[ol9_u3_security_validation] openssl-devel-10:3.0.7-25.0.1.el9_3_fips.aarch64

Name:	openssl-devel
Epoch:	10
Version:	3.0.7
Release:	25.0.1.el9_3_fips
Architecture:	aarch64
Group:	Unspecified
Size:	4879861
License:	ASL 2.0
RPM:	openssl-devel-3.0.7-25.0.1.el9_3_fips.aarch64.rpm
Source RPM:	openssl-3.0.7-25.0.1.el9_3_fips.src.rpm
Build Date:	Fri Apr 19 2024
Build Host:	build-ol9-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.openssl.org/
Summary:	Files for development of applications which will use OpenSSL
Description:	OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols.

Changelog (Show File list) (Show related packages)

Thu Apr 18 2024 Pooja Senthil Kumar <pooja.senthil.kumar@oracle.com> - 1:3.0.7-25.0.1_fips

- Replace upstream references in fips man pages [Orabug: 35824276]
- Add FIPS package change: add fips suffix to Release and
  set Epoch to 10 [Orabug: 35824276]
- Update FIPS module name and remove upstream references from
  fips_module_indicators manpage [Orabug: 35824276]

Mon Jan 22 2024 Darren Archibald <darren.archibald@oracle.com> - 1:3.0.7-25.0.1
```
- Replace upstream references [Orabug: 34340177]
```

Mon Oct 16 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-25

- Provide relevant diagnostics when FIPS checksum is corrupted
  Resolves: RHEL-5317
- Don't limit using SHA1 in KDFs in non-FIPS mode.
  Resolves: RHEL-5295
- Provide empty evp_properties section in main OpenSSL configuration file
  Resolves: RHEL-11439
- Avoid implicit function declaration when building openssl
  Resolves: RHEL-1780
- Forbid explicit curves when created via EVP_PKEY_fromdata
  Resolves: RHEL-5304
- AES-SIV cipher implementation contains a bug that causes it to ignore empty
  associated data entries (CVE-2023-2975)
  Resolves: RHEL-5302
- Excessive time spent checking DH keys and parameters (CVE-2023-3446)
  Resolves: RHEL-5306
- Excessive time spent checking DH q parameter value (CVE-2023-3817)
  Resolves: RHEL-5308
- Fix incorrect cipher key and IV length processing (CVE-2023-5363)
  Resolves: RHEL-13251
- Switch explicit FIPS indicator for RSA-OAEP to approved following
  clarification with CMVP
  Resolves: RHEL-14083
- Backport the check required by SP800-56Br2 6.4.1.2.1 (3.c)
  Resolves: RHEL-14083
- Add missing ECDH Public Key Check in FIPS mode
  Resolves: RHEL-15990
- Excessive time spent in DH check/generation with large Q parameter value (CVE-2023-5678)
  Resolves: RHEL-15954

Wed Jul 12 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-24

- Make FIPS module configuration more crypto-policies friendly
  Related: rhbz#2216256

Tue Jul 11 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-23

- Add a workaround for lack of EMS in FIPS mode
  Resolves: rhbz#2216256

Thu Jul 06 2023 Sahana Prasad <sahana@redhat.com> - 1:3.0.7-22

- Remove unsupported curves from nist_curves.
  Resolves: rhbz#2069336

Mon Jun 26 2023 Sahana Prasad <sahana@redhat.com> - 1:3.0.7-21

- Remove the listing of brainpool curves in FIPS mode.
  Related: rhbz#2188180

Tue May 30 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-20

- Fix possible DoS translating ASN.1 object identifiers
  Resolves: CVE-2023-2650
- Release the DRBG in global default libctx early
  Resolves: rhbz#2211340

Mon May 22 2023 Clemens Lang <cllang@redhat.com> - 1:3.0.7-19

- Re-enable DHX keys in FIPS mode, disable FIPS 186-4 parameter validation and generation in FIPS mode
  Resolves: rhbz#2169757

Thu May 18 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-18

- Use OAEP padding and aes-128-cbc by default in cms command in FIPS mode
  Resolves: rhbz#2160797