Package openssl097: Information
Source package: openssl097
Version: 0.9.7g-alt6
Build time: Nov 2, 2006, 11:59 PM
Category: System/Base
Report package bugHome page: http://www.openssl.org
License: distributable
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Description:
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL tookit and its related documentation. OpenSSL is based on the excellent SSLeay library developed from Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes.
Maintainer: Dmitry V. Levin
ACL:
@qa_p5
@qa_p5
Last changed
Nov. 2, 2006 Dmitry V. Levin 0.9.7g-alt6
- Updated upstream bss_conn.c fix. - Renamed srpm: openssl -> openssl097. - Renamed subpackage: libssl -> libssl4.
Sept. 27, 2006 Dmitry V. Levin 0.9.7g-alt5
- Applied upstream fixes for DoS bugs in ASN1 parser (CVE-2006-2937, CVE-2006-2940). - Applied fix for buffer overflow in SSL_get_shared_ciphers(), discovery and patch from Tavis Ormandy and Will Drewry of the Google Security Team (CVE-2006-3738). - Applied fix for possible DoS in the sslv2 client code, discovery and patch from Tavis Ormandy and Will Drewry of the Google Security Team (CVE-2006-4343). - Build this package without optimizations based on strict aliasing rules.
Sept. 6, 2006 Dmitry V. Levin 0.9.7g-alt4
- Applied upstream patch to avoid RSA signature forgery (CVE-2006-4339).