Package LibreSSL-devel: Information
Default inline alert: Version in the repository: 2.5.5-alt2.M80P.1
Binary package: LibreSSL-devel
Version: 2.4.4-alt0.M80P.1
Architecture: x86_64
Build time: Nov 7, 2016, 08:59 PM in the task #172001
Source package: LibreSSL
Category: Development/C
Report package bugHome page: http://www.libressl.org/
License: ISC
Summary: Headers for LibreSSL
Description:
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes. Headers for building software that uses LibreSSL
Maintainer: Vladimir D. Seleznev
Last changed
Nov. 7, 2016 Vladimir D. Seleznev 2.4.4-alt0.M80P.1
- Backported to P8.
Nov. 7, 2016 Vladimir D. Seleznev 2.4.4-alt1
- 2.4.4 - packaged ungziped source tarball - changed watchfile to watch stable releases - packaged watchfile - Changes and fixes: + Avoid continual processing of an unlimited number of TLS records, which can cause a denial-of-service condition. + In X509_cmp_time(), pass asn1_time_parse() the tag of the field being parsed so that a malformed GeneralizedTime field is recognized as an error instead of potentially being interpreted as if it was a valid UTCTime. + Improve ticket validity checking when tlsext_ticket_key_cb() callback chooses a different HMAC algorithm. + Check for packets with a truncated DTLS cookie. + Detect zero-length encrypted session data early, instead of when malloc(0) fails or the HMAC check fails. + Check for and handle failure of HMAC_{Update,Final} or EVP_DecryptUpdate()
Sept. 30, 2016 Vladimir D. Seleznev 2.4.3-alt0.M80P.1
- Backport to Alt Linux P8.