Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libopenssl0_9_8-32bit-0.9.8zh-17.1 RPM for x86_64

From OpenSuSE Leap 42.1 updates for x86_64

Name: libopenssl0_9_8-32bit Distribution: openSUSE Leap 42.1
Version: 0.9.8zh Vendor: openSUSE
Release: 17.1 Build date: Tue May 3 20:38:39 2016
Group: Productivity/Networking/Security Build host: build72
Size: 1878544 Source RPM: libopenssl0_9_8-0.9.8zh-17.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://www.openssl.org/
Summary: Secure Sockets and Transport Layer Security
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, full-featured, and open source toolkit implementing
the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) protocols with full-strength cryptography. The project is managed
by a worldwide community of volunteers that use the Internet to
communicate, plan, and develop the OpenSSL toolkit and its related
documentation.

Derivation and License

OpenSSL is based on the excellent SSLeay library developed by Eric A.
Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
Apache-style license, which basically means that you are free to get it
and to use it for commercial and noncommercial purposes.

Provides

Requires

License

BSD-3-Clause

Changelog

* Thu Apr 28 2016 vcizek@suse.com
  - OpenSSL Security Advisory [3rd May 2016]
    * Memory corruption in the ASN.1 encoder
    - bsc#977617 (CVE-2016-2108)
    * EVP_EncodeUpdate overflow
    - bsc#977614 (CVE-2016-2105)
    * EVP_EncryptUpdate overflow
    - bsc#977615 (CVE-2016-2106)
    * ASN.1 BIO excessive memory allocation
    - bsc#976942 (CVE-2016-2109)
    * add patches
      + openssl-CVE-2016-2105.patch
      + openssl-CVE-2016-2106.patch
      + openssl-CVE-2016-2108.patch
      + openssl-CVE-2016-2109.patch
  - Fix side channel attack on modular exponentiation
    * "CacheBleed" (bsc#968050)
    * add openssl-CVE-2016-0702.patch
  - Fix buffer overrun in ASN1_parse (bsc#976943)
    * add 0001-Fix-buffer-overrun-in-ASN1_parse.patch
* Tue Mar 01 2016 vcizek@suse.com
  - Fix CVE-2016-0797 (bnc#968048) via "openssl-CVE-2016-0797.patch".
  - Fix CVE-2016-0799 (bnc#968374) via "openssl-CVE-2016-0799.patch".
  - Fix CVE-2016-0800 (bnc#968046, "Drown")
    * add openssl-CVE-2016-0800-DROWN-disable-ssl2.patch
* Tue Mar 01 2016 vcizek@suse.com
  - update to 0.9.8zh
    * fixes many security vulnerabilities:
      CVE-2015-3195, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790,
      CVE-2015-1792, CVE-2015-1791, CVE-2015-0286, CVE-2015-0287,
      CVE-2015-0289, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288,
      CVE-2014-3571, CVE-2014-3569, CVE-2014-3572, CVE-2015-0204,
      CVE-2014-8275, CVE-2014-3570, CVE-2014-3567, CVE-2014-3568,
      CVE-2014-3566, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506,
      CVE-2014-3505, CVE-2014-3508, CVE-2014-0224, CVE-2014-0221,
      CVE-2014-0195, CVE-2014-3470, CVE-2014-0076, CVE-2013-0169,
      CVE-2013-0166
    * remove broken debug build targets
      openssl-fix-config-test-sanity.patch
* Wed Feb 24 2016 vcizek@suse.com
  - avoid running OPENSSL_config twice. This avoids breaking
    engine loading. (bsc#952871, bsc#967787)
    * add openssl-avoid-config-twice.patch
* Fri Feb 12 2016 vcizek@suse.com
  - fix CVE-2015-3197 (bsc#963415)
    * SSLv2 doesn't block disabled ciphers
    * add openssl-CVE-2015-3197.patch
* Sat Jan 25 2014 dmueller@suse.com
  - avoid test suite on user mode build
* Wed Jan 08 2014 normand@linux.vnet.ibm.com
  - added patches:
    * libopenssl_add_ppc64le.patch
* Thu Jun 20 2013 coolo@suse.com
  - don't fiddle with man pages we're deleting later (fixes build
    with perl 5.18)
* Wed Jun 20 2012 meissner@suse.com
  - updated to 0.9.8x
    - mostly bug and lots of security fixes rolled up
* Tue Sep 20 2011 gjhe@suse.com
  - fix bug[bnc#716144] - VUL-0: openssl ECDH crash.
    CVE-2011-3210
* Thu Dec 09 2010 gjhe@novell.com
  - fix bug [bnc#657663]
    CVE-2010-4180
    for CVE-2010-4252,no patch is added(for the J-PAKE
    implementaion is not compiled in by default).
* Mon Apr 12 2010 meissner@suse.de
  - renamed to libopenssl0_9_8 to provide compatibility
* Thu Mar 25 2010 gjhe@novell.com
  - fix security bug [bnc#590833]
    CVE-2010-0740
* Mon Mar 22 2010 gjhe@novell.com
  - update to version 0.9.8m
    Merge the following patches from 0.9.8k:
    bswap.diff
    non-exec-stack.diff
    openssl-0.9.6g-alpha.diff
    openssl-0.9.7f-ppc64.diff
    openssl-0.9.8-flags-priority.dif
    openssl-0.9.8-sparc.dif
    openssl-allow-arch.diff
    openssl-hppa-config.diff
* Fri Feb 05 2010 jengelh@medozas.de
  - build openssl for sparc64
* Mon Dec 14 2009 jengelh@medozas.de
  - add baselibs.conf as a source
  - package documentation as noarch
* Tue Nov 03 2009 coolo@novell.com
  - updated patches to apply with fuzz=0
* Tue Sep 01 2009 gjhe@novell.com
  - fix Bug [bnc#526319]
* Wed Aug 26 2009 coolo@novell.com
  - use %patch0 for Patch0
* Fri Jul 03 2009 gjhe@novell.com
  - update to version 0.9.8k
  - patches merged upstream:
    openssl-CVE-2008-5077.patch
    openssl-CVE-2009-0590.patch
    openssl-CVE-2009-0591.patch
    openssl-CVE-2009-0789.patch
    openssl-CVE-2009-1377.patch
    openssl-CVE-2009-1378.patch
    openssl-CVE-2009-1379.patch
    openssl-CVE-2009-1386.patch
    openssl-CVE-2009-1387.patch
* Tue Jun 30 2009 gjhe@novell.com
  - fix security bug [bnc#509031]
    CVE-2009-1386
    CVE-2009-1387
* Tue Jun 30 2009 gjhe@novell.com
  - fix security bug [bnc#504687]
    CVE-2009-1377
    CVE-2009-1378
    CVE-2009-1379
* Wed Apr 15 2009 gjhe@suse.de
  - fix security bug [bnc#489641]
    CVE-2009-0590
    CVE-2009-0591
    CVE-2009-0789

Files

/usr/lib/libcrypto.so.0.9.8
/usr/lib/libssl.so.0.9.8


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Jan 10 06:08:53 2020