[ol8_baseos_latest] openssl-1:1.1.1g-12.el8_3.aarch64

The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

Changelog (Show File list) (Show related packages)

• Fri Dec 04 2020 Sahana Prasad <sahana@redhat.com> 1.1.1g-12

  - Fix CVE-2020-1971 ediparty null pointer dereference

• Mon Nov 02 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-11.1

  - Implemented new FIPS requirements in regards to KDF and DH selftests
  - Disallow certificates with explicit EC parameters

• Mon Jul 20 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-11

  - Further changes for SP 800-56A rev3 requirements

• Tue Jun 23 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-9

  - Rewire FIPS_drbg API to use the RAND_DRBG
  - Use the well known DH groups in TLS even for 2048 and 1024 bit parameters

• Mon Jun 08 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-7

  - Disallow dropping Extended Master Secret extension
    on renegotiation
  - Return alert from s_server if ALPN protocol does not match
  - SHA1 is allowed in @SECLEVEL=2 only if allowed by
    TLS SigAlgs configuration

• Wed Jun 03 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-6

  - Add FIPS selftest for PBKDF2 and KBKDF

• Wed May 27 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-5

  - Allow only well known DH groups in the FIPS mode

• Mon May 18 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-1

  - update to the 1.1.1g release
  - FIPS module installed state definition is modified

• Thu Mar 05 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-15

  - add selftest of the RAND_DRBG implementation

• Wed Feb 19 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-14

  - fix incorrect error return value from FIPS_selftest_dsa
  - S390x: properly restore SIGILL signal handler