[ol9_appstream] openssl-devel-1:3.0.1-41.0.1.el9_0.aarch64

Name:	openssl-devel
Epoch:	1
Version:	3.0.1
Release:	41.0.1.el9_0
Architecture:	aarch64
Group:	Unspecified
Size:	4842702
License:	ASL 2.0
RPM:	openssl-devel-3.0.1-41.0.1.el9_0.aarch64.rpm
Source RPM:	openssl-3.0.1-41.0.1.el9_0.src.rpm
Build Date:	Tue Aug 30 2022
Build Host:	build-ol9-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.openssl.org/
Summary:	Files for development of applications which will use OpenSSL
Description:	OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

Tue Aug 30 2022 EL Errata <el-errata_ww@oracle.com> - 3.0.1-41.0.1
```
- Replace upstream references [Orabug: 34340177]
```

Thu Aug 11 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-41

- Zeroize public keys as required by FIPS 140-3
  Resolves: rhbz#2115861
- Add FIPS indicator for HKDF
  Resolves: rhbz#2118388

Fri Aug 05 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-40

- Deal with DH keys in FIPS mode according FIPS-140-3 requirements
  Related: rhbz#2115856
- Deal with ECDH keys in FIPS mode according FIPS-140-3 requirements
  Related: rhbz#2115857
- Use signature for RSA pairwise test according FIPS-140-3 requirements
  Related: rhbz#2115858
- Reseed all the parent DRBGs in chain on reseeding a DRBG
  Related: rhbz#2115859
- Zeroization according to FIPS-140-3 requirements
  Related: rhbz#2115861

Mon Aug 01 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-39

- Use RSA-OAEP in FIPS RSA encryption/decryption FIPS self-test
- Use Use digest_sign & digest_verify in FIPS signature self test
- Use FFDHE2048 in Diffie-Hellman FIPS self-test
  Resolves: rhbz#2112978

Thu Jul 14 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-38

- Fix segfault in EVP_PKEY_Q_keygen() when OpenSSL was not previously
  initialized.
  Resolves: rhbz#2107530
- Improve AES-GCM performance on Power9 and Power10 ppc64le
  Resolves: rhbz#2103044
- Improve ChaCha20 performance on Power10 ppc64le
  Resolves: rhbz#2103044

Tue Jul 05 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-37

- CVE-2022-2097: AES OCB fails to encrypt some bytes on 32-bit x86
  Resolves: CVE-2022-2097

Thu Jun 16 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-36

- Ciphersuites with RSAPSK KX should be filterd in FIPS mode
- Related: rhbz#2091994
- FIPS provider should block RSA encryption for key transport.
- Other RSA encryption options should still be available if key length is enough
- Related: rhbz#2091977
- Improve diagnostics when passing unsupported groups in TLS
- Related: rhbz#2086554
- Fix PPC64 Montgomery multiplication bug
- Related: rhbz#2101346
- Strict certificates validation shouldn't allow explicit EC parameters
- Related: rhbz#2085521
- CVE-2022-2068: the c_rehash script allows command injection
- Related: rhbz#2098276

Wed Jun 08 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-35

- Add explicit indicators for signatures in FIPS mode and mark signature
  primitives as unapproved.
  Resolves: rhbz#2087234

Fri Jun 03 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-34

- Some OpenSSL test certificates are expired, updating
- Resolves: rhbz#2095696

Thu May 26 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-33

- CVE-2022-1473 openssl: OPENSSL_LH_flush() breaks reuse of memory
- Resolves: rhbz#2089443
- CVE-2022-1343 openssl: Signer certificate verification returned
  inaccurate response when using OCSP_NOCHECKS
- Resolves: rhbz#2089439
- CVE-2022-1292 openssl: c_rehash script allows command injection
- Resolves: rhbz#2090361
- Revert "Disable EVP_PKEY_sign/EVP_PKEY_verify in FIPS mode"
  Related: rhbz#2087234
- Use KAT for ECDSA signature tests, s390 arch
- Resolves: rhbz#2086866