openssl-libs-3.0.1-12.el9 RPM for x86_64

From CentOS Stream 9 BaseOS for x86_64

OpenSSL is a toolkit for supporting cryptography. The openssl-libs
package contains the libraries that are used by various applications which
support cryptographic algorithms and protocols.

Provides

• openssl-libs
• config(openssl-libs)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libcrypto.so.3(OPENSSL_3.0.1)(64bit)
• libssl.so.3()(64bit)
• libssl.so.3(OPENSSL_3.0.0)(64bit)
• openssl-libs(x86-64)

Requires

• ca-certificates >= 2008-5
• config(openssl-libs) = 1:3.0.1-12.el9
• crypto-policies >= 20180730
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.15)(64bit)
• libc.so.6(GLIBC_2.16)(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.25)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.2)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libcrypto.so.3(OPENSSL_3.0.1)(64bit)
• libz.so.1()(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

ASL 2.0

Changelog

* Thu Feb 24 2022 Peter Robinson <pbrobinson@fedoraproject.org> - 1:3.0.1-12
  - Support KBKDF (NIST SP800-108) with an R value of 8bits
  - Resolves: rhbz#2027261
* Wed Feb 23 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-11
  - Allow SHA1 usage in MGF1 for RSASSA-PSS signatures
  - Resolves: rhbz#2031742
* Wed Feb 23 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-10
  - rebuilt
* Tue Feb 22 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-9
  - Allow SHA1 usage in HMAC in TLS
  - Resolves: rhbz#2031742
* Tue Feb 22 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-8
  - OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
  - Resolves: rhbz#1977867
  - pkcs12 export broken in FIPS mode
  - Resolves: rhbz#2049265
* Tue Feb 22 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-8
  - Disable SHA1 signature creation and verification by default
  - Set rh-allow-sha1-signatures = yes to re-enable
  - Resolves: rhbz#2031742
* Thu Feb 03 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-7
  - s_server: correctly handle 2^14 byte long records
  - Resolves: rhbz#2042011
* Tue Feb 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-6
  - Adjust FIPS provider version
  - Related: rhbz#2026445
* Wed Jan 26 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-5
  - On the s390x, zeroize all the copies of TLS premaster secret
  - Related: rhbz#2040448
* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-4
  - rebuilt
* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-3
  - KATS tests should be executed before HMAC verification
  - Restoring fips=yes for SHA1
  - Related: rhbz#2026445, rhbz#2041994
* Thu Jan 20 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-2
  - Add enable-buildtest-c++ to the configure options.
  - Related: rhbz#1990814
* Tue Jan 18 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-1
  - Rebase to upstream version 3.0.1
  - Fixes CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
  - Resolves: rhbz#2038910, rhbz#2035148
* Mon Jan 17 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-7
  - Remove algorithms we don't plan to certify from fips module
  - Remove native fipsmodule.cnf
  - Related: rhbz#2026445
* Tue Dec 21 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-6
  - openssl speed should run in FIPS mode
  - Related: rhbz#1977318
* Wed Nov 24 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-5
  - rebuilt for spec cleanup
  - Related: rhbz#1985362
* Thu Nov 18 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-4
  - Embed FIPS HMAC in fips.so
  - Enforce loading FIPS provider when FIPS kernel flag is on
  - Related: rhbz#1985362
* Thu Oct 07 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-3
  - Fix memory leak in s_client
  - Related: rhbz#1996092
* Mon Sep 20 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-2
  - Avoid double-free on error seeding the RNG.
  - KTLS and FIPS may interfere, so tests need to be tuned
  - Resolves: rhbz#1952844, rhbz#1961643
* Thu Sep 09 2021 Sahana Prasad <sahana@redhat.com> - 1:3.0.0-1
  - Rebase to upstream version 3.0.0
  - Related: rhbz#1990814
* Wed Aug 25 2021 Sahana Prasad <sahana@redhat.com> - 1:3.0.0-0.beta2.7
  - Removes the dual-abi build as it not required anymore. The mass rebuild
    was completed and all packages are rebuilt against Beta version.
  - Resolves: rhbz#1984097
* Mon Aug 23 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-0.beta2.6
  - Correctly process CMS reading from /dev/stdin
  - Resolves: rhbz#1986315
* Mon Aug 16 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.5
  - Add instruction for loading legacy provider in openssl.cnf
  - Resolves: rhbz#1975836
* Mon Aug 16 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.4
  - Adds support for IDEA encryption.
  - Resolves: rhbz#1990602
* Tue Aug 10 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.3
  - Fixes core dump in openssl req -modulus
  - Fixes 'openssl req' to not ask for password when non-encrypted private key
    is used
  - cms: Do not try to check binary format on stdin and -rctform fix
  - Resolves: rhbz#1988137, rhbz#1988468, rhbz#1988137
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.0.0-0.beta2.2.1
  - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
    Related: rhbz#1991688
* Wed Aug 04 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 3.0.0-0.beta2.2
  - When signature_algorithm extension is omitted, use more relevant alerts
  - Resolves: rhbz#1965017
* Tue Aug 03 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta2.1
  - Rebase to upstream version beta2
  - Related: rhbz#1903209
* Thu Jul 22 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.5
  - Prevents creation of duplicate cert entries in PKCS #12 files
  - Resolves: rhbz#1978670
* Wed Jul 21 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.4
  - NVR bump to update to OpenSSL 3.0 Beta1
* Mon Jul 19 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.3
  - Update patch dual-abi.patch to add the #define macros in implementation
    files instead of public header files
* Wed Jul 14 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.2
  - Removes unused patch dual-abi.patch
* Wed Jul 14 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.1
  - Update to Beta1 version
  - Includes a patch to support dual-ABI, as Beta1 brekas ABI with alpha16
* Tue Jul 06 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.7
  - Fixes override of openssl_conf in openssl.cnf
  - Use AI_ADDRCONFIG only when explicit host name is given
  - Temporarily remove fipsmodule.cnf for arch i686
  - Fixes segmentation fault in BN_lebin2bn
  - Resolves: rhbz#1975847, rhbz#1976845, rhbz#1973477, rhbz#1975855
* Fri Jul 02 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.6
  - Adds FIPS mode compatibility patch (sahana@redhat.com)
  - Related: rhbz#1977318
* Fri Jul 02 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.5
  - Fixes system hang issue when booted in FIPS mode (sahana@redhat.com)
  - Temporarily disable downstream FIPS patches
  - Related: rhbz#1977318
* Fri Jun 11 2021 Mohan Boddu <mboddu@redhat.com> 3.0.0-0.alpha16.4
  - Speeding up building openssl (dbelyavs@redhat.com)
    Resolves: rhbz#1903209
* Fri Jun 04 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.3
  - Fix reading SPKAC data from stdin
  - Fix incorrect OSSL_PKEY_PARAM_MAX_SIZE for ed25519 and ed448
  - Return 0 after cleanup in OPENSSL_init_crypto()
  - Cleanup the peer point formats on regotiation
  - Fix default digest to SHA256
* Thu May 27 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.2
  - Enable FIPS via config options
* Mon May 17 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.1
  - Update to alpha 16 version
    Resolves: rhbz#1952901 openssl sends alert after orderly connection close
* Mon Apr 26 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha15.1
  - Update to alpha 15 version
    Resolves: rhbz#1903209, rhbz#1952598,
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.0.0-0.alpha13.1.1
  - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Fri Apr 09 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha13.1
  - Update to new major release OpenSSL 3.0.0 alpha 13
    Resolves: rhbz#1903209

Files

/etc/pki/tls
/etc/pki/tls/certs
/etc/pki/tls/ct_log_list.cnf
/etc/pki/tls/misc
/etc/pki/tls/openssl.cnf
/etc/pki/tls/private
/usr/lib/.build-id
/usr/lib/.build-id/01
/usr/lib/.build-id/01/92ce6aa340850b17c7e88e5afba778f6130b50
/usr/lib/.build-id/0b
/usr/lib/.build-id/0b/51c47642b174334c4e27f65a2139d61d3c82d2
/usr/lib/.build-id/1e
/usr/lib/.build-id/1e/bfd96d015a0590a9bd009988fb2885c4d09aa4
/usr/lib/.build-id/3b
/usr/lib/.build-id/3b/adaed9a28f6695488f52a3015a409e42390b06
/usr/lib/.build-id/4f
/usr/lib/.build-id/4f/f779d3938e7bc4250494ed119b656d78aa570b
/usr/lib/.build-id/e5
/usr/lib/.build-id/e5/ac284d1ac6d4aba2d795efbaf2c13d83426aed
/usr/lib/.build-id/eb
/usr/lib/.build-id/eb/b3ed04521de4f5756a8c099f50ede44a24379f
/usr/lib/.build-id/fd
/usr/lib/.build-id/fd/371388e363469f0371e75207f3d35c2c8a1e87
/usr/lib64/engines-3
/usr/lib64/engines-3/afalg.so
/usr/lib64/engines-3/capi.so
/usr/lib64/engines-3/loader_attic.so
/usr/lib64/engines-3/padlock.so
/usr/lib64/libcrypto.so.3
/usr/lib64/libcrypto.so.3.0.1
/usr/lib64/libssl.so.3
/usr/lib64/libssl.so.3.0.1
/usr/lib64/ossl-modules
/usr/lib64/ossl-modules/fips.so
/usr/lib64/ossl-modules/legacy.so
/usr/share/licenses/openssl-libs
/usr/share/licenses/openssl-libs/LICENSE.txt

Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Jun 9 21:16:57 2022