| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libopenssl1_0_0-x86 | Distribution: openSUSE 11.4 |
| Version: 1.0.0c | Vendor: openSUSE |
| Release: 18.42.1 | Build date: Thu May 24 21:35:48 2012 |
| Group: Productivity/Networking/Security | Build host: build07 |
| Size: 2307972 | Source RPM: openssl-1.0.0c-18.42.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: http://www.openssl.org/ | |
| Summary: Secure Sockets and Transport Layer Security | |
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, full-featured, and open source toolkit implementing
the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) protocols with full-strength cryptography. The project is managed
by a worldwide community of volunteers that use the Internet to
communicate, plan, and develop the OpenSSL toolkit and its related
documentation.
Derivation and License
OpenSSL is based on the excellent SSLeay library developed by Eric A.
Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
Apache-style license, which basically means that you are free to get it
and to use it for commercial and noncommercial purposes.
Authors:
--------
Mark J. Cox <mark@openssl.org>
Ralf S. Engelschall <rse@openssl.org>
Dr. Stephen Henson <steve@openssl.org>
Ben Laurie <ben@openssl.org>
Bodo Moeller <bodo@openssl.org>
Ulf Moeller <ulf@openssl.org>
Holger Reif <holger@openssl.org>
Paul C. Sutton <paul@openssl.org>
BSD3c(or similar)
* Wed May 23 2012 gjhe@suse.com
- fix bug[bnc#761838] - denial of service via cbc mode handling
CVE-2012-2333
* Mon Apr 23 2012 gjhe@suse.com
- fix bug[bnc#758060] - incorrect integer conversions in OpenSSL
can result in memory corruption.
CVE-2012-2110
* Wed Mar 28 2012 gjhe@suse.com
- fix bug[bnc#749735] - Memory leak when creating public keys.
fix bug[bnc#751977] - CMS and S/MIME Bleichenbacher attack
CVE-2012-0884
* Wed Mar 28 2012 gjhe@suse.com
- fix bug[bnc#749735] - Memory leak when creating public keys.
fix bug[bnc#751977] - CMS and S/MIME Bleichenbacher attack
CVE-2012-0884
* Thu Mar 22 2012 gjhe@suse.com
- fix Bug[bnc#751946] - S/MIME verification may erroneously fail
CVE-2012-1165
* Wed Mar 21 2012 gjhe@suse.com
- fix bug[bnc#749213]-Free headers after use in error message
and bug[bnc#749210]-Symmetric crypto errors in PKCS7_decrypt
* Fri Feb 24 2012 gjhe@suse.com
- fix bug[bnc#748738] - Tolerate bad MIME headers in openssl's
asn1 parser.
CVE-2006-7250
* Thu Feb 02 2012 gjhe@suse.com
- fix security bug [bnc#742821] - DTLS DoS Attack
CVE-2012-0050
* Wed Jan 11 2012 gjhe@suse.com
- fix security bug[bnc#739719] - openssl: various security issues
DTLS Plaintext Recovery Attack (CVE-2011-4108)
Uninitialized SSL 3.0 Padding (CVE-2011-4576)
Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577)
SGC Restart DoS Attack (CVE-2011-4619)
Invalid GOST parameters DoS Attack (CVE-2012-0027)
not affected:
Double-free in Policy Checks (CVE-2011-4109)
* Tue Sep 20 2011 gjhe@suse.com
- fix bug[bnc#716144] - VUL-0: openssl ECDH crash.
CVE-2011-3210
* Tue Sep 13 2011 gjhe@suse.com
- Fix bug[bnc#716143].Fix bug where CRLs with nextUpdate
in the past are sometimes accepted by initialising
X509_STORE_CTX properly. (CVE-2011-3207)
* Tue May 31 2011 gjhe@novell.com
- fix bug[bnc#693027].
Add protection against ECDSA timing attacks as mentioned in the paper
by Billy Bob Brumley and Nicola Tuveri, see:
http://eprint.iacr.org/2011/232.pdf
[Billy Bob Brumley and Nicola Tuveri]
* Sat Jan 15 2011 cristian.rodriguez@opensuse.org
- Add patch from upstream in order to support AES-NI instruction
set present on current Intel and AMD processors
* Mon Jan 10 2011 meissner@suse.de
- enable -DPURIFY to avoid valgrind errors.
* Thu Dec 09 2010 gjhe@novell.com
- update to stable version 1.0.0c.
patch included:
CVE-2010-1633_and_CVE-2010-0742.patch
patchset-19727.diff
CVE-2010-2939.patch
CVE-2010-3864.patch
* Thu Nov 18 2010 gjhe@novell.com
- fix bug [bnc#651003]
CVE-2010-3864
* Sat Sep 25 2010 gjhe@novell.com
- fix bug [bnc#629905]
CVE-2010-2939
* Wed Jul 28 2010 cristian.rodriguez@opensuse.org
- Exclude static libraries, see what breaks and fix that
instead
* Wed Jun 30 2010 jengelh@medozas.de
- fix two compile errors on SPARC
* Tue Jun 15 2010 bg@novell.com
- -fstack-protector is not supported on hppa
* Fri Jun 04 2010 gjhe@novell.com
- fix bnc #610642
CVE-2010-0742
CVE-2010-1633
* Mon May 31 2010 gjhe@novell.com
- fix bnc #610223,change Configure to tell openssl to load engines
from /%{_lib} instead of %{_libdir}
* Mon May 10 2010 aj@suse.de
- Do not compile in build time but use mtime of changes file instead.
This allows build-compare to identify that no changes have happened.
* Tue May 04 2010 gjhe@novell.com
- build libopenssl to /%{_lib} dir,and keep only one
libopenssl-devel for new developping programs.
* Tue Apr 27 2010 gjhe@novell.com
- build libopenssl and libopenssl-devel to a version directory
* Sat Apr 24 2010 coolo@novell.com
- buildrequire pkg-config to fix provides
* Wed Apr 21 2010 lnussel@suse.de
- also create old certificate hash in /etc/ssl/certs for
compatibility with applications that still link against 0.9.8
* Mon Apr 12 2010 meissner@suse.de
- Disable our own build targets, instead use the openSSL provided ones
as they are now good (or should be good at least).
- add -Wa,--noexecstack to the Configure call, this is the upstream
approved way to avoid exec-stack marking
* Mon Apr 12 2010 gjhe@novell.com
- update to 1.0.0
Merge the following patches from 0.9.8k:
openssl-0.9.6g-alpha.diff
openssl-0.9.7f-ppc64.diff
openssl-0.9.8-flags-priority.dif
openssl-0.9.8-sparc.dif
openssl-allow-arch.diff
openssl-hppa-config.diff
* Fri Apr 09 2010 meissner@suse.de
- fixed "exectuable stack" for libcrypto.so issue on i586 by
adjusting the assembler output during MMX builds.
* Wed Apr 07 2010 meissner@suse.de
- Openssl is now partially converted to libdir usage upstream,
merge that in to fix lib64 builds.
* Thu Mar 25 2010 gjhe@novell.com
- fix security bug [bnc#590833]
CVE-2010-0740
* Mon Mar 22 2010 gjhe@novell.com
- update to version 0.9.8m
Merge the following patches from 0.9.8k:
bswap.diff
non-exec-stack.diff
openssl-0.9.6g-alpha.diff
openssl-0.9.7f-ppc64.diff
openssl-0.9.8-flags-priority.dif
openssl-0.9.8-sparc.dif
openssl-allow-arch.diff
openssl-hppa-config.diff
* Fri Feb 05 2010 jengelh@medozas.de
- build openssl for sparc64
* Mon Dec 14 2009 jengelh@medozas.de
- add baselibs.conf as a source
- package documentation as noarch
* Tue Nov 03 2009 coolo@novell.com
- updated patches to apply with fuzz=0
* Tue Sep 01 2009 gjhe@novell.com
- fix Bug [bnc#526319]
* Wed Aug 26 2009 coolo@novell.com
- use %patch0 for Patch0
* Fri Jul 03 2009 gjhe@novell.com
- update to version 0.9.8k
- patches merged upstream:
openssl-CVE-2008-5077.patch
openssl-CVE-2009-0590.patch
openssl-CVE-2009-0591.patch
openssl-CVE-2009-0789.patch
openssl-CVE-2009-1377.patch
openssl-CVE-2009-1378.patch
openssl-CVE-2009-1379.patch
openssl-CVE-2009-1386.patch
openssl-CVE-2009-1387.patch
* Tue Jun 30 2009 gjhe@novell.com
- fix security bug [bnc#509031]
CVE-2009-1386
CVE-2009-1387
* Tue Jun 30 2009 gjhe@novell.com
- fix security bug [bnc#504687]
CVE-2009-1377
CVE-2009-1378
CVE-2009-1379
* Wed Apr 15 2009 gjhe@suse.de
- fix security bug [bnc#489641]
CVE-2009-0590
CVE-2009-0591
CVE-2009-0789
/emul/ia32-linux/lib /emul/ia32-linux/lib/engines /emul/ia32-linux/lib/engines/lib4758cca.so /emul/ia32-linux/lib/engines/libaep.so /emul/ia32-linux/lib/engines/libatalla.so /emul/ia32-linux/lib/engines/libcapi.so /emul/ia32-linux/lib/engines/libchil.so /emul/ia32-linux/lib/engines/libcswift.so /emul/ia32-linux/lib/engines/libgmp.so /emul/ia32-linux/lib/engines/libgost.so /emul/ia32-linux/lib/engines/libnuron.so /emul/ia32-linux/lib/engines/libpadlock.so /emul/ia32-linux/lib/engines/libsureware.so /emul/ia32-linux/lib/engines/libubsec.so /emul/ia32-linux/lib/libcrypto.so.1.0.0 /emul/ia32-linux/lib/libssl.so.1.0.0
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon Jun 10 09:28:43 2013