Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libopenssl10-1.0.2u-13.1 RPM for riscv64

From OpenSuSE Ports Tumbleweed for riscv64

Name: libopenssl10 Distribution: openSUSE Tumbleweed
Version: 1.0.2u Vendor: openSUSE
Release: 13.1 Build date: Tue Feb 21 19:45:50 2023
Group: Productivity/Networking/Security Build host: sheep82
Size: 2244153 Source RPM: openssl-1_0_0-1.0.2u-13.1.src.rpm
Summary: Secure Sockets and Transport Layer Security
OpenSSL is a software library to be used in applications that need to
secure communications over computer networks against eavesdropping or
need to ascertain the identity of the party at the other end.
OpenSSL contains an implementation of the SSL and TLS protocols.

This package contains and symlinks and
provided capabilities usually provided by other distributions for
compatibility with third party packages.






* Fri Feb 17 2023 Otto Hollmann <>
  - Fix DH key generation in FIPS mode, add support for constant BN for
    DH parameters [bsc#1202062]
    * Add patch: openssl-fips_fix_DH_key_generation.patch
* Tue Feb 07 2023 Otto Hollmann <>
  - Security Fix: [bsc#1207533, CVE-2023-0286]
    * Fix X.400 address type confusion in X.509 GENERAL_NAME_cmp
      for x400Address
    * Add openssl-CVE-2023-0286.patch
  - Security Fix: [bsc#1207536, CVE-2023-0215]
    * Use-after-free following BIO_new_NDEF()
    * Add patches:
    - openssl-CVE-2023-0215-1of4.patch
    - openssl-CVE-2023-0215-3of4.patch
    - openssl-CVE-2023-0215-4of4.patch
  - Security Fix: [bsc#1207534, CVE-2022-4304]
    * Timing Oracle in RSA Decryption
    * Add openssl-CVE-2022-4304.patch
  - Security Fix: [bsc#1179491, CVE-2020-1971]
    * Fix EDIPARTYNAME NULL pointer dereference
    * Add openssl-CVE-2020-1971.patch
* Mon Jan 02 2023 Otto Hollmann <>
  - Update further expiring certificates that affect tests [bsc#1201627]
    * Add openssl-Update-further-expiring-certificates.patch
* Sat Sep 24 2022 Jason Sikes <>
  - Added openssl-1_0_0-paramgen-default_to_rfc7919.patch
    * bsc#1180995
    * Default to RFC7919 groups when generating ECDH parameters
      using 'genpkey' or 'dhparam' in FIPS mode.
* Tue Jun 28 2022 Andreas Schwab <>
  - openssl-riscv64-config.patch: backport of riscv64 config support
* Thu Jun 23 2022 Jason Sikes <>
  - Added	openssl-1_0_0-Fix-file-operations-in-c_rehash.patch
    * bsc#1200550
    * CVE-2022-2068
    * Fixed more shell code injection issues in c_rehash
* Tue Jun 21 2022 Jan Engelhardt <>
  - Adjust rpmlintrc to apply to all arches.
* Mon May 30 2022 Jason Sikes <>
  - Security fix: [bsc#1199166, CVE-2022-1292]
    * Added: openssl-CVE-2022-1292.patch
    * properly sanitise shell metacharacters in c_rehash script.
* Fri May 13 2022 Jan Engelhardt <>
  - Add an rpmlintrc for shlib-policy-name-error/multibuild case.
* Thu Apr 21 2022 Dirk Müller <>
  - update openssl-fips_cavs_aes_keywrap.patch to avoid
    (nonexploitable) format-string vulnerability
* Sun Aug 29 2021 Jason Sikes <>
  - Several OpenSSL functions that print ASN.1 data have been found to assume that
    the ASN1_STRING byte array will be NUL terminated, even though this is not
    guaranteed for strings that have been directly constructed. Where an application
    requests an ASN.1 structure to be printed, and where that ASN.1 structure
    contains ASN1_STRINGs that have been directly constructed by the application
    without NUL terminating the "data" field, then a read buffer overrun can occur.
    * CVE-2021-3712 continued
    * bsc#1189521
    * Add CVE-2021-3712-ASN1_STRING-issues.patch
    * Sourced from openssl-CVE-2021-3712.tar.bz2 posted on bsc-1189521
      2021-08-24 00:47 PDT by Marcus Meissner and from
* Mon Jul 12 2021 Jason Sikes <>
  - Add safe primes to DH parameter generation
    * RFC7919 and RFC3526
    * bsc#1180995
    * Added openssl-add_rfc3526_rfc7919.patch
    * Added openssl-DH.patch
    * Genpkey: "-pkeyopt dh_param:" can now choose modp_* (rfc3526) and
      ffdhe* (rfc7919) groups. Example:
      $ openssl genpkey -genparam -algorithm DH -pkeyopt dh_param:ffdhe4096
* Sat Jun 26 2021 Jason Sikes <>
  - link binaries as position independent executables
    * added openssl-1.0.0-pic-pie.patch
    * bsc#1186495
* Wed Mar 03 2021 Pedro Monreal <>
  - Security fixes:
    * Integer overflow in CipherUpdate: Incorrect SSLv2 rollback
      protection [bsc#1182333, CVE-2021-23840]
    * Null pointer deref in X509_issuer_and_serial_hash()
      [bsc#1182331, CVE-2021-23841]
  - Add openssl-CVE-2021-23840.patch openssl-CVE-2021-23841.patch
* Mon Oct 12 2020 Dominique Leuenberger <>
  - Escape rpm command %%expand when used in comment.
* Tue Aug 18 2020 Antonio Larrosa <>
  - Add libopenssl10 package with and
    libraries built with --default-symver and the following patch
    so we can provide the same symbols as other distros in a
    compatible package (bsc#1175429):
    * openssl-1.0.2e-rpmbuild.patch
  - Update patch to add OPENSSL_1.0.1_EC symbol (bsc#1175429):
    * openssl-1.0.0-version.patch
* Fri Dec 20 2019 Pedro Monreal Gonzalez <>
  - Update to 1.0.2u [bsc#1158809, CVE-2019-1551]
    * Fixed an overflow bug in the x64_64 Montgomery squaring procedure
      used in exponentiation with 512-bit moduli. No EC algorithms are
      affected. Analysis suggests that attacks against 2-prime RSA1024,
      3-prime RSA1536, and DSA1024 as a result of this defect would be very
      difficult to perform and are not believed likely. Attacks against DH512
      are considered just feasible. However, for an attack the target would
      have to re-use the DH512 private key, which is not recommended anyway.
      Also applications directly using the low level API BN_mod_exp may be
      affected if they use BN_FLG_CONSTTIME.
  - Drop patch openssl-1_1-CVE-2019-1551.patch
* Tue Dec 10 2019 Pedro Monreal Gonzalez <>
  - Security fix: [bsc#1158809, CVE-2019-1551]
    * Overflow bug in the x64_64 Montgomery squaring procedure used
      in exponentiation with 512-bit moduli
  - Add openssl-1_1-CVE-2019-1551.patch
* Thu Oct 03 2019 Vítězslav Čížek <>
  - Update to 1.0.2t
    * For built-in EC curves, ensure an EC_GROUP built from the curve name is
      used even when parsing explicit parameters, when loading a serialized key
      or calling EC_GROUP_new_from_ecpkparameters()/EC_GROUP_new_from_ecparameters().
    * Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
  - drop upstreamed patches:
    * openssl-CVE-2019-1547.patch
    * openssl-CVE-2019-1563.patch
* Thu Sep 12 2019 Pedro Monreal Gonzalez <>
  - OpenSSL Security Advisory [10 September 2019]
    * EC_GROUP_set_generator side channel attack avoidance. [bsc#1150003, CVE-2019-1547]
    * Bleichenbacher attack against cms/pkcs7 encryption transported key [bsc#1150250, CVE-2019-1563]
  - Added patches:
    * openssl-CVE-2019-1547.patch
    * openssl-CVE-2019-1563.patch
* Thu Feb 28 2019 Pedro Monreal Gonzalez <>
  - Update to 1.0.2r
    * 0-byte record padding oracle
      (CVE-2019-1559, bsc#1127080)
    * Move strictness check from EVP_PKEY_asn1_new() to
  - Refreshed patches:
    * openssl-1.0.2i-fips.patch



Generated by rpm2html 1.8.1

Fabrice Bellet, Tue May 9 11:15:49 2023