system environment/libraries

openssl - Utilities from the general purpose cryptography library with TLS implementation

Website: http://www.openssl.org/
License: OpenSSL
Vendor: Fedora Project
Description:
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

Packages

openssl-1.0.1e-42.fc20.i686 [700 KiB] Changelog by Tomáš Mráz (2015-03-19):
- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0292 - integer underflow in base64 decoder
- fix CVE-2015-0293 - triggerable assert in SSLv2 server
openssl-1.0.1e-41.fc20.i686 [700 KiB] Changelog by Tomáš Mráz (2015-01-13):
- fix CVE-2014-3570 - incorrect computation in BN_sqr()
- fix CVE-2014-3571 - possible crash in dtls1_get_record()
- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state
- fix CVE-2014-8275 - various certificate fingerprint issues
- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export
  ciphersuites and on server
- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate
- fix CVE-2015-0206 - possible memory leak when buffering DTLS records
- add ECC TLS extensions to DTLS (#1119803)
- do not send ECC ciphersuites in SSLv2 client hello (#1090955)
- copy digest algorithm when handling SNI context switch

Listing created by Repoview-0.6.6-1.el5