Package LibreSSL: Information

Source package: LibreSSL
Version: 2.4.2-alt1
Build time:  Aug 17, 2016, 08:07 PM in the task #168321
Copied in the task: #168804
Report package bug
License: ISC
Summary: OpenBSD fork of OpenSSL library
Description: 
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in
2014, with goals of modernizing the codebase, improving security, and
applying best practice development processes.

List of rpms provided by this srpm:
LibreSSL-devel (x86_64, i586)
LibreSSL-doc (noarch)
libcrypto-LibreSSL (x86_64, i586)
libcrypto-LibreSSL-debuginfo (x86_64, i586)
libssl-LibreSSL (x86_64, i586)
libssl-LibreSSL-debuginfo (x86_64, i586)
libtls (x86_64, i586)
libtls-debuginfo (x86_64, i586)
libtls-devel (x86_64, i586)
libtls-doc (noarch)
netcat-tls (x86_64, i586)
netcat-tls-debuginfo (x86_64, i586)
openssl-LibreSSL (x86_64, i586)
openssl-LibreSSL-debuginfo (x86_64, i586)


List of contributors:
Vladimir D. Seleznev

Last changed


Aug. 3, 2016 Vladimir D. Seleznev 2.4.2-alt1
- 2.4.2
- LibreSSL
  + Bug fixes and improvements:
    - Fixed loading default certificate locations with openssl s_client.
    - Ensured OSCP only uses and compares GENERALIZEDTIME values as per
      RFC6960. Also added fixes for OCSP to work with intermediate
      certificates provided in responses.
    - Improved behavior of arc4random on Windows to not appear to leak
      memory in debug tools, reduced privileges of allocated memory.
    - Fixed incorrect results from BN_mod_word() when the modulus is too
      large, thanks to Brian Smith from BoringSSL.
    - Correctly handle an EOF prior to completing the TLS handshake in
      libtls.
    - Improved libtls ceritificate loading and cipher string validation.
    - Updated libtls cipher group suites into four categories:
      - "secure"   (TLSv1.2+AEAD+PFS)
      - "compat"   (HIGH:!aNULL)
      - "legacy"   (HIGH:MEDIUM:!aNULL)
      - "insecure" (ALL:!aNULL:!eNULL)
      This allows for flexibility and finer grained control, rather than
      having two extremes.
    - Limited support for 'backward com
- openssl-LibreSSL:
  + rename package from LibreSSL-openssl
  + remove conflict with openssl
  + rename binary and manpages fro openssl to openssl-LibreSSL
  + move some man pages to LibreSSL-doc package
- netcat-tls:
  + rename package from netcat-openbsd
  + adopt many of original netcat alt and owl patches
June 19, 2016 Vladimir D. Seleznev 2.3.6-alt1
- 2.3.6
- Correct a problem that prevents the DSA signing algorithm from running
  in constant time even if the flag BN_FLG_CONSTTIME is set.
June 1, 2016 Vladimir D. Seleznev 2.3.5-alt1
- 2.3.5