openssl 3.5.1 rpms released and added to all supported platforms (Alma Linux, Rocky Linux, RedHat Enterprise Linux RHEL, Oracle Linux).
Fix x509 application adds trusted use instead of rejected use (CVE-2025-4575)
OpenSSL 3.5.1 is a release featuring QUIC server support.
We continue to build libs with quic support as a separate non-conflicting package openssl-quic-libs, files have separate .so.81.3 suffix to avoid conflicts with the official .so.3.
openssl 3.5.0 rpms released and added to all supported platforms.
OpenSSL 3.5.0 is a major release featuring QUIC server support.
We continue to build libs with quic support as a separate non-conflicting package openssl-quic-libs, files have separate .so.81.3 suffix to avoid conflicts with the official .so.3.
All the libraries stack rebuilt with OpenSSL 3.5.0, including ngtcp2 (quic client name changed from qtlsclient to osslclient).
openssl+quic (quictls) 3.0.16 rpms released and added to all supported platforms.
OpenSSL 3.0.16 is a security patch release.
This release incorporates the following bug fixes and mitigations:
Fixed timing side-channel in ECDSA signature computation. (CVE-2024-13176)
Fixed possible OOB memory access with invalid low-level GF(2^m) elliptic curve parameters. (CVE-2024-9143)
openssl+quic (quictls) 3.0.15 rpms released and added to all supported platforms.
Several bug and security fixes (CVEs assigned) fixed.
openssl+quic 3.0.13 rpms released and builds added to all platforms.
3 minor security issues fixed.
We started providing builds for OpenSSL+quic project (Akamai and Microsoft initiative) for EL7/EL8. This will allow us to have NGINX HTTP/3 (ex-QUIC) support. libs package does not conflict with bundled OpenSSL libs: so-libs files version is prefixed with “81.”: libssl.81.1.1 and libcrypto.81.1.1 instead of bundled libssl.1.1 and libcrypto.1.1.
To install you can run:
dnf install openssl-quic-libs
Devel package is also available: openssl-quic-devel.
