[ol8_u4_security_validation] openssl-devel-1:1.1.1g-15.el8_3.aarch64

OpenSSL is a toolkit for supporting cryptography. The openssl-devel
package contains include files needed to develop applications which
support various cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

• Thu Mar 25 2021 Sahana Prasad <sahana@redhat.com> 1.1.1g-15

  - version bump

• Wed Mar 24 2021 Sahana Prasad <sahana@redhat.com> 1.1.1g-14

  - CVE-2021-3450 openssl: CA certificate check
    bypass with X509_V_FLAG_X509_STRICT

• Wed Mar 24 2021 Sahana Prasad <sahana@redhat.com> 1.1.1g-13

  - Fix CVE-2021-3449 NULL pointer deref in signature_algorithms processing

• Fri Dec 04 2020 Sahana Prasad <sahana@redhat.com> 1.1.1g-12

  - Fix CVE-2020-1971 ediparty null pointer dereference

• Mon Nov 02 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-11.1

  - Implemented new FIPS requirements in regards to KDF and DH selftests
  - Disallow certificates with explicit EC parameters

• Mon Jul 20 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-11

  - Further changes for SP 800-56A rev3 requirements

• Tue Jun 23 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-9

  - Rewire FIPS_drbg API to use the RAND_DRBG
  - Use the well known DH groups in TLS even for 2048 and 1024 bit parameters

• Mon Jun 08 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-7

  - Disallow dropping Extended Master Secret extension
    on renegotiation
  - Return alert from s_server if ALPN protocol does not match
  - SHA1 is allowed in @SECLEVEL=2 only if allowed by
    TLS SigAlgs configuration

• Wed Jun 03 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-6

  - Add FIPS selftest for PBKDF2 and KBKDF

• Wed May 27 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-5

  - Allow only well known DH groups in the FIPS mode