system environment/libraries

openssl - The OpenSSL toolkit.

Website: http://www.openssl.org/
License: BSDish
Vendor: Scientific Linux
Description:
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

Packages

openssl-0.9.7a-43.18.el4.i686 [1.1 MiB] Changelog by Tomas Mraz (2012-01-27):
- CVE-2011-4576 - properly initialize SSL 3.0 block cipher padding (#771775)
- CVE-2011-4619 - fix SGC restart DoS attack (#771780)
openssl-0.9.7a-43.18.el4.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2012-01-27):
- CVE-2011-4576 - properly initialize SSL 3.0 block cipher padding (#771775)
- CVE-2011-4619 - fix SGC restart DoS attack (#771780)
openssl-0.9.7a-43.17.el4_8.6.i686 [1.1 MiB] Changelog by Tomas Mraz (2010-12-07):
- CVE-2010-4180 - disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
  (#659462)
- CVE-2009-3245 - fix missing checks on allocation failure in
  bn_wexpand (#570924)
openssl-0.9.7a-43.17.el4_8.6.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2010-12-07):
- CVE-2010-4180 - disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
  (#659462)
- CVE-2009-3245 - fix missing checks on allocation failure in
  bn_wexpand (#570924)
openssl-0.9.7a-43.17.el4_8.5.i686 [1.1 MiB] Changelog by Tomas Mraz (2010-02-18):
- do not disable SSLv2 in the renegotiation patch - SSLv2 does
  not support renegotiation
- allow unsafe renegotiation on clients with SSL_OP_LEGACY_SERVER_CONNECT
openssl-0.9.7a-43.17.el4_8.5.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2010-02-18):
- do not disable SSLv2 in the renegotiation patch - SSLv2 does
  not support renegotiation
- allow unsafe renegotiation on clients with SSL_OP_LEGACY_SERVER_CONNECT
openssl-0.9.7a-43.17.el4_7.2.i686 [1.1 MiB] Changelog by Tomas Mraz (2008-12-17):
- CVE-2008-5077 - incorrect checks for malformed signatures (#476671)
openssl-0.9.7a-43.17.el4_7.2.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2008-12-17):
- CVE-2008-5077 - incorrect checks for malformed signatures (#476671)
openssl-0.9.7a-43.17.el4_6.1.i686 [1.1 MiB] Changelog by Tomas Mraz (2007-10-22):
- CVE-2007-5135 off by one buffer overflow in SSL_get_shared_ciphers (#309851)
openssl-0.9.7a-43.17.el4_6.1.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2007-10-22):
- CVE-2007-5135 off by one buffer overflow in SSL_get_shared_ciphers (#309851)
openssl-0.9.7a-43.16.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2007-01-12):
- improves handling of certificates with EXFLAG_NSCERT set (#201005)
openssl-0.9.7a-43.16.i686 [1.1 MiB] Changelog by Tomas Mraz (2007-01-12):
- improves handling of certificates with EXFLAG_NSCERT set (#201005)
openssl-0.9.7a-43.14.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2006-09-28):
- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)
- fix CVE-2006-2940 - parasitic public keys DoS (#207274)
- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)
- fix CVE-2006-4343 - sslv2 client DoS (#206940)
openssl-0.9.7a-43.14.i686 [1.1 MiB] Changelog by Tomas Mraz (2006-09-28):
- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)
- fix CVE-2006-2940 - parasitic public keys DoS (#207274)
- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)
- fix CVE-2006-4343 - sslv2 client DoS (#206940)
openssl-0.9.7a-43.11.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2006-09-09):
- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)
- don't overwrite customized ca-bundle.pem on upgrade (#175811)
openssl-0.9.7a-43.11.i686 [1.1 MiB] Changelog by Tomas Mraz (2006-09-09):
- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)
- don't overwrite customized ca-bundle.pem on upgrade (#175811)
openssl-0.9.7a-43.4.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2005-10-06):
- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which
  disables the countermeasure against man in the middle attack in SSLv2
  (#169863)
- more fixes for constant time/memory access for DSA signature algorithm
openssl-0.9.7a-43.4.i686 [1.1 MiB] Changelog by Tomas Mraz (2005-10-06):
- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which
  disables the countermeasure against man in the middle attack in SSLv2
  (#169863)
- more fixes for constant time/memory access for DSA signature algorithm
openssl-0.9.7a-43.2.i686 [1.1 MiB] Changelog by Tomas Mraz (2005-05-19):
- fix CAN-2005-0109 - use constant time/memory access mod_exp
  so bits of private key aren't leaked by cache eviction (#157631)
openssl-0.9.7a-43.2.x86_64 [1.2 MiB] Changelog by Tomas Mraz (2005-05-19):
- fix CAN-2005-0109 - use constant time/memory access mod_exp
  so bits of private key aren't leaked by cache eviction (#157631)

Listing created by Repoview-0.6.4