Updated openssl packages that fix four bugs are now available for Red Hat Enterprise Linux 6.
The openssl packages provide a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
- Prior to this update, the pkgconfig configuration files of OpenSSL libraries contained an invalid libdir value. This update modifies the underlying code to use the correct libdir value.
- Prior to this update, the openssl function "BIO_new_accept()" failed to listen on IPv4 addresses when this function was invoked with the "*:port" parameter. As a consequence, users failed to connect via IPv4 to a server that used this function call with the "*:port" parameter. This update modifies this function to listen on IPv4 address with this parameter as expected.
- Prior to this update, encrypted private key files that were saved in FIPS mode were corrupted because the PEM encryption uses hash algorithms that are not available in FIPS mode. This update uses the PKCS#8 encrypted format to write private keys to files in FIPS mode. This file format uses only algorithms that are available in FIPS mode.
- The manual page for "rand", the pseudo-random number generator, is named "sslrand" to avoid conflict with the manual page for the C library "rand()" function. This update provides the "openssl" manual page update to reflect this.
All users of openssl are advised to upgrade to these updated packages, which fix these bugs.