Name: | openssl-perl |
---|---|
Epoch: | 1 |
Version: | 1.0.2k |
Release: | 26.el7_9 |
Architecture: | x86_64 |
Group: | Applications/Internet |
Size: | 28567 |
License: | OpenSSL |
RPM: | openssl-perl-1.0.2k-26.el7_9.x86_64.rpm |
Source RPM: | openssl-1.0.2k-26.el7_9.src.rpm |
Build Date: | Mon Mar 20 2023 |
Build Host: | build-ol7-x86_64.oracle.com |
Vendor: | Oracle America |
URL: | http://www.openssl.org/ |
Summary: | Perl scripts provided with OpenSSL |
Description: | OpenSSL is a toolkit for supporting cryptography. The openssl-perl package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. |
- Fixes CVE-2023-0286 X.400 address type confusion in X.509 GeneralName - Resolves: rhbz#2176790
- Fixes CVE-2022-2078 Infinite loop in BN_mod_sqrt() reachable when parsing certificates - Related: rhbz#2067160
- Updates patch openssl-1.0.2k-cve-2021-3712.patch to only free on push failure. - Resolves: rhbz#2039993
- fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz#1996054
- fix CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() - fix CVE-2021-23840 openssl: integer overflow in CipherUpdate - Resolves: rhbz#1932132, rhbz#1932126
- remove ASN1_F_ASN1_ITEM_EMBED_D2I from openssl-1.0.2k-cve-2020-1971.patch
- fix CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference
- close the RSA decryption 9 lives of Bleichenbacher cat timing side channel (#1649568)
- fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done EM side channel (#1619558)
- use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 (and CVE-2018-0735) - EC signature local timing side-channel key extraction