openssl-libs-3.0.1-18.el9 RPM for x86_64

From CentOS Stream 9 BaseOS for x86_64

OpenSSL is a toolkit for supporting cryptography. The openssl-libs
package contains the libraries that are used by various applications which
support cryptographic algorithms and protocols.

Provides

• openssl-libs
• config(openssl-libs)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libcrypto.so.3(OPENSSL_3.0.1)(64bit)
• libssl.so.3()(64bit)
• libssl.so.3(OPENSSL_3.0.0)(64bit)
• openssl-libs(x86-64)

Requires

• ca-certificates >= 2008-5
• config(openssl-libs) = 1:3.0.1-18.el9
• crypto-policies >= 20180730
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.15)(64bit)
• libc.so.6(GLIBC_2.16)(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.25)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.2)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libcrypto.so.3(OPENSSL_3.0.1)(64bit)
• libz.so.1()(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

ASL 2.0

Changelog

* Wed Mar 16 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-18
  - CVE-2022-0778 fix
  - Resolves: rhbz#2062315
* Thu Mar 10 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-17
  - Fix invocation of EVP_PKEY_CTX_set_rsa_padding(RSA_PKCS1_PSS_PADDING) before
    setting an allowed digest with EVP_PKEY_CTX_set_signature_md()
  - Skipping 3.0.1-16 due to version numbering confusion with the RHEL-9.0 branch
  - Resolves: rhbz#2062640
* Tue Mar 01 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-15
  - Allow SHA1 in SECLEVEL 2 if rh-allow-sha1-signatures = yes
  - Resolves: rhbz#2060510
* Fri Feb 25 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-14
  - Prevent use of SHA1 with ECDSA
  - Resolves: rhbz#2031742
* Fri Feb 25 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-13
  - OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
  - Resolves: rhbz#1977867
* Thu Feb 24 2022 Peter Robinson <pbrobinson@fedoraproject.org> - 1:3.0.1-12
  - Support KBKDF (NIST SP800-108) with an R value of 8bits
  - Resolves: rhbz#2027261
* Wed Feb 23 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-11
  - Allow SHA1 usage in MGF1 for RSASSA-PSS signatures
  - Resolves: rhbz#2031742
* Wed Feb 23 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-10
  - rebuilt
* Tue Feb 22 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-9
  - Allow SHA1 usage in HMAC in TLS
  - Resolves: rhbz#2031742
* Tue Feb 22 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-8
  - OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
  - Resolves: rhbz#1977867
  - pkcs12 export broken in FIPS mode
  - Resolves: rhbz#2049265
* Tue Feb 22 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-8
  - Disable SHA1 signature creation and verification by default
  - Set rh-allow-sha1-signatures = yes to re-enable
  - Resolves: rhbz#2031742
* Thu Feb 03 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-7
  - s_server: correctly handle 2^14 byte long records
  - Resolves: rhbz#2042011
* Tue Feb 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-6
  - Adjust FIPS provider version
  - Related: rhbz#2026445
* Wed Jan 26 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-5
  - On the s390x, zeroize all the copies of TLS premaster secret
  - Related: rhbz#2040448
* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-4
  - rebuilt
* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-3
  - KATS tests should be executed before HMAC verification
  - Restoring fips=yes for SHA1
  - Related: rhbz#2026445, rhbz#2041994
* Thu Jan 20 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-2
  - Add enable-buildtest-c++ to the configure options.
  - Related: rhbz#1990814
* Tue Jan 18 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-1
  - Rebase to upstream version 3.0.1
  - Fixes CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
  - Resolves: rhbz#2038910, rhbz#2035148
* Mon Jan 17 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-7
  - Remove algorithms we don't plan to certify from fips module
  - Remove native fipsmodule.cnf
  - Related: rhbz#2026445
* Tue Dec 21 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-6
  - openssl speed should run in FIPS mode
  - Related: rhbz#1977318
* Wed Nov 24 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-5
  - rebuilt for spec cleanup
  - Related: rhbz#1985362
* Thu Nov 18 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-4
  - Embed FIPS HMAC in fips.so
  - Enforce loading FIPS provider when FIPS kernel flag is on
  - Related: rhbz#1985362
* Thu Oct 07 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-3
  - Fix memory leak in s_client
  - Related: rhbz#1996092
* Mon Sep 20 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-2
  - Avoid double-free on error seeding the RNG.
  - KTLS and FIPS may interfere, so tests need to be tuned
  - Resolves: rhbz#1952844, rhbz#1961643
* Thu Sep 09 2021 Sahana Prasad <sahana@redhat.com> - 1:3.0.0-1
  - Rebase to upstream version 3.0.0
  - Related: rhbz#1990814
* Wed Aug 25 2021 Sahana Prasad <sahana@redhat.com> - 1:3.0.0-0.beta2.7
  - Removes the dual-abi build as it not required anymore. The mass rebuild
    was completed and all packages are rebuilt against Beta version.
  - Resolves: rhbz#1984097
* Mon Aug 23 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-0.beta2.6
  - Correctly process CMS reading from /dev/stdin
  - Resolves: rhbz#1986315
* Mon Aug 16 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.5
  - Add instruction for loading legacy provider in openssl.cnf
  - Resolves: rhbz#1975836
* Mon Aug 16 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.4
  - Adds support for IDEA encryption.
  - Resolves: rhbz#1990602
* Tue Aug 10 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.3
  - Fixes core dump in openssl req -modulus
  - Fixes 'openssl req' to not ask for password when non-encrypted private key
    is used
  - cms: Do not try to check binary format on stdin and -rctform fix
  - Resolves: rhbz#1988137, rhbz#1988468, rhbz#1988137
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.0.0-0.beta2.2.1
  - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
    Related: rhbz#1991688
* Wed Aug 04 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 3.0.0-0.beta2.2
  - When signature_algorithm extension is omitted, use more relevant alerts
  - Resolves: rhbz#1965017
* Tue Aug 03 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta2.1
  - Rebase to upstream version beta2
  - Related: rhbz#1903209
* Thu Jul 22 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.5
  - Prevents creation of duplicate cert entries in PKCS #12 files
  - Resolves: rhbz#1978670
* Wed Jul 21 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.4
  - NVR bump to update to OpenSSL 3.0 Beta1
* Mon Jul 19 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.3
  - Update patch dual-abi.patch to add the #define macros in implementation
    files instead of public header files
* Wed Jul 14 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.2
  - Removes unused patch dual-abi.patch
* Wed Jul 14 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.1
  - Update to Beta1 version
  - Includes a patch to support dual-ABI, as Beta1 brekas ABI with alpha16
* Tue Jul 06 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.7
  - Fixes override of openssl_conf in openssl.cnf
  - Use AI_ADDRCONFIG only when explicit host name is given
  - Temporarily remove fipsmodule.cnf for arch i686
  - Fixes segmentation fault in BN_lebin2bn
  - Resolves: rhbz#1975847, rhbz#1976845, rhbz#1973477, rhbz#1975855
* Fri Jul 02 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.6
  - Adds FIPS mode compatibility patch (sahana@redhat.com)
  - Related: rhbz#1977318
* Fri Jul 02 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.5
  - Fixes system hang issue when booted in FIPS mode (sahana@redhat.com)
  - Temporarily disable downstream FIPS patches
  - Related: rhbz#1977318
* Fri Jun 11 2021 Mohan Boddu <mboddu@redhat.com> 3.0.0-0.alpha16.4
  - Speeding up building openssl (dbelyavs@redhat.com)
    Resolves: rhbz#1903209
* Fri Jun 04 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.3
  - Fix reading SPKAC data from stdin
  - Fix incorrect OSSL_PKEY_PARAM_MAX_SIZE for ed25519 and ed448
  - Return 0 after cleanup in OPENSSL_init_crypto()
  - Cleanup the peer point formats on regotiation
  - Fix default digest to SHA256
* Thu May 27 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.2
  - Enable FIPS via config options
* Mon May 17 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.1
  - Update to alpha 16 version
    Resolves: rhbz#1952901 openssl sends alert after orderly connection close
* Mon Apr 26 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha15.1
  - Update to alpha 15 version
    Resolves: rhbz#1903209, rhbz#1952598,
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.0.0-0.alpha13.1.1
  - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Fri Apr 09 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha13.1
  - Update to new major release OpenSSL 3.0.0 alpha 13
    Resolves: rhbz#1903209

Files

/etc/pki/tls
/etc/pki/tls/certs
/etc/pki/tls/ct_log_list.cnf
/etc/pki/tls/misc
/etc/pki/tls/openssl.cnf
/etc/pki/tls/private
/usr/lib/.build-id
/usr/lib/.build-id/08
/usr/lib/.build-id/08/39b21c8c9a42312349f079cc5c51c1d920751c
/usr/lib/.build-id/22
/usr/lib/.build-id/22/4fbc9ed8ab697662a9b34e608fdee959ab8198
/usr/lib/.build-id/45
/usr/lib/.build-id/45/689fd9d2ee3dc15e56b5f0e71a22bd5b298173
/usr/lib/.build-id/4a
/usr/lib/.build-id/4a/69cb4d9ce22ee4dbf449de98105fea899b8c47
/usr/lib/.build-id/75
/usr/lib/.build-id/75/928863711cdfc51360837cde7a12326fbbf2f8
/usr/lib/.build-id/9a
/usr/lib/.build-id/9a/f3f3fbbb4078e458d761a37aaf62fbcdef88a2
/usr/lib/.build-id/b4
/usr/lib/.build-id/b4/1182c564239676f250b4cf0f49c7e548955bb2
/usr/lib/.build-id/ce
/usr/lib/.build-id/ce/11fec3a2263712355b2b2d64913836d5eea6a0
/usr/lib64/engines-3
/usr/lib64/engines-3/afalg.so
/usr/lib64/engines-3/capi.so
/usr/lib64/engines-3/loader_attic.so
/usr/lib64/engines-3/padlock.so
/usr/lib64/libcrypto.so.3
/usr/lib64/libcrypto.so.3.0.1
/usr/lib64/libssl.so.3
/usr/lib64/libssl.so.3.0.1
/usr/lib64/ossl-modules
/usr/lib64/ossl-modules/fips.so
/usr/lib64/ossl-modules/legacy.so
/usr/share/licenses/openssl-libs
/usr/share/licenses/openssl-libs/LICENSE.txt

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Jun 29 02:08:46 2022