Package LibreSSL-devel: Information

Binary package: LibreSSL-devel
Version: 2.4.4-alt0.M80P.1
Architecture: x86_64
Build time:  Nov 7, 2016, 08:59 PM in the task #172001
Source package: LibreSSL
Category: Development/C
Report package bug
Gear: https://git.altlinux.org/gears/L/LibreSSL.git?a=tree;hb=552d6473…
Download: LibreSSL-devel-2.4.4-alt0.M80P.1.x86_64.rpm
Build log: https://git.altlinux.org/tasks/172001/build/100/x86_64/log
Home page: http://www.libressl.org/
License: ISC
Summary: Headers for LibreSSL
Description: 
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in
2014, with goals of modernizing the codebase, improving security, and
applying best practice development processes.

Headers for building software that uses LibreSSL
Maintainer: Vladimir D. Seleznev
List of contributors:
Vladimir D. Seleznev

Last changed

Nov. 7, 2016 Vladimir D. Seleznev 2.4.4-alt0.M80P.1
- Backported to P8.
Nov. 7, 2016 Vladimir D. Seleznev 2.4.4-alt1
- 2.4.4
- packaged ungziped source tarball
- changed watchfile to watch stable releases
- packaged watchfile
- Changes and fixes:
  + Avoid continual processing of an unlimited number of TLS records,
    which can cause a denial-of-service condition.
  + In X509_cmp_time(), pass asn1_time_parse() the tag of the field
    being parsed so that a malformed GeneralizedTime field is recognized
    as an error instead of potentially being interpreted as if it was a
    valid UTCTime.
  + Improve ticket validity checking when tlsext_ticket_key_cb()
    callback chooses a different HMAC algorithm.
  + Check for packets with a truncated DTLS cookie.
  + Detect zero-length encrypted session data early, instead of when
    malloc(0) fails or the HMAC check fails.
  + Check for and handle failure of HMAC_{Update,Final} or
    EVP_DecryptUpdate()
Sept. 30, 2016 Vladimir D. Seleznev 2.4.3-alt0.M80P.1
- Backport to Alt Linux P8.
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top