openssl-libs-3.5.1-7.el9_7 RPM for i686

From AlmaLinux 9.7 BaseOS for x86_64

OpenSSL is a toolkit for supporting cryptography. The openssl-libs
package contains the libraries that are used by various applications which
support cryptographic algorithms and protocols.

Provides

• openssl-libs
• config(openssl-libs)
• libcrypto.so.3
• libcrypto.so.3(OPENSSL_3.0.0)
• libcrypto.so.3(OPENSSL_3.0.1)
• libcrypto.so.3(OPENSSL_3.0.3)
• libcrypto.so.3(OPENSSL_3.0.8)
• libcrypto.so.3(OPENSSL_3.0.9)
• libcrypto.so.3(OPENSSL_3.1.0)
• libcrypto.so.3(OPENSSL_3.2.0)
• libcrypto.so.3(OPENSSL_3.3.0)
• libcrypto.so.3(OPENSSL_3.4.0)
• libcrypto.so.3(OPENSSL_3.5.0)
• libssl.so.3
• libssl.so.3(OPENSSL_3.0.0)
• libssl.so.3(OPENSSL_3.2.0)
• libssl.so.3(OPENSSL_3.3.0)
• libssl.so.3(OPENSSL_3.4.0)
• libssl.so.3(OPENSSL_3.5.0)
• openssl-libs(x86-32)

Requires

• ca-certificates >= 2008-5
• config(openssl-libs) = 1:3.5.1-7.el9_7
• crypto-policies >= 20180730
• fips-provider-so
• libc.so.6
• libc.so.6(GLIBC_2.0)
• libc.so.6(GLIBC_2.1)
• libc.so.6(GLIBC_2.1.3)
• libc.so.6(GLIBC_2.12)
• libc.so.6(GLIBC_2.14)
• libc.so.6(GLIBC_2.16)
• libc.so.6(GLIBC_2.17)
• libc.so.6(GLIBC_2.2)
• libc.so.6(GLIBC_2.25)
• libc.so.6(GLIBC_2.28)
• libc.so.6(GLIBC_2.3)
• libc.so.6(GLIBC_2.3.2)
• libc.so.6(GLIBC_2.3.4)
• libc.so.6(GLIBC_2.33)
• libc.so.6(GLIBC_2.34)
• libc.so.6(GLIBC_2.4)
• libc.so.6(GLIBC_2.7)
• libcrypto.so.3
• libcrypto.so.3(OPENSSL_3.0.0)
• libcrypto.so.3(OPENSSL_3.0.1)
• libcrypto.so.3(OPENSSL_3.0.3)
• libcrypto.so.3(OPENSSL_3.2.0)
• libcrypto.so.3(OPENSSL_3.3.0)
• libcrypto.so.3(OPENSSL_3.4.0)
• libz.so.1
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

Apache-2.0

Changelog

* Fri Jan 16 2026 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.1-7
  - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469
    CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420
    CVE-2025-69421 CVE-2026-22795 CVE-2026-22796
    Resolves: RHEL-142068
    Resolves: RHEL-142002
    Resolves: RHEL-142055
    Resolves: RHEL-142051
    Resolves: RHEL-142047
    Resolves: RHEL-142043
    Resolves: RHEL-142039
    Resolves: RHEL-142035
    Resolves: RHEL-142031
    Resolves: RHEL-142011
    Resolves: RHEL-142027
    Resolves: RHEL-142023
* Wed Jan 07 2026 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.1-6
  - Fix AES/GCM ppc64le encrypt/decrypt
    Resolves: RHEL-139131
* Thu Dec 11 2025 Pavol Žáčik <pzacik@redhat.com> - 1:3.5.1-5
  - Do not make key share choice in tls1_set_groups()
    Resolves: RHEL-131010
* Thu Oct 23 2025 Pavol Žáčik <pzacik@redhat.com> - 1:3.5.1-4
  - Fix CVE-2025-9230
    Resolves: RHEL-115929
* Thu Jul 17 2025 Simo Sorce <simo@redhat.com> - 1:3.5.1-3
  - Add custom define to disable symbol versioning in downstream patched code
    Also add stricter Suggests for openssl-fips-provider
    Resolves: RHEL-104236
  - Fix Requires/Provider to fix default install of fips providers
    Resolves: RHEL-104856
* Wed Jul 16 2025 Simo Sorce <simo@redhat.com> - 1:3.5.1-2
  - Move fips.so to a seprate subpackage
    Reverts FIPS self test for SLH-DSA
    Add Suggests to try to prefer the openssl-fips-provider package
    over the fips-provider-next package by default
    Revolves: RHEL-102408
    Related: RHEL-80854
* Tue Jul 01 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.1-1
  - Rebasing to OpenSSL 3.5.1
    Resolves: RHEL-97797
    Resolves: RHEL-98723
    Resolves: RHEL-99352
* Mon Jun 02 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.0-4
  - Compact patches for better maintainability
    Related: RHEL-80854
  - Make hybrid MLKEM work with our FIPS provider (3.0.7)
    Resolves: RHEL-95239
* Thu May 22 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.0-3
  - Fix regressions caused by rebase to OpenSSL 3.5
    Related: RHEL-80854
* Fri May 02 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.0-2
  - OpenSSL ignores "rh-allow-sha1-signatures = yes" option on RHEL-9
    Resolves: RHEL-88910
  - PKCS#12 should not default to pbmac1 in FIPS mode in RHEL-9
    Resolves: RHEL-88912
  - Fix `openssl speed` running in FIPS mode
    Resolves: RHEL-89860
  - pkeyutl ecdsa signature with sha1 shouldn't work by default
    Resolves: RHEL-89861
  - Expose settable params for EVP_SKEY
    Resolves: RHEL-89862
  - Restore RHEL9-style indicators defines
    Resolves: RHEL-89859
  - Enable sslkeylog support
    Resolves: RHEL-90854
* Wed Apr 16 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.0-1
  - Rebasing OpenSSL to 3.5
    Resolves: RHEL-80854
    Resolves: RHEL-50208
    Resolves: RHEL-50210
    Resolves: RHEL-50211
    Resolves: RHEL-85954
* Wed Jan 29 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-7
  - RFC7250 handshakes with unauthenticated servers don't abort as expected (CVE-2024-12797)
    Resolves: RHEL-76756
* Thu Sep 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-6
  - rebuilt
    Related: RHEL-55339
* Wed Sep 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-5
  - Fix CVE-2024-6119: Possible denial of service in X.509 name checks
    Resolves: RHEL-55339
* Wed Aug 21 2024 Clemens Lang <cllang@redhat.com> - 1:3.2.2-4
  - Fix CVE-2024-5535: SSL_select_next_proto buffer overread
    Resolves: RHEL-45657
* Sat Jun 22 2024 Daiki Ueno <dueno@redhat.com> - 1:3.2.2-3
  - Replace HKDF backward compatibility patch with the official one
    Related: RHEL-40823
* Wed Jun 12 2024 Daiki Ueno <dueno@redhat.com> - 1:3.2.2-2
  - Add workaround for EVP_PKEY_CTX_add1_hkdf_info with older providers
    Resolves: RHEL-40823
* Wed Jun 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-1
  - Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741,
    and Minerva attack.
    Resolves: RHEL-32148
    Resolves: RHEL-36792
    Resolves: RHEL-38514
    Resolves: RHEL-39111
* Thu May 23 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.1-2
  - Update RNG changing for FIPS purpose
    Resolves: RHEL-35380
* Wed Apr 03 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.1-1
  - Rebasing OpenSSL to 3.2.1
    Resolves: RHEL-26271
* Wed Feb 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-27
  - Use certified FIPS module instead of freshly built one in Red Hat distribution
    Related: RHEL-23474

Files

/etc/pki/tls
/etc/pki/tls/certs
/etc/pki/tls/ct_log_list.cnf
/etc/pki/tls/fips_local.cnf
/etc/pki/tls/misc
/etc/pki/tls/openssl.cnf
/etc/pki/tls/openssl.d
/etc/pki/tls/private
/usr/lib/.build-id
/usr/lib/.build-id/21
/usr/lib/.build-id/21/4d7b23cf8ef5175522f4d4cf89e61a4ffd0247
/usr/lib/.build-id/2a
/usr/lib/.build-id/2a/c44f23d16cf0cb3b406ba011017814f3e82f13
/usr/lib/.build-id/41
/usr/lib/.build-id/41/45999e4d1f365ac96e9d538faa02a21e72806f
/usr/lib/.build-id/49
/usr/lib/.build-id/49/230826537e8115bd3fc47ee165a9cfe1778f80
/usr/lib/.build-id/76
/usr/lib/.build-id/76/d2819a200d0f97b5fd35ed4841bfe8a57a0894
/usr/lib/.build-id/c7
/usr/lib/.build-id/c7/2c3fb5ddd7b238839795e20f0e26078284a8da
/usr/lib/.build-id/e6
/usr/lib/.build-id/e6/f54454236e34849475bc8abc400e81f948d176
/usr/lib/engines-3
/usr/lib/engines-3/afalg.so
/usr/lib/engines-3/capi.so
/usr/lib/engines-3/loader_attic.so
/usr/lib/engines-3/padlock.so
/usr/lib/libcrypto.so.3
/usr/lib/libcrypto.so.3.5.1
/usr/lib/libssl.so.3
/usr/lib/libssl.so.3.5.1
/usr/lib/ossl-modules/legacy.so
/usr/share/licenses/openssl-libs
/usr/share/licenses/openssl-libs/LICENSE.txt

Generated by rpm2html 1.8.1

Fabrice Bellet, Thu May 21 05:44:31 2026