| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: openssl-libs | Distribution: CentOS |
| Version: 3.5.1 | Vendor: CentOS |
| Release: 5.el9 | Build date: Fri Sep 5 16:28:18 2025 |
| Group: Unspecified | Build host: aarch64-03.stream.rdu2.redhat.com |
| Size: 6563835 | Source RPM: openssl-3.5.1-5.el9.src.rpm |
| Packager: builder@centos.org | |
| Url: http://www.openssl.org/ | |
| Summary: A general purpose cryptography library with TLS implementation | |
OpenSSL is a toolkit for supporting cryptography. The openssl-libs package contains the libraries that are used by various applications which support cryptographic algorithms and protocols.
Apache-2.0
* Fri Sep 05 2025 Pavol Žáčik <pzacik@redhat.com> - 1:3.5.1-5
- Fix globally disabled LTO
Related: RHEL-111633
* Thu Aug 28 2025 Pavol Žáčik <pzacik@redhat.com> - 1:3.5.1-4
- Make openssl speed test signatures without errors
Resolves: RHEL-95502
- Build tests in check and without LTO
Resolves: RHEL-111633
* Thu Jul 17 2025 Simo Sorce <simo@redhat.com> - 1:3.5.1-3
- Add custom define to disable symbol versioning in downstream patched code
Also add stricter Suggests for openssl-fips-provider
Resolves: RHEL-104236
- Fix Requires/Provider to fix default install of fips providers
Resolves: RHEL-104856
* Wed Jul 16 2025 Simo Sorce <simo@redhat.com> - 1:3.5.1-2
- Move fips.so to a seprate subpackage
Reverts FIPS self test for SLH-DSA
Add Suggests to try to prefer the openssl-fips-provider package
over the fips-provider-next package by default
Revolves: RHEL-102408
Related: RHEL-80854
* Tue Jul 01 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.1-1
- Rebasing to OpenSSL 3.5.1
Resolves: RHEL-97797
Resolves: RHEL-98723
Resolves: RHEL-99352
* Mon Jun 02 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.0-4
- Compact patches for better maintainability
Related: RHEL-80854
- Make hybrid MLKEM work with our FIPS provider (3.0.7)
Resolves: RHEL-95239
* Thu May 22 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.0-3
- Fix regressions caused by rebase to OpenSSL 3.5
Related: RHEL-80854
* Fri May 02 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.0-2
- OpenSSL ignores "rh-allow-sha1-signatures = yes" option on RHEL-9
Resolves: RHEL-88910
- PKCS#12 should not default to pbmac1 in FIPS mode in RHEL-9
Resolves: RHEL-88912
- Fix `openssl speed` running in FIPS mode
Resolves: RHEL-89860
- pkeyutl ecdsa signature with sha1 shouldn't work by default
Resolves: RHEL-89861
- Expose settable params for EVP_SKEY
Resolves: RHEL-89862
- Restore RHEL9-style indicators defines
Resolves: RHEL-89859
- Enable sslkeylog support
Resolves: RHEL-90854
* Wed Apr 16 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.5.0-1
- Rebasing OpenSSL to 3.5
Resolves: RHEL-80854
Resolves: RHEL-50208
Resolves: RHEL-50210
Resolves: RHEL-50211
Resolves: RHEL-85954
* Wed Jan 29 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-7
- RFC7250 handshakes with unauthenticated servers don't abort as expected (CVE-2024-12797)
Resolves: RHEL-76756
* Thu Sep 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-6
- rebuilt
Related: RHEL-55339
* Wed Sep 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-5
- Fix CVE-2024-6119: Possible denial of service in X.509 name checks
Resolves: RHEL-55339
* Wed Aug 21 2024 Clemens Lang <cllang@redhat.com> - 1:3.2.2-4
- Fix CVE-2024-5535: SSL_select_next_proto buffer overread
Resolves: RHEL-45657
* Sat Jun 22 2024 Daiki Ueno <dueno@redhat.com> - 1:3.2.2-3
- Replace HKDF backward compatibility patch with the official one
Related: RHEL-40823
* Wed Jun 12 2024 Daiki Ueno <dueno@redhat.com> - 1:3.2.2-2
- Add workaround for EVP_PKEY_CTX_add1_hkdf_info with older providers
Resolves: RHEL-40823
* Wed Jun 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-1
- Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741,
and Minerva attack.
Resolves: RHEL-32148
Resolves: RHEL-36792
Resolves: RHEL-38514
Resolves: RHEL-39111
* Thu May 23 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.1-2
- Update RNG changing for FIPS purpose
Resolves: RHEL-35380
* Wed Apr 03 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.1-1
- Rebasing OpenSSL to 3.2.1
Resolves: RHEL-26271
* Wed Feb 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-27
- Use certified FIPS module instead of freshly built one in Red Hat distribution
Related: RHEL-23474
* Tue Nov 21 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-26
- Avoid implicit function declaration when building openssl
Related: RHEL-1780
- In FIPS mode, prevent any other operations when rsa_keygen_pairwise_test fails
Resolves: RHEL-17104
- Add a directory for OpenSSL providers configuration
Resolves: RHEL-17193
- Eliminate memory leak in OpenSSL when setting elliptic curves on SSL context
Resolves: RHEL-19515
- POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)
Resolves: RHEL-21151
- Excessive time spent checking invalid RSA public keys (CVE-2023-6237)
Resolves: RHEL-21654
- SSL ECDHE Kex fails when pkcs11 engine is set in config file
Resolves: RHEL-20249
- Denial of service via null dereference in PKCS#12
Resolves: RHEL-22486
- Use certified FIPS module instead of freshly built one in Red Hat distribution
Resolves: RHEL-23474
* Mon Oct 16 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-25
- Provide relevant diagnostics when FIPS checksum is corrupted
Resolves: RHEL-5317
- Don't limit using SHA1 in KDFs in non-FIPS mode.
Resolves: RHEL-5295
- Provide empty evp_properties section in main OpenSSL configuration file
Resolves: RHEL-11439
- Avoid implicit function declaration when building openssl
Resolves: RHEL-1780
- Forbid explicit curves when created via EVP_PKEY_fromdata
Resolves: RHEL-5304
- AES-SIV cipher implementation contains a bug that causes it to ignore empty
associated data entries (CVE-2023-2975)
Resolves: RHEL-5302
- Excessive time spent checking DH keys and parameters (CVE-2023-3446)
Resolves: RHEL-5306
- Excessive time spent checking DH q parameter value (CVE-2023-3817)
Resolves: RHEL-5308
- Fix incorrect cipher key and IV length processing (CVE-2023-5363)
Resolves: RHEL-13251
- Switch explicit FIPS indicator for RSA-OAEP to approved following
clarification with CMVP
Resolves: RHEL-14083
- Backport the check required by SP800-56Br2 6.4.1.2.1 (3.c)
Resolves: RHEL-14083
- Add missing ECDH Public Key Check in FIPS mode
Resolves: RHEL-15990
- Excessive time spent in DH check/generation with large Q parameter value (CVE-2023-5678)
Resolves: RHEL-15954
/etc/pki/tls /etc/pki/tls/certs /etc/pki/tls/ct_log_list.cnf /etc/pki/tls/fips_local.cnf /etc/pki/tls/misc /etc/pki/tls/openssl.cnf /etc/pki/tls/openssl.d /etc/pki/tls/private /usr/lib/.build-id /usr/lib/.build-id/50 /usr/lib/.build-id/50/7ad5b395a4e79a0ad0e3064eeafd0684caea42 /usr/lib/.build-id/81 /usr/lib/.build-id/81/06b4cdeebfa9fa858ab5f0e8ab981cbce9d370 /usr/lib/.build-id/9a /usr/lib/.build-id/9a/a13548aefbbf28dc3cb39ffcf4470a9170babd /usr/lib/.build-id/c3 /usr/lib/.build-id/c3/4fb85c9ab64cc95b582885d041e9013f07fd1b /usr/lib/.build-id/cc /usr/lib/.build-id/cc/a84b3691dd6c30c7b25b0b5250bfa921107de2 /usr/lib/.build-id/fa /usr/lib/.build-id/fa/3657481355fb432da830de45ba623d2adcf3e9 /usr/lib/.build-id/fd /usr/lib/.build-id/fd/b646ca018fa959305d078860e48dbca9491f2f /usr/lib64/engines-3 /usr/lib64/engines-3/afalg.so /usr/lib64/engines-3/capi.so /usr/lib64/engines-3/loader_attic.so /usr/lib64/engines-3/padlock.so /usr/lib64/libcrypto.so.3 /usr/lib64/libcrypto.so.3.5.1 /usr/lib64/libssl.so.3 /usr/lib64/libssl.so.3.5.1 /usr/lib64/ossl-modules/legacy.so /usr/share/licenses/openssl-libs /usr/share/licenses/openssl-libs/LICENSE.txt
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Oct 21 04:48:39 2025