithm selftest before the integrity check
```

Thu Sep 18 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-37

- add support for RFC 5649 (#1119738)
- do not pass the FIPS integrity check if the .hmac files are empty (#1128849)
- add ECC TLS extensions to DTLS (#1119803)
- do not send ECC ciphersuites in SSLv2 client hello (#1090955)
- properly propagate encryption failure in BIO_f_cipher (#1072439)
- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support
- improve documentation of ciphersuites - patch by Hubert Kario (#1108026)
- use case insensitive comparison for servername in s_server (#1081163)
- add support for automatic ECDH curve selection on server (#1080128)
- FIPS mode: make the limitations on DSA, DH, and RSA keygen
  length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment
  variable is set