openssl-1.0.2j-4.1.x86_64.rpm


Advertisement

Description

openssl - Secure Sockets and Transport Layer Security

Distribution: openSUSE 42.2
Repository: openSUSE Update Oss all
Package name: openssl
Package version: 1.0.2j
Package release: 4.1
Package architecture: x86_64
Package type: rpm
Installed size: 1.53 MB
Download size: 656.37 KB
Official Mirror: ftp.gwdg.de
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. Derivation and License OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style license, which basically means that you are free to get it and to use it for commercial and noncommercial purposes.

Alternatives

Provides

  • config(openssl) = 1.0.2j-4.1
  • openssl = 1.0.2j-4.1
  • openssl(x86-64) = 1.0.2j-4.1
  • ssl

    Download

    Install Howto

    Install openssl rpm package:

    # zypper install openssl

    Files

    • /etc/ssl/openssl.cnf
    • /etc/ssl/private/
    • /usr/bin/c_rehash
    • /usr/bin/fips_standalone_hmac
    • /usr/bin/openssl
    • /usr/share/doc/packages/openssl/AVAILABLE_CIPHERS
    • /usr/share/doc/packages/openssl/CHANGES
    • /usr/share/doc/packages/openssl/CHANGES.SSLeay
    • /usr/share/doc/packages/openssl/INSTALL
    • /usr/share/doc/packages/openssl/INSTALL.DJGPP
    • /usr/share/doc/packages/openssl/INSTALL.MacOS
    • /usr/share/doc/packages/openssl/INSTALL.NW
    • /usr/share/doc/packages/openssl/INSTALL.OS2
    • /usr/share/doc/packages/openssl/INSTALL.VMS
    • /usr/share/doc/packages/openssl/INSTALL.W32
    • /usr/share/doc/packages/openssl/INSTALL.W64
    • /usr/share/doc/packages/openssl/INSTALL.WCE
    • /usr/share/doc/packages/openssl/LICENSE
    • /usr/share/doc/packages/openssl/NEWS
    • /usr/share/doc/packages/openssl/README
    • /usr/share/doc/packages/openssl/README-FIPS.txt
    • /usr/share/doc/packages/openssl/README.SUSE
    • /usr/share/man/man1/CA.pl.1ssl.gz
    • /usr/share/man/man1/asn1parse.1ssl.gz
    • /usr/share/man/man1/c_rehash.1ssl.gz
    • /usr/share/man/man1/ca.1ssl.gz
    • /usr/share/man/man1/ciphers.1ssl.gz
    • /usr/share/man/man1/cms.1ssl.gz
    • /usr/share/man/man1/crl.1ssl.gz
    • /usr/share/man/man1/crl2pkcs7.1ssl.gz
    • /usr/share/man/man1/dgst.1ssl.gz
    • /usr/share/man/man1/dhparam.1ssl.gz
    • /usr/share/man/man1/dsa.1ssl.gz
    • /usr/share/man/man1/dsaparam.1ssl.gz
    • /usr/share/man/man1/dss1.1ssl.gz
    • /usr/share/man/man1/ec.1ssl.gz
    • /usr/share/man/man1/ecparam.1ssl.gz
    • /usr/share/man/man1/enc.1ssl.gz
    • /usr/share/man/man1/errstr.1ssl.gz
    • /usr/share/man/man1/gendsa.1ssl.gz
    • /usr/share/man/man1/genpkey.1ssl.gz
    • /usr/share/man/man1/genrsa.1ssl.gz
    • /usr/share/man/man1/md2.1ssl.gz
    • /usr/share/man/man1/md4.1ssl.gz
    • /usr/share/man/man1/md5.1ssl.gz
    • /usr/share/man/man1/mdc2.1ssl.gz
    • /usr/share/man/man1/nseq.1ssl.gz
    • /usr/share/man/man1/ocsp.1ssl.gz
    • /usr/share/man/man1/openssl.1ssl.gz
    • /usr/share/man/man1/passwd.1ssl.gz
    • /usr/share/man/man1/pkcs12.1ssl.gz
    • /usr/share/man/man1/pkcs7.1ssl.gz
    • /usr/share/man/man1/pkcs8.1ssl.gz
    • /usr/share/man/man1/pkey.1ssl.gz
    • /usr/share/man/man1/pkeyparam.1ssl.gz
    • /usr/share/man/man1/pkeyutl.1ssl.gz
    • /usr/share/man/man1/rand.1ssl.gz
    • /usr/share/man/man1/req.1ssl.gz
    • /usr/share/man/man1/ripemd160.1ssl.gz
    • /usr/share/man/man1/rsa.1ssl.gz
    • /usr/share/man/man1/rsautl.1ssl.gz
    • /usr/share/man/man1/s_client.1ssl.gz
    • /usr/share/man/man1/s_server.1ssl.gz
    • /usr/share/man/man1/s_time.1ssl.gz
    • /usr/share/man/man1/sess_id.1ssl.gz
    • /usr/share/man/man1/sha.1ssl.gz
    • /usr/share/man/man1/sha1.1ssl.gz
    • /usr/share/man/man1/sha224.1ssl.gz
    • /usr/share/man/man1/sha256.1ssl.gz
    • /usr/share/man/man1/sha384.1ssl.gz
    • /usr/share/man/man1/sha512.1ssl.gz
    • /usr/share/man/man1/smime.1ssl.gz
    • /usr/share/man/man1/speed.1ssl.gz
    • /usr/share/man/man1/spkac.1ssl.gz
    • /usr/share/man/man1/ts.1ssl.gz
    • /usr/share/man/man1/tsget.1ssl.gz
    • /usr/share/man/man1/verify.1ssl.gz
    • /usr/share/man/man1/version.1ssl.gz
    • /usr/share/man/man1/x509.1ssl.gz
    • /usr/share/ssl/
    • /usr/share/ssl/misc/CA.pl
    • /usr/share/ssl/misc/CA.sh
    • /usr/share/ssl/misc/c_hash
    • /usr/share/ssl/misc/c_info
    • /usr/share/ssl/misc/c_issuer
    • /usr/share/ssl/misc/c_name
    • /usr/share/ssl/misc/tsget

    Changelog

    2017-01-26 - vcizek@suse.com - OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641) * Truncated packet could crash via OOB read (CVE-2017-3731) (bsc#1022085) * BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732) (bsc#1022086) * Montgomery multiplication may produce incorrect results (CVE-2016-7055) (bsc#1009528) - degrade 3DES to MEDIUM in SSL2 (bsc#1001912) - fix crash in openssl speed (bsc#1000677) - added patches: * openssl-CVE-2016-7055.patch * openssl-CVE-2017-3731.patch * openssl-CVE-2017-3732.patch * openssl-fix_crash_in_openssl_speed.patch * openssl-degrade_3DES_to_MEDIUM_in_SSL2.patch - fix X509_CERT_FILE path (bsc#1022271) * updated openssl-1.0.1e-truststore.diff - AES XTS key parts must not be identical in FIPS mode (bsc#1019637) * add openssl-fips-xts_nonidentical_key_parts.patch

    2016-10-07 - vcizek@suse.com - temporarily revert upstream commit fd7ca7465b67336b8950a505b6d2adee867a78f7 because it breaks libcamgm (bsc#1002585) * 0001-Make-openssl-req-x509-more-equivalent-to-openssl-req.patch

    2016-09-27 - vcizek@suse.com - resume reading from /dev/urandom when interrupted by a signal (bsc#995075) * add openssl-randfile_fread_interrupt.patch - fix crash in print_notice (bsc#998190) * add openssl-print_notice-NULL_crash.patch

    2016-09-27 - vcizek@suse.com - update to 1.0.2j - OpenSSL Security Advisory [26 Sep 2016] Severity: Moderate * Missing CRL sanity check (CVE-2016-7052) (bsc#1001148) * A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.

    2016-09-23 - vcizek@suse.com - OpenSSL Security Advisory [22 Sep 2016] (bsc#999665) Severity: High * OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666) Severity: Low * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575) * Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249) * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844) * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419) * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749) * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819) * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359) * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324) * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377) * Certificate message OOB reads (CVE-2016-6306) (bsc#999668) - update to openssl-1.0.2i * drop patches: openssl-1.0.2a-new-fips-reqs.patch openssl-1.0.2e-fips.patch openssl-CVE-2016-2177.patch openssl-CVE-2016-2178-2.patch openssl-CVE-2016-2178.patch openssl-CVE-2016-2179-2.patch openssl-CVE-2016-2179.patch openssl-CVE-2016-2180.patch openssl-CVE-2016-2181-2.patch openssl-CVE-2016-2181-3.patch openssl-CVE-2016-2181.patch openssl-CVE-2016-2182-2.patch openssl-CVE-2016-2182.patch openssl-CVE-2016-2183-SWEET32.patch openssl-CVE-2016-6302.patch openssl-CVE-2016-6303.patch * add patches: openssl-1.0.2i-fips.patch openssl-1.0.2i-new-fips-reqs.patch * refresh patches: 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch 0001-libcrypto-Hide-library-private-symbols.patch

    2016-08-30 - vcizek@suse.com - Fix a regression caused by openssl-CVE-2016-2182-2.patch (bsc#995959) * add openssl-CVE-2016-2182-3.patch

    Advertisement
    Advertisement