Revisions of openssl-1_0_0
Frank Schütte (fschuett)
committed
(revision 4)
readded libopenssl10
Frank Schütte (fschuett)
committed
(revision 3)
- Security fix: [bsc#1213487, CVE-2023-3446] * Fix DH_check() excessive time with over sized modulus. * The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ("p" parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. A new limit has been added to DH_check of 32,768 bits. Supplying a key/parameters with a modulus over this size will simply cause DH_check() to fail. * Add openssl-CVE-2023-3446.patch - Improve cross-package provides/conflicts [boo#1210313] * Remove Conflicts: ssl * Add Conflicts: openssl(cli) - Security Fix: [bsc#1207534, CVE-2022-4304] * Reworked the Fix for the Timing Oracle in RSA Decryption The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case compared to 1.1.1s. * Reworked openssl-CVE-2022-4304.patch * Refreshed patches: - openssl-CVE-2023-0286.patch - openssl-CVE-2023-0464.patch - openssl-CVE-2023-0465.patch
Frank Schütte (fschuett)
committed
(revision 2)
Build old versioning scheme for smart software
Frank Schütte (fschuett)
committed
(revision 1)
Displaying all 4 revisions