libopenssl-3-devel-3.0.8-150400.4.42.1<>,PeTp9|M,w }!0+aM;~4vVI*Xh]a6Wg՚:oy4fET!krWg ~VZ+(>CgeNSŃtcf\< |v 5N 3kT~i.茍DE?Ed ) G  +7PV`    + +-03356P 6t 7. 7T7d7(787<98<:=<F/,G/HH1I3X4HY4\\4]6^;b< c<d=:e=?f=Bl=Du=Xv?w?xB0yDh zDDDDDDDDClibopenssl-3-devel3.0.8150400.4.42.1Development files for OpenSSLThis subpackage contains header files for developing applications that want to make use of the OpenSSL C API.eTibs-power9-11SUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Unspecifiedhttps://www.openssl.org/linuxppc64le3a [J \zRH_!-( qVf94]k: X!M; 0"ciiJ U#x] 6'~*"}<r p2 d JKt-W=    N -m1H|2<~9Oi} ;J, (%L &K3o=|; o VA큤eTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȴeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȵeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeTȶeT}eTȶeTȶeTȶeTȶeTȶ27aaa89367b022b12b66cf52c3c2d68f6761965ac36f3f1153202fa44692ad0e5d6c3a8c878bafcadfc582776265c46c9338a0ff6825a6f5ac2e9bda721959da5a0d1d59316bc398bc63af0f1dcf377fb66c3e3132d4c45400c9dbc2003e24b575c4b045fef75587c0df5c658b7466b74ad42755368a56cf6ff43581aa5768c6a3c3f5b114cb48eee9fc7a4cabec55c895de8edc592753a46c40c650a90200cb49369e1569d424f56f016865a34d59b676984e7f67f459e6514241afcd818252154f003cfbf49040a04d9aac459cf5009a5a1d76298b222d66ba5b5a4e3721afeecf6af950176721433790734e19f67a1ab8c558c7a6903fb55d4f68cb372cd4348571893bca9600b9f790af5c6a02b40bffd83a718450a54a8022c70fef1a14fb4b19b7730d1cc7ff2b9da1435a506ad0ef50263bd168c5ff24214a065802828141d04fc871e83308921c290fea380ce92db4a1e2647c985d2f9dcc2bedb08df0dfac26985a7ae40174e90173df9f95b15bba4d3768290746d7258ff1b0ae64c87b52702746e224e6242f4a2a2070b007502ea92063b41df2c4f6bec11c37ca73f33a7b4406477a0eaf9d0ec42f43b2594167b1d6b84175f378cf5b0de07c12d1cee6e44668fba0e46c38db7394aa094c6cd2a25b97dbcfcc6f0ff4414f8ebf654ac650ae74ca5e9a87ab46c1205157a7489097d005fdccc4c52912cfcefa55b26f8ddb9f60eef2601a84a5455c11060e028d8ce700cae682c4a02ffe2f2ca24831442e718d63447958ca4d5dcea987fc38e5d9a6a4a12e7395df9c312e8a1a7a982bac5840812b486176102b1fe8b48dda8cce0fe94f2d35aff5057a99004ed22b5995d615e5374041784cd1af99b4ef349b0cd6e2ac852c6d1dbf9aed8e90d9ab5e872b5fcffe83aba492b1ef3ea01cd9fc0e39f375e6a5d969d0503c77599db6b3e5e7d1a82c7bffbde27a91f5ace1ddf8c11f5f5a55b90b3df9a67f4ab644ad0613758e8cf84d9ec4f40cf50cbb735b16e659f7e9fd30c2155585d94199656851389d8f21bc80b566248d7849c6b4ecbd5b178592b8e099c6457b37d87c242d80993db5c77fc7a689b85019fe98ddf3273454256b44f02bd22f6f572c48a66bcc69464235679980efc4a687a4fe036388da91173809ca45c0a3cfe47a5b4b724e0a69104b630c334787994273c619f4dc0b509a0b03271de5a7e2539fcb28a2cd09b67f745cb03b429351ede0086182adbb025390f32a60f0a0568d0689e8f6697076d2464eaecfe2cdae8d2045388c53da2372fd52df5f6cfdc4d633752981b182ac8930f17b136665b61f1c34c0cfdb4e122f19bd75d7ff552ff5e736c736175338055b9ba8811d16db30aa5d3e5f9e2f09000706348a5ba06df44c302b1676b5ed4d0e418ee4f143f40d5349cccfa5c46e08d34298f2881182da25a07a7172d30597e3a3e06c4e67a049d1335aa6f7d5b49641abba8fd4d5a1c0756382845b3e6709944bd15b51b29ea4759f0ada0155490580e7c63dbd82a367ee74c08a40103c0c6d0d7d9ad0e2781db1f19829d29193d115d38b4d0271d13fecf92ed5e2353be9cce5a0ce0478253ee938f72ef600422a6cc0681536434b4b72a84e7759de28d9f389122c9f5adc93fc20eef7b6619594b1c96c7904b421450d4b870042252331e89723d31079469104cafd676f0fedcbe0d99f56f3e8862fff8d67ac51cc9f39d5674eb1cd9e8282fe1ed2da84db50c1ac9aaeaac9c8f2b236d3562bfe4ac984ebfef4fb91bdbe0a649d157f5057ab61ffee3a844d23f7c72c0a8419fd9e4e333fd477238bbad4ff875d5657b02cc39635c3a5c15f3a5bc7f0f2a785fb95930e8b4a18054f77b7d5143d44673f4ca57682899bc2bf3464cafccfbb13c7c5e13f3402d674fa88994b92ed72d6cdc1116707765d28bd7e0de31285d33ff8425c5201008965906ae9e9a8b4db61d92823f5b0375989ed81e7f8e6da1fdb17fb97cdfb1a5db6a29fb34f77e625a4592614d31b6bd7efb334492f5cf328e92a797490e0fd3ba888803fec0104c242149bf922b1b447325efbde0c12d8834117a5477caf3d664f00470d113f77d16b964442677b34028fdeb2a970042b1d1f404032a9eb31408c1f10bdff554d5740fb345b64b86fb74da8df95fbd901a5c404e815f8ea17c46ed1b78118f32c2e31fd3ce42f761af2bf8fb5a586455075a668c25c97853d5ba37ebce060a15152573242e3729d42830eba1daa642404b863eb4d76d0ac3a6465e859de128549e169eec280f029a22404321a6ebb1b805b99fdd1dfea38640ed8a506fb9b66db381cc26a1254448a81cc6b161e41850f5b99fdd1dfea38640ed8a506fb9b66db381cc26a1254448a81cc6b161e41850f21731c261621bfff1279fa1b4d4ef8b9b4855a9128e99a47a9b6e6f25df710f8907d2f061c2972447d3f0c1cfc149c78791b1e4bdc131ad5a3eed1d084c76b4163504766e9fcf36fe1527d95fe21460574896da187c60707bfa68254a35693b711530c79754e3d241cb277d6bc9c9a3f6eb382db53513877b40488908e2435568616a93b1b1bd8d1221844834817c28b7da78be1649a5b1780d9ea65fba8807c3cc1e1dbda3781fec4f515b1d61e31c39c6e76b802b3150e7c977b0b0a2136089da64664080d13f1f541f425dbac6305159d6c47309121427d77c67744c88de0e791193e891b0784670d5410539aeea9d2a8591de71495b4add6e7dbf9dc22cd5fe8b8ffa59140110355ebb507e03dc3292f800bf6a62da17574365b181f05bf7fab5bade4441300fa7ffe721ca2eb361835998db7d386f8f1be7db5b7596c3f2d9f27ed8c44edc185101da548f533d0dbee1435fd8cdb7ad8f02690d31cd20b056f3c751af11919d3b7c87c33d5f014453a65bf82e95a7e2355149d5a718d3de49fbe0086f8fbefa5648eef70bc84e8090a9226a1e3c6e856499373004aed0a70777f3993fce1e96dd54a1c8f839da604753f9c92cdafcaa5f268ce608bb0cdb50562e98d92c08e47e2b1b0bcf5652820b2a774652968a1188f9f2d87f2fe87239122df15e738d7552dd76850c55a9ffe0136f33506c23d9058215a1255af6641756fe038443d1d270458d53d6e42ea78d12d980728b6a9284fa259958ea00a3d9f27fffdb49e0ece9d5a62adbb9cc42c56262b00cc8ce7f956b2cb05a2a22d5c8983ed315c545b091df0aabc2ce42392f573ec112894a74727211ff0552a1fe480df214285bb3225da7549c0468590f7156ca399591167ee41360936264c464add77ed047736979dc442a49d42921cce21e654a2dceef058d0191aa2d3c9410472e597d139b44dd7d78d9093a5d8109417d18e9955fc940f1ea3e2e892ab44308c901ec1a28f9b0098717f689ca63e104ce805050802d38b8f122d85ab2c7842b844c9ae9e00e7c0b0e28858b8b3db7b8abf7e514e5e63f43456371ed3384b4a8b3b1dafc15798a3b2bef0e3885275746e7fae73a0d96e55da55261554ba52c1d31f32a3dbc9dea1db10f322b4b46a24c3d4411fe54630df59fa46fc2b583a5fc6f3f0dd5e46fd409cb51ae1b331fec799fb6ef4b5efdc8ffbe264e5e83997e17a8d7f62a1ef257fd90e604d4293bf02d5f81ae8198efe1e197c5b27baeb8c0e229d683a7e716a3834157218f692f0db7996f4b473da08c57ffdffbd661eb3178329cfc042d3f1eb6e179206d844de41ba05ee4ac0ed9e3e6c861fb49d68ea890184233890bacd52fd420fef07befad411b9a318b97efbf36f46673d3e78416b10b4fa5a5565acce92d9de334ae13a259af96994f9fe28f39b4fa8b996309476cb203ef3bcd305f4171e1d33f3f3319dee6354c2433493e5e9068aa79672fd3bf39b1037256466f1a89868621b2b62f1d05e63064159e60727041b170d55e310d8e0157e339ee01f3b9c60c4b5bc60e6d4edce1084f0c9589ff75bf3a9f6939ae49f961842fa3e2e76ea796e48b2a984e2a66dc0c266a52d01ac7bab5bd9f1a34a1607983b5f32be8ca49e75c3b41f1c9413b4eb777af144958283ecbd3922843df90b1b434eed626bb6b8bccd5f6ed530e592d706584f56a725d254d8a5d2e4d337e42421cc7b6686ff1f8fbee746672402c95ea41711c26b120158508b3bb692b1a2c7fc06002dee07a868f0ec394e9b7f20b5e151f78e0941e143c2d2d4c7774e58421a0bb09064d5a1112739586b047d4045768fe5e098fdc6be668c499fe7a51f3de13b1fd03b319c64b8bd287164eb6ce7d3481994141c0be51396d51f5c121c02d31f695bff708396e0512286fa04dee67f12ab895c0c558ba33f20adf058748c58f5e0e3446a1af743ea70e4387a95ddc0d08d9ceddf79a87ac517b9e5b46a26f7e7ec383fe540404092e4d76ae54b5822744e4ba0750ef8d2cac085bda3b0a72aedb08cb8b75bb49366e4f8e07599f9dae5df8d688ce57073033f80260d41625b9ed9f727e8553a65a111645b3c013df8cc8fa6a718d32b643c8808c6865d169a300e8bc818bd810f80ffb8a21d69e97dad88e400b586d0f3e965ea45836c253246c1d6f1b16b360dbb59322e26e28bfc54881d698e7cd5057666968c96ead08204edb8148981094700cbc3338ed0613c4469da5ab4675fa1ce292e28edeb6613516db89e28c9d962301f4fe7b38366ebdd1d35933f3491d57b9d55aa4b44d21ebb0d7cbc54273f0cf6032c449f5055cfae6793c5b68a682d6692a745e6b2835af7bb933e78870a270d51ab33778fe10a5cd377422d4b9587dcf019ee08576dd9663c91a68ead50a8de4da6c6eb80bc67526b59015c766ddfec330d6d206f240f7bd6fa28cd4ec66b2b878f199af3ce6eda172af9fe31ebb715865a77b263ac9a41190c15fc0c6932b0d573d9034d55b401ccdc52858b5ee9c5fc06500535b9b3d9742e745558dc02e52d0df6d75b038457d4f6c374ed68d39eaf7f8fe9346e7b96fffab973029ebc955c6bb89e7556391281b0dd49205d49e33cd2b97e90531bf9cdb086d9943a518bc474aebaa0aef02f1d41e8113fe944c9d9343c8e0df2648badbca74e12c0de513db4e02d72551593af44db4c3929288a6592e3330e2867bf17d3b305ba0f6fe6b073ad4bdb9db519e4224bbd993f1e9cb75ce26c99d8a0fffe062a4293f01f6d55619b4e1b8f75bf0065fb3faa2ac512e9588d9574a9522a3c855782161f5031b14de49a891f732630ddc5e316941bf46298401ca29f46694fff11304801d995015a7e4a81afe0db0a9a79a0bdde9e03d869f94382a15a3c4cfd1dda32108db5234727b36ed0e25f1fb12e0993c7b5ac95cfd4ee1777782d642da53a045d253ede58f0f0463647e6d4f352953b26e2e058370277e107a1b979ff5e0bd28f5adb92e066d41831ac37ce7108d2a1b84376f668b54776fa15943f3f018be6c7dc7a8847c9f512fb5eeec4f093804197dc2dfa2b993bb35fed2b892f4128c63acb707ebe8b689b9327dd2d87eb7ed59e834b02ece8835757afceedac1ab80b4081db1a5b9758bd1eab887c00834dd91d4d5339eca8f795f977a1f52bd84c8c01d2e90686887fc151a9309efdeb95f42d1cd3270d851cb9db84c48bb8a9871a988950fd0b62ecc854b11641e3e9a07fa191a6f61a6a6b331ef3cc6c632f782e8da2fa81aaeeac56e4d0b2fb3016f936805be2574986b31300621b35ddd0e2220fd9943eabc264003d73364282869fbb5c1d4a8471663d97e048fd14e4652af8402acb72200784b1940bd70b39b442c6d5c99bd96f46dc9509b4d10802aaa1ad3c84763a2843312fdc8dd8add5c7b24e7f0c877fbb8f9f6ad1960e87f78363793130a0c1bee89b64a12eb32e939791fb0ca6101683e45fe8bf3c36c1c7926fdb4bddb1ffbbe4cc2338eb96bba7d1c71f10b70211565a4a3c00b770e7941ae6b969000bf6fbbe7644d67e6faacc81c32766ca98862c4d4a6f0c94bfc1fc3208f45c50463240719a25de72716d7d033845a84d991e0cd069b20f7f5c117ffac07a4d59a319cf5bcb2a36da07d2675f04d5cfc5b29625ce00779ee00002830ede3e302a8b4bf03dbc505243d2b87a86a62c31a52d6f202ba3727bdd61d8a62464138a06f17730e8186a322e34385941af8c0fe0622c40f3f8f128fbd4157719d42f2230b5dfa33882ada2b8bd2f47c23bfb902bd3059fce1ca5da50dd401b3f870dea5693b1100904c3eb279e3222b42033f676038dopenssllibcrypto.so.3libssl.so.3rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootopenssl-3-3.0.8-150400.4.42.1.src.rpmlibopenssl-3-devellibopenssl-3-devel(ppc-64)pkgconfig(libcrypto)pkgconfig(libssl)pkgconfig(openssl)@@@    /usr/bin/pkg-configlibopenssl3pkgconfig(libcrypto)pkgconfig(libssl)pkgconfig(zlib)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.83.0.4-14.6.0-14.0-15.2-1libopenssl-devellibopenssl-devellibressl-develssl-devel3.0.83.0.84.14.3eRe1@e-%d.@dd!d~du@dkY@d*d*dck@ccccccccj@c@ccY!@cGbb@blb@bb0a aa@a@a7T@a@`@`P@` @`B`}p`v@`/@`&m__H@_@_@_@_9_-B@_@_^@^@^@^^@^@otto.hollmann@suse.comotto.hollmann@suse.comotto.hollmann@suse.comotto.hollmann@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.comotto.hollmann@suse.comotto.hollmann@suse.comotto.hollmann@suse.comotto.hollmann@suse.comotto.hollmann@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.comotto.hollmann@suse.comotto.hollmann@suse.comotto.hollmann@suse.comotto.hollmann@suse.comjsikes@suse.comjsikes@suse.comjsikes@suse.comjsikes@suse.comjsikes@suse.comjsikes@suse.compmonreal@suse.comdanilo.spinella@suse.comsimonf.lees@suse.comsimonf.lees@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.comjsikes@suse.comjsikes@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.comcallumjfarmer13@gmail.comvcizek@suse.compmonrealgonzalez@suse.comvcizek@suse.comvcizek@suse.comjengelh@inai.devcizek@suse.comvcizek@suse.comvcizek@suse.com- Security fix: [bsc#1216922, CVE-2023-5678] * Fix excessive time spent in DH check / generation with large Q parameter value. * Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex () or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. * Add openssl-CVE-2023-5678.patch- Added openssl-3-use-include-directive.patch so that the default /etc/ssl/openssl3.cnf file will include any configuration files that other packages might place into /etc/ssl/engines3.d/ and /etc/ssl/engdef3.d/. - Updated spec file to create the two new necessary directores for the above patch. [bsc#1194187, bsc#1207472]- Security fix: [bsc#1216163, CVE-2023-5363] * Incorrect cipher key and IV length processing * Add openssl-CVE-2023-5363.patch- Security fix: [bsc#1213853, CVE-2023-3817] * Add test of DH_check() with q = p + 1 * Update openssl-3-CVE-2023-3817.patch- Security fix: [bsc#1213853, CVE-2023-3817] * Excessive time spent checking DH q parameter value: The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. If DH_check() is called with such q parameter value, DH_CHECK_INVALID_Q_VALUE return flag is set and the computationally intensive checks are skipped. * Add openssl-3-CVE-2023-3817.patch- Security fix: [bsc#1213487, CVE-2023-3446] * Fix DH_check() excessive time with over sized modulus. * The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ("p" parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. A new limit has been added to DH_check of 32,768 bits. Supplying a key/parameters with a modulus over this size will simply cause DH_check() to fail. * Add openssl-CVE-2023-3446.patch openssl-CVE-2023-3446-test.patch- Security fix: [bsc#1213383, CVE-2023-2975] * AES-SIV implementation ignores empty associated data entries * Add openssl-CVE-2023-2975.patch- Update to version 3.0.8 [bsc#1207541, CVE-2023-0401] * Fixed NULL dereference during PKCS7 data verification. A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. ([bsc#1207541, CVE-2023-0401]) PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data. * Fixed X.400 address type confusion in X.509 GeneralName. There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. ([bsc#1207533, CVE-2023-0286]) * Fixed NULL dereference validating DSA public key. An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3. ([bsc#1207540, CVE-2023-0217]) * Fixed Invalid pointer dereference in d2i_PKCS7 functions. An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data. ([bsc#1207539, CVE-2023-0216]) * Fixed Use-after-free following BIO_new_NDEF. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. ([bsc#1207536, CVE-2023-0215]) * Fixed Double free after calling PEM_read_bio_ex. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. ([bsc#1207538, CVE-2022-4450]) * Fixed Timing Oracle in RSA Decryption. A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. ([bsc#1207534, CVE-2022-4304]) * Fixed X.509 Name Constraints Read Buffer Overflow. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. The read buffer overrun might result in a crash which could lead to a denial of service attack. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. ([bsc#1207535, CVE-2022-4203]) * Fixed X.509 Policy Constraints Double Locking security issue. If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. ([CVE-2022-3996]) * Our provider implementations of `OSSL_FUNC_KEYMGMT_EXPORT` and `OSSL_FUNC_KEYMGMT_GET_PARAMS` for EC and SM2 keys now honor `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` as set (and default to `POINT_CONVERSION_UNCOMPRESSED`) when exporting `OSSL_PKEY_PARAM_PUB_KEY`, instead of unconditionally using `POINT_CONVERSION_COMPRESSED` as in previous 3.x releases. For symmetry, our implementation of `EVP_PKEY_ASN1_METHOD->export_to` for legacy EC and SM2 keys is also changed similarly to honor the equivalent conversion format flag as specified in the underlying `EC_KEY` object being exported to a provider, when this function is called through `EVP_PKEY_export()`. * Removed openssl-3-Fix-double-locking-problem.patch, contained in upstream. - Update to 3.0.7: [bsc#1204714, CVE-2022-3602,CVE-2022-3786] * Fixed two buffer overflows in punycode decoding functions. A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. An attacker can craft a malicious email address to overflow an arbitrary number of bytes containing the `.` character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). ([CVE-2022-3786]) An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution depending on stack layout for any given platform/compiler. ([CVE-2022-3602]) * Removed all references to invalid OSSL_PKEY_PARAM_RSA names for CRT parameters in OpenSSL code. Applications should not use the names OSSL_PKEY_PARAM_RSA_FACTOR, OSSL_PKEY_PARAM_RSA_EXPONENT and OSSL_PKEY_PARAM_RSA_COEFFICIENT. Use the numbered names such as OSSL_PKEY_PARAM_RSA_FACTOR1 instead. Using these invalid names may cause algorithms to use slower methods that ignore the CRT parameters. * Fixed a regression introduced in 3.0.6 version raising errors on some stack operations. * Fixed a regression introduced in 3.0.6 version not refreshing the certificate data to be signed before signing the certificate. * Added RIPEMD160 to the default provider. * Ensured that the key share group sent or accepted for the key exchange is allowed for the protocol version. - Update to 3.0.6: [bsc#1204226, 1205476, CVE-2022-3358, CVE-2022-40735] * OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. * OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and EVP_CipherInit_ex2() functions (as well as other similarly named encryption and decryption initialisation functions). Instead of using the custom cipher directly it incorrectly tries to fetch an equivalent cipher from the available providers. An equivalent cipher is found based on the NID passed to EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID for a given cipher. However it is possible for an application to incorrectly pass NID_undef as this value in the call to EVP_CIPHER_meth_new(). When NID_undef is used in this way the OpenSSL encryption/decryption initialisation function will match the NULL cipher as being equivalent and will fetch this from the available providers. This will succeed if the default provider has been loaded (or if a third party provider has been loaded that offers this cipher). Using the NULL cipher means that the plaintext is emitted as the ciphertext. * Applications are only affected by this issue if they call EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to an encryption/decryption initialisation function. Applications that only use SSL/TLS are not impacted by this issue. ([CVE-2022-3358]) * Fix LLVM vs Apple LLVM version numbering confusion that caused build failures on MacOS 10.11 * Fixed the linux-mips64 Configure target which was missing the SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that platform. * Fix handling of a ticket key callback that returns 0 in TLSv1.3 to not send a ticket * Correctly handle a retransmitted ClientHello in DTLS * Fixed detection of ktls support in cross-compile environment on Linux * Fixed some regressions and test failures when running the 3.0.0 FIPS provider against 3.0.x * Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to report correct results in some cases * Fix UWP builds by defining VirtualLock * For known safe primes use the minimum key length according to RFC 7919. Longer private key sizes unnecessarily raise the cycles needed to compute the shared secret without any increase of the real security. This fixes a regression from 1.1.1 where these shorter keys were generated for the known safe primes. * Added the loongarch64 target * Fixed EC ASM flag passing. Flags for ASM implementations of EC curves were only passed to the FIPS provider and not to the default or legacy provider. * Fixed reported performance degradation on aarch64. Restored the implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid 32-bit lane assignment in CTR mode") for 64bit targets only, since it is reportedly 2-17% slower and the silicon errata only affects 32bit targets. The new algorithm is still used for 32 bit targets. * Added a missing header for memcmp that caused compilation failure on some platforms - Update to 3.0.5: * The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. [bsc#1201148, CVE-2022-2274] * AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation would not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. [bsc#1201099, CVE-2022-2097] - Update to 3.0.4: [bsc#1199166, bsc#1200550, CVE-2022-1292, CVE-2022-2068] * In addition to the c_rehash shell command injection identified in CVE-2022-1292, further bugs where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection have been fixed. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. * Case insensitive string comparison no longer uses locales. It has instead been directly implemented. - Update to 3.0.3: * Case insensitive string comparison is reimplemented via new locale-agnostic comparison functions OPENSSL_str[n]casecmp always using the POSIX locale for comparison. The previous implementation had problems when the Turkish locale was used. * Fixed a bug in the c_rehash script which was not properly sanitising shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. [bsc#1199166, CVE-2022-1292] * Fixed a bug in the function 'OCSP_basic_verify' that verifies the signer certificate on an OCSP response. The bug caused the function in the case where the (non-default) flag OCSP_NOCHECKS is used to return a postivie response (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is anticipated that most users of 'OCSP_basic_verify' will not use the OCSP_NOCHECKS flag. In this case the 'OCSP_basic_verify' function will return a negative value (indicating a fatal error) in the case of a certificate verification failure. The normal expected return value in this case would be 0. This issue also impacts the command line OpenSSL "ocsp" application. When verifying an ocsp response with the "-no_cert_checks" option the command line application will report that the verification is successful even though it has in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result. [bsc#1199167, CVE-2022-1343] * Fixed a bug where the RC4-MD5 ciphersuite incorrectly used the AAD data as the MAC key. This made the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipient such that the modified data would still pass the MAC integrity check. Note that data sent from an OpenSSL 3.0 endpoint to a non-OpenSSL 3.0 endpoint will always be rejected by the recipient and the connection will fail at that point. Many application protocols require data to be sent from the client to the server first. Therefore, in such a case, only an OpenSSL 3.0 server would be impacted when talking to a non-OpenSSL 3.0 client. [bsc#1199168, CVE-2022-1434] * Fix a bug in the OPENSSL_LH_flush() function that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will expand without bounds and the process might be terminated by the operating system causing a denial of service. Also traversing the empty hash table entries will take increasingly more time. Typically such long lived processes might be TLS clients or TLS servers configured to accept client certificate authentication. [bsc#1199169, CVE-2022-1473] * The functions 'OPENSSL_LH_stats' and 'OPENSSL_LH_stats_bio' now only report the 'num_items', 'num_nodes' and 'num_alloc_nodes' statistics. All other statistics are no longer supported. For compatibility, these statistics are still listed in the output but are now always reported as zero. - Update to 3.0.2: [bsc#1196877, CVE-2022-0778] * Security fix [CVE-2022-0778]: Infinite loop for non-prime moduli in BN_mod_sqrt() reachable when parsing certificates. * Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489) to the list of ciphersuites providing Perfect Forward Secrecy as required by SECLEVEL >= 3. * Made the AES constant time code for no-asm configurations optional due to the resulting 95% performance degradation. The AES constant time code can be enabled, for no assembly builds, with: ./config no-asm -DOPENSSL_AES_CONST_TIME * Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to use empty passphrase strings. * The negative return value handling of the certificate verification callback was reverted. The replacement is to set the verification retry state with the SSL_set_retry_verify() function. - Rebase patches: * openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch * openssl-CVE-2023-0464.patch * openssl-CVE-2023-0465.patch * openssl-CVE-2023-0466.patch * openssl-use-versioned-config.patch - Removed patches: * openssl-CVE-2022-0778.patch * openssl-CVE-2022-0778-tests.patch * openssl-CVE-2022-1292.patch * openssl-update_expired_certificates.patch * openssl-3-Fix-file-operations-in-c_rehash.patch * openssl-3-CVE-2022-1343.patch * openssl-3-CVE-2022-1434.patch * openssl-3-CVE-2022-1473.patch * openssl-CVE-2022-2097.patch * openssl-3-CVE-2022-3358.patch * openssl-3-CVE-2022-3602_1.patch * openssl-3-CVE-2022-3602_2.patch * openssl-3-Fix-double-locking-problem.patch * openssl-3-Fix-EC-ASM-flag-passing.patch * openssl-3-Fix-SHA-SHAKE-and-KECCAK-ASM-flag-passing.patch * openssl-CVE-2022-4203-1of2.patch * openssl-CVE-2022-4203-2of2.patch * openssl-CVE-2022-4304.patch * openssl-CVE-2022-4450-1of2.patch * openssl-CVE-2022-4450-2of2.patch * openssl-CVE-2023-0215-1of4.patch * openssl-CVE-2023-0215-2of4.patch * openssl-CVE-2023-0215-3of4.patch * openssl-CVE-2023-0215-4of4.patch * openssl-CVE-2023-0216-2of2.patch * openssl-CVE-2023-0216-1of2.patch * openssl-CVE-2023-0217-1of4.patch * openssl-CVE-2023-0217-2of4.patch * openssl-CVE-2023-0217-3of4.patch * openssl-CVE-2023-0217-4of4.patch * openssl-CVE-2023-0286.patch * openssl-CVE-2023-0401-1of2.patch * openssl-CVE-2023-0401-2of2.patch * openssl-Update-further-expiring-certificates.patch - Enable tests: test_req test_verify_store test_ca test_ssl_old- Security Fix: [CVE-2023-1255, bsc#1210714] * Input buffer over-read in AES-XTS implementation on 64 bit ARM * Add openssl-CVE-2023-1255.patch - Security Fix: [CVE-2023-2650, bsc#1211430] * Possible DoS translating ASN.1 object identifiers * Add openssl-CVE-2023-2650.patch- Update further expiring certificates that affect tests [bsc#1210060] * Add openssl-Update-further-expiring-certificates.patch- Security Fix: [CVE-2023-0465, bsc#1209878] * Invalid certificate policies in leaf certificates are silently ignored * Add openssl-CVE-2023-0465.patch - Security Fix: [CVE-2023-0466, bsc#1209873] * Certificate policy check not enabled * Add openssl-CVE-2023-0466.patch- Security Fix: [CVE-2023-0464, bsc#1209624] * Excessive Resource Usage Verifying X.509 Policy Constraints * Add openssl-CVE-2023-0464.patch- Security Fix: [bsc#1207541, CVE-2023-0401] * NULL pointer dereference during PKCS7 data verification * Add patches: - openssl-CVE-2023-0401-2of2.patch - openssl-CVE-2023-0401-1of2.patch- Security Fix: [bsc#1207533, CVE-2023-0286] * Fix X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address * Add openssl-CVE-2023-0286.patch- Security Fix: [bsc#1207540, CVE-2023-0217] * NULL pointer dereference validating DSA public key * Add patches: - openssl-CVE-2023-0217-1of4.patch - openssl-CVE-2023-0217-2of4.patch - openssl-CVE-2023-0217-3of4.patch - openssl-CVE-2023-0217-4of4.patch * Provide the binary der file for the test 91-test_pkey_check.t as openssl-CVE-2023-0217-dsapub_noparam.der.tar.xz- Security Fix: [bsc#1207539, CVE-2023-0216] * Invalid pointer dereference in d2i_PKCS7 functions * Add patches: - openssl-CVE-2023-0216-2of2.patch - openssl-CVE-2023-0216-1of2.patch- Security Fix: [bsc#1207536, CVE-2023-0215] * Use-after-free following BIO_new_NDEF() * Add patches: - openssl-CVE-2023-0215-1of4.patch - openssl-CVE-2023-0215-2of4.patch - openssl-CVE-2023-0215-3of4.patch - openssl-CVE-2023-0215-4of4.patch- Security Fix: [bsc#1207538, CVE-2022-4450] * Double free after calling PEM_read_bio_ex() * Add patches: - openssl-CVE-2022-4450-1of2.patch - openssl-CVE-2022-4450-2of2.patch- Security Fix: [bsc#1207534, CVE-2022-4304] * Timing Oracle in RSA Decryption * Add openssl-CVE-2022-4304.patch- Security Fix: [bsc#1207535, CVE-2022-4203] * X.509 Name Constraints Read Buffer Overflow * Add patch: - openssl-CVE-2022-4203-1of2.patch - openssl-CVE-2022-4203-2of2.patch- Enable zlib compression support [bsc#1195149] - Add crypto-policies dependency.- Fix SHA, SHAKE, KECCAK ASM and EC ASM flag passing (bsc#1206222) * Add patches: - openssl-3-Fix-EC-ASM-flag-passing.patch - openssl-3-Fix-SHA-SHAKE-and-KECCAK-ASM-flag-passing.patch- Fix X.509 Policy Constraints Double Locking [bsc#1206374, CVE-2022-3996] * Add patch: openssl-3-Fix-double-locking-problem.patch- Fix X.509 Email Address Buffer Overflow [bsc#1204714, CVE-2022-3602, CVE-2022-3786] * An off by one error in the punycode decoder allowed for a single unsigned int overwrite of a buffer which could cause a crash and possible code execution. * Also fixed the ossl_a2ulabel() function which was broken and also contained a potential buffer overflow, albeit one byte without control of the contents. * Added a test case that errors without the CVE fix and passes with it. * Add patches: - openssl-3-CVE-2022-3602_1.patch - openssl-3-CVE-2022-3602_2.patch- Added openssl-3-CVE-2022-3358.patch * [CVE-2022-3358, bsc#1204226] * If a custom EVP_CIPHER object has been passed to EVP_CipherInit() then it should be used in preference to a fetched cipher. * We also fix a possible NULL pointer deref in the same code for digests. * If the custom cipher passed to EVP_CipherInit() happens to use NID_undef (which should be a discouraged practice), then in the previous implementation this could result in the NULL cipher being fetched and hence NULL encryption being unexpectedly used. * Sourced from https://github.com/openssl/openssl/commit/5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b- Encrypt the sixteen bytes that were unencrypted in some circumstances on 32-bit x86 platforms. * [bsc#1201099, CVE-2022-2097] * added openssl-CVE-2022-2097.patch- Fixed Resource leakage when decoding certificates and keys * bsc#1199169 * CVE-2022-1473 * Added openssl-3-CVE-2022-1473.patch - Fixed Incorrect MAC key used in the RC4-MD5 ciphersuite * bsc#1199168 * CVE-2022-1434 * Added openssl-3-CVE-2022-1434.patch - Fixed OCSP_basic_verify may incorrectly verify the response signing certificate * bsc#1199167 * CVE-2022-1343 * Added openssl-3-CVE-2022-1343.patch- Added openssl-3-Fix-file-operations-in-c_rehash.patch * bsc#1200550 * CVE-2022-2068 * Fixed more shell code injection issues in c_rehash- Added openssl-update_expired_certificates.patch * Openssl failed tests because of expired certificates. * bsc#1185637 * Sourced from https://github.com/openssl/openssl/pull/18446/commits- Security fix: [bsc#1199166, CVE-2022-1292] * Added: openssl-CVE-2022-1292.patch * properly sanitise shell metacharacters in c_rehash script.- Security Fix: [bsc#1196877, CVE-2022-0778] * Infinite loop in BN_mod_sqrt() reachable when parsing certificates * Add openssl-CVE-2022-0778.patch openssl-CVE-2022-0778-tests.patch- Fix conflict with openssl and libressl- Remove /etc/pki/CA from the [jsc#SLE-17856, jsc#SLE-19044] openssl-Override-default-paths-for-the-CA-directory-tree.patch - Remove unused patches- Ship openssl-3 as binary names [jsc#SLE-17856, jsc#SLE-19044] - Use openssl3.cnf * openssl-use-versioned-config.patch * fix-config-in-tests.patch - Support crypto policies * openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch * openssl-Override-default-paths-for-the-CA-directory-tree.patch - Remove obsolets, not ready to force an upgrade yet- Update to 3.0.1: [bsc#1193740, CVE-2021-4044] * RNDR and RNDRRS support in provider functions to provide random number generation for Arm CPUs (aarch64). * s_client and s_server apps now explicitly say when the TLS version does not include the renegotiation mechanism. This avoids confusion between that scenario versus when the TLS version includes secure renegotiation but the peer lacks support for it. * The default SSL/TLS security level has been changed from 1 to 2. RSA, DSA and DH keys of 1024 bits and above and less than 2048 bits and ECC keys of 160 bits and above and less than 224 bits were previously accepted by default but are now no longer allowed. By default TLS compression was already disabled in previous OpenSSL versions. At security level 2 it cannot be enabled. * The SSL_CTX_set_cipher_list family functions now accept ciphers using their IANA standard names. * The PVK key derivation function has been moved from b2i_PVK_bio_ex() into the legacy crypto provider as an EVP_KDF. Applications requiring this KDF will need to load the legacy crypto provider. * The various OBJ_* functions have been made thread safe. * CCM8 cipher suites in TLS have been downgraded to security level zero because they use a short authentication tag which lowers their strength. * Subject or issuer names in X.509 objects are now displayed as UTF-8 strings by default. * Parallel dual-prime 1536/2048-bit modular exponentiation for AVX512_IFMA capable processors.- Update to 3.0.0 * The full list of changes since version 1.1.1 can be found in: https://github.com/openssl/openssl/blob/master/CHANGES.md#openssl-30 * OpenSSL 3.0 wiki: https://wiki.openssl.org/index.php/OpenSSL_3.0 * The Migration guide: https://github.com/openssl/openssl/blob/master/doc/man7/migration_guide.pod- Update to 3.0.0 Beta 2 * The ERR_GET_FUNC() function was removed. With the loss of meaningful function codes, this function can only cause problems for calling applications. * While a callback function set via 'SSL_CTX_set_cert_verify_callback()' is not allowed to return a value > 1, this is no more taken as failure. * Deprecated the obsolete X9.31 RSA key generation related functions BN_X931_generate_Xpq(), BN_X931_derive_prime_ex(), and BN_X931_generate_prime_ex(). - Remove openssl-ppc64-fix-build.patch fixed upstream- Update to 3.0.0 Beta 1 * Add a configurable flag to output date formats as ISO 8601. Does not change the default date format. * Version of MSVC earlier than 1300 could get link warnings, which could be suppressed if the undocumented -DI_CAN_LIVE_WITH_LNK4049 was set. Support for this flag has been removed. * Rework and make DEBUG macros consistent. Remove unused - DCONF_DEBUG, -DBN_CTX_DEBUG, and REF_PRINT. Add a new tracing category and use it for printing reference counts. Rename - DDEBUG_UNUSED to -DUNUSED_RESULT_DEBUG. Fix BN_DEBUG_RAND so it compiles and, when set, force DEBUG_RAND to be set also. Rename engine_debug_ref to be ENGINE_REF_PRINT also for consistency. * The public definitions of conf_method_st and conf_st have been deprecated. They will be made opaque in a future release. * Many functions in the EVP_ namespace that are getters of values from implementations or contexts were renamed to include get or get0 in their names. Old names are provided as macro aliases for compatibility and are not deprecated. * PKCS#5 PBKDF1 key derivation has been moved from PKCS5_PBE_keyivgen() into the legacy crypto provider as an EVP_KDF. Applications requiring this KDF will need to load the legacy crypto provider. This includes these PBE algorithms which use this KDF: - NID_pbeWithMD2AndDES_CBC - NID_pbeWithMD5AndDES_CBC - NID_pbeWithSHA1AndRC2_CBC - NID_pbeWithMD2AndRC2_CBC - NID_pbeWithMD5AndRC2_CBC - NID_pbeWithSHA1AndDES_CBC * Deprecated obsolete BIO_set_callback(), BIO_get_callback(), and BIO_debug_callback() functions. - Fix build on ppc and ppc64 * Add openssl-ppc64-fix-build.patch * See https://github.com/openssl/openssl/issues/15923- Update to 3.0.0 Alpha 17 * Added migration guide to man7 * Implemented support for fully "pluggable" TLSv1.3 groups * Added convenience functions for generating asymmetric key pairs. * Added a proper HTTP client supporting GET with optional redirection, POST, arbitrary request and response content types, TLS, persistent connections, connections via HTTP(s) proxies, connections and exchange via user-defined BIOs (allowing implicit connections), and timeout checks.- Update to 3.0.0. Alpha 16 * Mark pop/clear error stack in der2key_decode_p8- Update to 3.0.0 Alpha 15 * The default manual page suffix ($MANSUFFIX) has been changed to "ossl" * Added support for Kernel TLS (KTLS). In order to use KTLS, support for it must be compiled in using the "enable-ktls" compile time option. It must also be enabled at run time using the SSL_OP_ENABLE_KTLS option. * The error return values from some control calls (ctrl) have changed. One significant change is that controls which used to return -2 for invalid inputs, now return -1 indicating a generic error condition instead. * Removed EVP_PKEY_set_alias_type(). * All of these low level RSA functions have been deprecated without replacement: RSA_blinding_off, RSA_blinding_on, RSA_clear_flags, RSA_get_version, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_set_flags, RSA_setup_blinding and RSA_test_flags. * All of these RSA flags have been deprecated without replacement: RSA_FLAG_BLINDING, RSA_FLAG_CACHE_PRIVATE, RSA_FLAG_CACHE_PUBLIC, RSA_FLAG_EXT_PKEY, RSA_FLAG_NO_BLINDING, RSA_FLAG_THREAD_SAFE and RSA_METHOD_FLAG_NO_CHECK. * These low level DH functions have been deprecated without replacement: DH_clear_flags, DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, DH_set_flags and DH_test_flags. The DH_FLAG_CACHE_MONT_P flag has been deprecated without replacement. The DH_FLAG_TYPE_DH and DH_FLAG_TYPE_DHX have been deprecated. Use EVP_PKEY_is_a() to determine the type of a key. There is no replacement for setting these flags. * These low level DSA functions have been deprecated without replacement: DSA_clear_flags, DSA_dup_DH, DSAparams_dup, DSA_set_flags and DSA_test_flags. * The DSA_FLAG_CACHE_MONT_P flag has been deprecated without replacement. * Reworked the treatment of EC EVP_PKEYs with the SM2 curve to automatically become EVP_PKEY_SM2 rather than EVP_PKEY_EC. This is a breaking change from previous OpenSSL versions. Unlike in previous OpenSSL versions, this means that applications must not call `EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)` to get SM2 computations. The `EVP_PKEY_set_alias_type` function has now been removed. * Parameter and key generation is also reworked to make it possible to generate EVP_PKEY_SM2 parameters and keys. Applications must now generate SM2 keys directly and must not create an EVP_PKEY_EC key first.- Update to 3.0.0 Alpha 14 * A public key check is now performed during EVP_PKEY_derive_set_peer(). Previously DH was internally doing this during EVP_PKEY_derive(). * The EVP_PKEY_CTRL_PKCS7_ENCRYPT, EVP_PKEY_CTRL_PKCS7_DECRYPT, EVP_PKEY_CTRL_PKCS7_SIGN, EVP_PKEY_CTRL_CMS_ENCRYPT, EVP_PKEY_CTRL_CMS_DECRYPT, and EVP_PKEY_CTRL_CMS_SIGN control operations are deprecated. They are not invoked by the OpenSSL library anymore and are replaced by direct checks of the key operation against the key type when the operation is initialized. * The EVP_PKEY_public_check() and EVP_PKEY_param_check() functions now work for more key types including RSA, DSA, ED25519, X25519, ED448 and X448. Previously (in 1.1.1) they would return -2. For key types that do not have parameters then EVP_PKEY_param_check() will always return 1. * The output from numerous "printing" functions such as X509_signature_print(), X509_print_ex(), X509_CRL_print_ex(), and other similar functions has been amended such that there may be cosmetic differences between the output observed in 1.1.1 and 3.0. This also applies to the "-text" output from the x509 and crl applications. * Improved adherence to Enhanced Security Services (ESS, RFC 2634 and RFC 5035) for the TSP and CMS Advanced Electronic Signatures (CAdES) implementations. As required by RFC 5035 check both ESSCertID and ESSCertIDv2 if both present. Correct the semantics of checking the validation chain in case ESSCertID{,v2} contains more than one certificate identifier: This means that all certificates referenced there MUST be part of the validation chain. * Parallel dual-prime 1024-bit modular exponentiation for AVX512_IFMA capable processors. * Added the AuthEnvelopedData content type structure (RFC 5083) with AES-GCM parameter (RFC 5084) for the Cryptographic Message Syntax (CMS). Its purpose is to support encryption and decryption of a digital envelope that is both authenticated and encrypted using AES GCM mode.- Update to 3.0.0 Alpha 13 * A public key check is now performed during EVP_PKEY_derive_set_peer(). Previously DH was internally doing this during EVP_PKEY_derive(). To disable this check use EVP_PKEY_derive_set_peer_ex(dh, peer, 0). This may mean that an error can occur in EVP_PKEY_derive_set_peer() rather than during EVP_PKEY_derive(). * The EVP_PKEY_CTRL_PKCS7_ENCRYPT, EVP_PKEY_CTRL_PKCS7_DECRYPT, EVP_PKEY_CTRL_PKCS7_SIGN, EVP_PKEY_CTRL_CMS_ENCRYPT, EVP_PKEY_CTRL_CMS_DECRYPT, and EVP_PKEY_CTRL_CMS_SIGN control operations are deprecated. They are not invoked by the OpenSSL library anymore and are replaced by direct checks of the key operation against the key type when the operation is initialized. * The EVP_PKEY_public_check() and EVP_PKEY_param_check() functions now work for more key types including RSA, DSA, ED25519, X25519, ED448 and X448. Previously (in 1.1.1) they would return -2. For key types that do not have parameters then EVP_PKEY_param_check() will always return 1. * The output from numerous "printing" functions such as X509_signature_print(), X509_print_ex(), X509_CRL_print_ex(), and other similar functions has been amended such that there may be cosmetic differences between the output observed in 1.1.1 and 3.0. This also applies to the "-text" output from the x509 and crl applications. * Improved adherence to Enhanced Security Services (ESS, RFC 2634 and RFC 5035) for the TSP and CMS Advanced Electronic Signatures (CAdES) implementations. As required by RFC 5035 check both ESSCertID and ESSCertIDv2 if both present. Correct the semantics of checking the validation chain in case ESSCertID{,v2} contains more than one certificate identifier: This means that all certificates referenced there MUST be part of the validation chain. * Parallel dual-prime 1024-bit modular exponentiation for AVX512_IFMA capable processors. * Added the AuthEnvelopedData content type structure (RFC 5083) with AES-GCM parameter (RFC 5084) for the Cryptographic Message Syntax (CMS). Its purpose is to support encryption and decryption of a digital envelope that is both authenticated and encrypted using AES GCM mode.- Update to 3.0.0 Alpha 12 * The SRP APIs have been deprecated. The old APIs do not work via providers, and there is no EVP interface to them. Unfortunately there is no replacement for these APIs at this time. * Add a compile time option to prevent the caching of provider fetched algorithms. This is enabled by including the no-cached-fetch option at configuration time. * Combining the Configure options no-ec and no-dh no longer disables TLSv1.3. Typically if OpenSSL has no EC or DH algorithms then it cannot support connections with TLSv1.3. However OpenSSL now supports "pluggable" groups through providers. * The undocumented function X509_certificate_type() has been deprecated; applications can use X509_get0_pubkey() and X509_get0_signature() to get the same information. * Deprecated the obsolete BN_pseudo_rand() and BN_pseudo_rand_range() functions. They are identical to BN_rand() and BN_rand_range() respectively. * The default key generation method for the regular 2-prime RSA keys was changed to the FIPS 186-4 B.3.6 method (Generation of Probable Primes with Conditions Based on Auxiliary Probable Primes). This method is slower than the original method. * Deprecated the BN_is_prime_ex() and BN_is_prime_fasttest_ex() functions. They are replaced with the BN_check_prime() function that avoids possible misuse and always uses at least 64 rounds of the Miller-Rabin primality test. * Deprecated EVP_MD_CTX_set_update_fn() and EVP_MD_CTX_update_fn() as they are not useful with non-deprecated functions.- Update to 3.0.0 Alpha 11 * Deprecated the obsolete X9.31 RSA key generation related functions BN_X931_generate_Xpq(), BN_X931_derive_prime_ex(), and BN_X931_generate_prime_ex(). * Deprecated the type OCSP_REQ_CTX and the functions OCSP_REQ_CTX_*(). These were used to collect all necessary data to form a HTTP request, and to perform the HTTP transfer with that request. With OpenSSL 3.0, the type is OSSL_HTTP_REQ_CTX, and the deprecated functions are replaced with OSSL_HTTP_REQ_CTX_*(). * Validation of SM2 keys has been separated from the validation of regular EC keys, allowing to improve the SM2 validation process to reject loaded private keys that are not conforming to the SM2 ISO standard. In particular, a private scalar 'k' outside the range '1 <= k < n-1' is now correctly rejected. * Behavior of the 'pkey' app is changed, when using the '-check' or '-pubcheck' switches: a validation failure triggers an early exit, returning a failure exit status to the parent process. * Changed behavior of SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() to ignore unknown ciphers. * All of the low level EC_KEY functions have been deprecated. * Functions that read and write EC_KEY objects and that assign or obtain EC_KEY objects from an EVP_PKEY are also deprecated. * Added the '-copy_extensions' option to the 'x509' command for use with '-req' and '-x509toreq'. When given with the 'copy' or 'copyall' argument, all extensions in the request are copied to the certificate or vice versa. * Added the '-copy_extensions' option to the 'req' command for use with '-x509'. When given with the 'copy' or 'copyall' argument, all extensions in the certification request are copied to the certificate. * The 'x509', 'req', and 'ca' commands now make sure that X.509v3 certificates they generate are by default RFC 5280 compliant in the following sense: There is a subjectKeyIdentifier extension with a hash value of the public key and for not self-signed certs there is an authorityKeyIdentifier extension with a keyIdentifier field or issuer information identifying the signing key. This is done unless some configuration overrides the new default behavior, such as 'subjectKeyIdentifier = none' and 'authorityKeyIdentifier = none'.- Update to 3.0.0 Alpha 10 (CVE-2020-1971) * See full changelog: www.openssl.org/news/changelog.html * Fixed NULL pointer deref in the GENERAL_NAME_cmp function This function could crash if both GENERAL_NAMEs contain an EDIPARTYNAME. If an attacker can control both items being compared then this could lead to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) * The -cipher-commands and -digest-commands options of the command line utility list has been deprecated. Instead use the -cipher-algorithms and -digest-algorithms options. * Additionally functions that read and write DH objects such as d2i_DHparams, i2d_DHparams, PEM_read_DHparam, PEM_write_DHparams and other similar functions have also been deprecated. Applications should instead use the OSSL_DECODER and OSSL_ENCODER APIs to read and write DH files.- Update to 3.0.0 Alpha 9 * See also https://www.openssl.org/news/changelog.html * Deprecated all the libcrypto and libssl error string loading functions. Calling these functions is not necessary since OpenSSL 1.1.0, as OpenSSL now loads error strings automatically. * The functions SSL_CTX_set_tmp_dh_callback and SSL_set_tmp_dh_callback, as well as the macros SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() have been deprecated. These are used to set the Diffie-Hellman (DH) parameters that are to be used by servers requiring ephemeral DH keys. Instead applications should consider using the built-in DH parameters that are available by calling SSL_CTX_set_dh_auto() or SSL_set_dh_auto(). * The -crypt option to the passwd command line tool has been removed. * The -C option to the x509, dhparam, dsaparam, and ecparam commands has been removed. * Added several checks to X509_verify_cert() according to requirements in RFC 5280 in case 'X509_V_FLAG_X509_STRICT' is set (which may be done by using the CLI option '-x509_strict'): - The basicConstraints of CA certificates must be marked critical. - CA certificates must explicitly include the keyUsage extension. - If a pathlenConstraint is given the key usage keyCertSign must be allowed. - The issuer name of any certificate must not be empty. - The subject name of CA certs, certs with keyUsage crlSign, and certs without subjectAlternativeName must not be empty. - If a subjectAlternativeName extension is given it must not be empty. - The signatureAlgorithm field and the cert signature must be consistent. - Any given authorityKeyIdentifier and any given subjectKeyIdentifier must not be marked critical. - The authorityKeyIdentifier must be given for X.509v3 certs unless they are self-signed. - The subjectKeyIdentifier must be given for all X.509v3 CA certs. * Certificate verification using X509_verify_cert() meanwhile rejects EC keys with explicit curve parameters (specifiedCurve) as required by RFC 5480.- Update to 3.0.0 Alpha 8 * Add support for AES Key Wrap inverse ciphers to the EVP layer. The algorithms are: "AES-128-WRAP-INV", "AES-192-WRAP-INV", "AES-256-WRAP-INV", "AES-128-WRAP-PAD-INV", "AES-192-WRAP-PAD-INV" and "AES-256-WRAP-PAD-INV". The inverse ciphers use AES decryption for wrapping, and AES encryption for unwrapping. * Deprecated EVP_PKEY_set1_tls_encodedpoint() and EVP_PKEY_get1_tls_encodedpoint(). These functions were previously used by libssl to set or get an encoded public key in/from an EVP_PKEY object. With OpenSSL 3.0 these are replaced by the more generic functions EVP_PKEY_set1_encoded_public_key() and EVP_PKEY_get1_encoded_public_key(). The old versions have been converted to deprecated macros that just call the new functions. * The security callback, which can be customised by application code, supports the security operation SSL_SECOP_TMP_DH. This is defined to take an EVP_PKEY in the "other" parameter. In most places this is what is passed. All these places occur server side. However there was one client side call of this security operation and it passed a DH object instead. This is incorrect according to the definition of SSL_SECOP_TMP_DH, and is inconsistent with all of the other locations. Therefore this client side call has been changed to pass an EVP_PKEY instead. * Added new option for 'openssl list', '-providers', which will display the list of loaded providers, their names, version and status. It optionally displays their gettable parameters. * Deprecated pthread fork support methods. These were unused so no replacement is required. OPENSSL_fork_prepare(), OPENSSL_fork_parent() and OPENSSL_fork_child(). - Remove openssl-AES_XTS.patch fixed upstream- Fix build on ppc* architectures * Fix tests failing: 30-test_acvp.t and 30-test_evp.t * https://github.com/openssl/openssl/pull/13133 - Add openssl-AES_XTS.patch for ppc64, ppc64le and aarch64- Re-enable test 81-test_cmp_cli.t fixed upstream- Update to 3.0.0 Alpha 7 * Add PKCS7_get_octet_string() and PKCS7_type_is_other() to the public interface. Their functionality remains unchanged. * Deprecated EVP_PKEY_set_alias_type(). This function was previously needed as a workaround to recognise SM2 keys. With OpenSSL 3.0, this key type is internally recognised so the workaround is no longer needed. * Deprecated EVP_PKEY_CTX_set_rsa_keygen_pubexp() & introduced EVP_PKEY_CTX_set1_rsa_keygen_pubexp(), which is now preferred. * Changed all "STACK" functions to be macros instead of inline functions. Macro parameters are still checked for type safety at compile time via helper inline functions. * Remove the RAND_DRBG API: The RAND_DRBG API did not fit well into the new provider concept as implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the RAND_DRBG API is a mixture of 'front end' and 'back end' API calls and some of its API calls are rather low-level. This holds in particular for the callback mechanism (RAND_DRBG_set_callbacks()). Adding a compatibility layer to continue supporting the RAND_DRBG API as a legacy API for a regular deprecation period turned out to come at the price of complicating the new provider API unnecessarily. Since the RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC to drop it entirely. * Added the options '-crl_lastupdate' and '-crl_nextupdate' to 'openssl ca', allowing the 'lastUpdate' and 'nextUpdate' fields in the generated CRL to be set explicitly. * 'PKCS12_parse' now maintains the order of the parsed certificates when outputting them via '*ca' (rather than reversing it). - Update openssl-DEFAULT_SUSE_cipher.patch- Removed 0001-Fix-typo-for-SSL_get_peer_certificate.patch: contained in upstream. - Update to 3.0.0 Alpha 6 * Added util/check-format.pl for checking adherence to the coding guidelines. * Allow SSL_set1_host() and SSL_add1_host() to take IP literal addresses as well as actual hostnames. * The 'MinProtocol' and 'MaxProtocol' configuration commands now silently ignore TLS protocol version bounds when configuring DTLS-based contexts, and conversely, silently ignore DTLS protocol version bounds when configuring TLS-based contexts. The commands can be repeated to set bounds of both types. The same applies with the corresponding "min_protocol" and "max_protocol" command-line switches, in case some application uses both TLS and DTLS. SSL_CTX instances that are created for a fixed protocol version (e.g. TLSv1_server_method()) also silently ignore version bounds. Previously attempts to apply bounds to these protocol versions would result in an error. Now only the "version-flexible" SSL_CTX instances are subject to limits in configuration files in command-line options.- Fix linking when the deprecated SSL_get_per_certificate() is in use * https://github.com/openssl/openssl/pull/12468 * add 0001-Fix-typo-for-SSL_get_peer_certificate.patch- Update to 3.0.0 Alpha 5 * Deprecated the 'ENGINE' API. Engines should be replaced with providers going forward. * Reworked the recorded ERR codes to make better space for system errors. To distinguish them, the macro 'ERR_SYSTEM_ERROR()' indicates if the given code is a system error (true) or an OpenSSL error (false). * Reworked the test perl framework to better allow parallel testing. * Added ciphertext stealing algorithms AES-128-CBC-CTS, AES-192-CBC-CTS and AES-256-CBC-CTS to the providers. CS1, CS2 and CS3 variants are supported. * 'Configure' has been changed to figure out the configuration target if none is given on the command line. Consequently, the 'config' script is now only a mere wrapper. All documentation is changed to only mention 'Configure'. * Added a library context that applications as well as other libraries can use to form a separate context within which libcrypto operations are performed. - There are two ways this can be used: 1) Directly, by passing a library context to functions that take such an argument, such as 'EVP_CIPHER_fetch' and similar algorithm fetching functions. 2) Indirectly, by creating a new library context and then assigning it as the new default, with 'OPENSSL_CTX_set0_default'. - All public OpenSSL functions that take an 'OPENSSL_CTX' pointer, apart from the functions directly related to 'OPENSSL_CTX', accept NULL to indicate that the default library context should be used. - Library code that changes the default library context using 'OPENSSL_CTX_set0_default' should take care to restore it with a second call before returning to the caller. * The security strength of SHA1 and MD5 based signatures in TLS has been reduced. This results in SSL 3, TLS 1.0, TLS 1.1 and DTLS 1.0 no longer working at the default security level of 1 and instead requires security level 0. The security level can be changed either using the cipher string with @SECLEVEL, or calling SSL_CTX_set_security_level(). * The SSL option SSL_OP_CLEANSE_PLAINTEXT is introduced. If that option is set, openssl cleanses (zeroize) plaintext bytes from internal buffers after delivering them to the application. Note, the application is still responsible for cleansing other copies (e.g.: data received by SSL_read(3)). - Update openssl-ppc64-config.patch- Update to 3.0.0 Alpha 4 * general improvements to the built-in providers, the providers API and the internal plumbing and the provider-aware mechanisms for libssl * general improvements and fixes in the CLI apps * support for Automated Cryptographic Validation Protocol (ACVP) tests * fully pluggable TLS key exchange capability from providers * finalization of the Certificate Management Protocol (CMP) contribution, adding an impressive amount of tests for the new features * default to the newer SP800-56B compliant algorithm for RSA keygen * provider-rand: PRNG functionality backed by providers * refactored naming scheme for dispatched functions (#12222) * fixes for various issues * extended and improved test coverage * additions and improvements to the documentations - Fix license: Apache-2.0 - temporarily disable broken 81-test_cmp_cli.t test * https://github.com/openssl/openssl/issues/12324- Update to 3.0.0 Alpha 3 * general improvements to the built-in providers, the providers API and the internal plumbing and the provider-aware mechanisms for libssl; * general improvements and fixes in the CLI apps; * cleanup of the EC API: EC_METHOD became an internal-only concept, and functions using or returning EC_METHOD arguments have been deprecated; EC_POINT_make_affine() and EC_POINTs_make_affine() have been deprecated in favor of automatic internal handling of conversions when needed; EC_GROUP_precompute_mult(), EC_GROUP_have_precompute_mult(), and EC_KEY_precompute_mult() have been deprecated, as such precomputation data is now rarely used; EC_POINTs_mul() has been deprecated, as for cryptographic applications EC_POINT_mul() is enough. * the CMS API got support for CAdES-BES signature verification; * introduction of a new SSL_OP_IGNORE_UNEXPECTED_EOF option; * improvements to the RSA OAEP support; * FFDH support in the speed app; * CI: added external testing through the GOST engine; * fixes for various issues; * extended and improved test coverage; * additions and improvements to the documentations.- Use find -exec +. Replace `pwd` by simply $PWD. - Drop Obsoletes on libopenssl1*. libopenssl3 has a new SONAME and does not conflict with anything previously.- Obsolete openssl 1.1 - Update baselibs.conf - Set man page permissions to 644- Update to 3.0.0 Alpha 2 * general improvements to the built-in providers, the providers API and the internal plumbing; * the removal of legacy API functions related to FIPS mode, replaced by new provider-based mechanisms; * the addition of a new cmp app for RFC 4210; * extended and improved test coverage; * improvements to the documentations; * fixes for various issues. - drop obsolete version.patch- Initial packaging 3.0.0 Alpha 1 * Major Release OpenSSL 3.0 is a major release and consequently any application that currently uses an older version of OpenSSL will at the very least need to be recompiled in order to work with the new version. It is the intention that the large majority of applications will work unchanged with OpenSSL 3.0 if those applications previously worked with OpenSSL 1.1.1. However this is not guaranteed and some changes may be required in some cases. * Providers and FIPS support Providers collect together and make available algorithm implementations. With OpenSSL 3.0 it is possible to specify, either programmatically or via a config file, which providers you want to use for any given application * Low Level APIs Use of the low level APIs have been deprecated. * Legacy Algorithms Some cryptographic algorithms that were available via the EVP APIs are now considered legacy and their use is strongly discouraged. These legacy EVP algorithms are still available in OpenSSL 3.0 but not by default. If you want to use them then you must load the legacy provider. * Engines and "METHOD" APIs The ENGINE API and any function that creates or modifies custom "METHODS" are being deprecated in OpenSSL 3.0 Authors and maintainers of external engines are strongly encouraged to refactor their code transforming engines into providers using the new Provider API and avoiding deprecated methods. * Versioning Scheme The OpenSSL versioning scheme has changed with the 3.0 release. The new versioning scheme has this format: MAJOR.MINOR.PATCH The patch level is indicated by the third number instead of a letter at the end of the release version number. A change in the second (MINOR) number indicates that new features may have been added. OpenSSL versions with the same major number are API and ABI compatible. If the major number changes then API and ABI compatibility is not guaranteed. * Other major new features Implementation of the Certificate Management Protocol (CMP, RFC 4210) also covering CRMF (RFC 4211) and HTTP transfer (RFC 6712). A proper HTTP(S) client in libcrypto supporting GET and POST, redirection, plain and ASN.1-encoded contents, proxies, and timeouts EVP_KDF APIs have been introduced for working with Key Derivation Functions EVP_MAC APIs have been introduced for working with MACs Support for Linux Kernel TLSibs-power9-11 1700056039  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~3.0.8-150400.4.42.13.0.8-150400.4.42.13.0.83.0.83.0.8opensslaes.hasn1.hasn1_mac.hasn1err.hasn1t.hasync.hasyncerr.hbio.hbioerr.hblowfish.hbn.hbnerr.hbuffer.hbuffererr.hcamellia.hcast.hcmac.hcmp.hcmp_util.hcmperr.hcms.hcmserr.hcomp.hcomperr.hconf.hconf_api.hconferr.hconfiguration.hconftypes.hcore.hcore_dispatch.hcore_names.hcore_object.hcrmf.hcrmferr.hcrypto.hcryptoerr.hcryptoerr_legacy.hct.hcterr.hdecoder.hdecodererr.hdes.hdh.hdherr.hdsa.hdsaerr.hdtls1.he_os2.hebcdic.hec.hecdh.hecdsa.hecerr.hencoder.hencodererr.hengine.hengineerr.herr.hess.hesserr.hevp.hevperr.hfips_names.hfipskey.hhmac.hhttp.hhttperr.hidea.hkdf.hkdferr.hlhash.hmacros.hmd2.hmd4.hmd5.hmdc2.hmodes.hobj_mac.hobjects.hobjectserr.hocsp.hocsperr.hopensslconf.hopensslv.hossl_typ.hparam_build.hparams.hpem.hpem2.hpemerr.hpkcs12.hpkcs12err.hpkcs7.hpkcs7err.hprov_ssl.hproverr.hprovider.hrand.hranderr.hrc2.hrc4.hrc5.hripemd.hrsa.hrsaerr.hsafestack.hseed.hself_test.hsha.hsrp.hsrtp.hssl.hssl2.hssl3.hsslerr.hsslerr_legacy.hstack.hstore.hstoreerr.hsymhacks.htls1.htrace.hts.htserr.htxt_db.htypes.hui.huierr.hwhrlpool.hx509.hx509_vfy.hx509err.hx509v3.hx509v3err.hssllibcrypto.solibssl.solibcrypto.pclibssl.pcopenssl.pc/usr/include//usr/include/openssl//usr/lib64//usr/lib64/pkgconfig/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:31275/SUSE_SLE-15-SP4_Update/a260720aed428391b1d380a1d0da0e65-openssl-3.SUSE_SLE-15-SP4_Updatedrpmxz5ppc64le-suse-linuxdirectoryC source, ASCII textASCII textC source, ASCII text, with very long linespkgconfig filePRPRRPRRR} 7noopenssl-33.0.8utf-8d23c702bddde4b71ff048b5ee7a5832d538c2cac9f406d32f8e00c2b6da6c7bd?7zXZ !t/u8]"k%۫4"c41PQLYq~NYѵFi0x肢4m=kzʲ7D֩唊pe^s ,CyWpz7}5/ .` Ȣy/K2ʀ٘m9&#eCA} #!Qm'5x(KDۅrҺQ y#1q\V,/Pe:(GZ:kDXYhP]%rO*I5^ݺx}'TEx U[dAl|Q ;WS4-WfYw дY7"o숙'K)nD' oxڨ};.BMH `${_&%/dBiICGDB:|B(ȋk oUM]8%?#5RMW)2qᚚ}~%Bؐ@M5 p*< Az+j!$>Mhȋ T<)k#_7;7\f\q{ցasTM'|Avt]wRUfV3mUo͜Ё@hYL.(hses,)x05g:f !҃I2 @S:JJ]sCwp@[>H޲@v'bȹN0}N%毒|{\J>bN (Д2`eZ^6#ɒ0nኦGRPܴv]/̱%{J^0zgKYW `P[c{]C"LV:Melj%ȅ2.0ҟjD#7 f#)_X~Tk7:o;:,_j#Nh]1}iS*!x&vJgF4(.ʮ#N9 1ydW :wYsHpVAemzv7GVu(a,7mX;}8 Dix|߾.~)2rVt:O"NxׂB[z/tFk۶"bMhE"Rh·md즁.WQdDd{:cTeaejݟK'uY4 ;i6GT 4.!#($a -9 ؋@C+@l ݠ2Dʧ34M6K`_C һ%@0 YZ