From 41ae917be94b2c78e3d547cb23bf53db10d11650 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Thu, 10 Oct 2024 08:41:58 +0200
Subject: [PATCH] Adding patchinfo
 patchinfo.20240711084522434926.255638743075857

---
 .../_patchinfo                                | 101 ++++++++++++++++++
 1 file changed, 101 insertions(+)
 create mode 100644 patchinfo.20240711084522434926.255638743075857/_patchinfo

diff --git a/patchinfo.20240711084522434926.255638743075857/_patchinfo b/patchinfo.20240711084522434926.255638743075857/_patchinfo
new file mode 100644
index 0000000..892ee17
--- /dev/null
+++ b/patchinfo.20240711084522434926.255638743075857/_patchinfo
@@ -0,0 +1,101 @@
+<patchinfo>
+  <!-- generated from request(s) 339484, 338850, 342356  -->
+  <issue tracker="bnc" id="1221763">ptrace(PTRACE_ATTACH) fails on processes of the same user</issue>
+  <issue tracker="bnc" id="1222548">VUL-0: CVE-2024-2511: openssl-1_1,openssl-3:Unbounded memory growth with session handling in TLSv1.3</issue>
+  <issue tracker="bnc" id="1222899">[SECURITY] openSSL 3.1.x EC doesn't work with tpm2</issue>
+  <issue tracker="bnc" id="1223306">Userspace livepatch application fails: ulp: Unable to get section data.</issue>
+  <issue tracker="bnc" id="1223336">openssl-3: variations in openssl-3-debugsource</issue>
+  <issue tracker="bnc" id="1223428">SUSE:SLE-15-SP6:GA openssl-3 not livepatch enabled</issue>
+  <issue tracker="bnc" id="1224388">VUL-0: CVE-2024-4603: openssl-3: excessive time spent checking DSA keys and parameters</issue>
+  <issue tracker="bnc" id="1225291">[NetApp SLES15 SP6 Bug]: NVMe/TCP TLS connection fails due to handshake failure</issue>
+  <issue tracker="bnc" id="1225551">VUL-0: CVE-2024-4741: openssl-1_1,openssl-3: Use After Free with SSL_free_buffers</issue>
+  <issue tracker="bnc" id="1227138">VUL-0: CVE-2024-5535: openssl: SSL_select_next_proto buffer overread</issue>
+  <issue tracker="cve" id="2024-2511"/>
+  <issue tracker="cve" id="2024-4603"/>
+  <issue tracker="cve" id="2024-4741"/>
+  <issue tracker="cve" id="2024-5535"/>
+  <issue tracker="cve" id="2024-6119"/>
+  <issue tracker="bnc" id="1229465">VUL-0: EMBARGOED: CVE-2024-6119: openssl-3: possible denial of service in X.509 name checks</issue>
+  <issue tracker="bnc" id="1221365">[FIPS][OpenSSL-3] Service Level Indicator is needed</issue>
+  <issue tracker="bnc" id="1221760">[FIPS][OpenSSL-3] Selftests are required</issue>
+  <issue tracker="bnc" id="1221753">[FIPS][OpenSSL-3] Error state has to be enforced</issue>
+  <issue tracker="bnc" id="1220523">[FIPS][OpenSSL-3] Entropy Source </issue>
+  <issue tracker="bnc" id="1221786">[FIPS][OpenSSL-3] Use of non-Approved Elliptic Curves</issue>
+  <issue tracker="bnc" id="1221751">[FIPS][OpenSSL-3] The FIPS module shall provide an output possibility</issue>
+  <issue tracker="bnc" id="1221821">[FIPS][OpenSSL-3] FIPS Domain Parameters</issue>
+  <issue tracker="bnc" id="1221827">[FIPS][OpenSSL-3] Recommendation for Password-Based Key Derivation</issue>
+  <issue tracker="bnc" id="1221752">[FIPS][OpenSSL-3] Zeroisation is required</issue>
+  <issue tracker="bnc" id="1220690">[FIPS][OpenSSL-3] Primary DRBG for openssl needs to have prediction resistance enabled or it shall be reseeded every time before providing an output to the caller.</issue>
+  <issue tracker="bnc" id="1220693">[FIPS][OpenSSL-3] Add oversampling of the noise source to comply with requirements of NIST SP 800-90C.</issue>
+  <issue tracker="bnc" id="1220696">[FIPS][OpenSSL-3] Change CRNG buf size to align with output size of the Jitter RNG.</issue>
+  <issue tracker="bnc" id="1221824">[FIPS][OpenSSL-3] NIST SP 800-56Brev2</issue>
+  <issue tracker="bnc" id="1221787">[FIPS][OpenSSL-3] Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4</issue>
+  <issue tracker="bnc" id="1221822">[FIPS][OpenSSL-3] NIST SP 800-56Arev3</issue>
+  <issue tracker="bnc" id="1226463">algif_hash in kernel-obs-build causes an openssl-1_1 test failure</issue>
+  <issue tracker="gh" id="openssl/openssl#23448"/>
+  <issue tracker="gh" id="openssl/openssl#23456"/>
+  <packager>gbelinassi</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for openssl-3, libpulp, ulp-macros</summary>
+  <description>This update for openssl-3, libpulp, ulp-macros fixes the following issues:
+
+openssl-3:
+  - CVE-2024-6119: possible denial of service in X.509 name checks (bsc#1229465)
+  - CVE-2024-5535: SSL_select_next_proto buffer overread (bsc#1227138)
+  - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers (bsc#1225551)
+  - CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388)
+  - CVE-2024-2511: Fix unconstrained session cache growth in TLSv1.3 (bsc#1222548)
+  - FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365)
+  - FIPS: RSA keygen PCT requirements. (bsc#1221760, bsc#1221753)
+  - FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode. (bsc#1220523)
+  - FIPS: Port openssl to use jitterentropy (bsc#1220523)
+  - FIPS: Block non-Approved Elliptic Curves (bsc#1221786)
+  - FIPS: Service Level Indicator (bsc#1221365)
+  - FIPS: Output the FIPS-validation name and module version which uniquely identify the FIPS validated module. (bsc#1221751)
+  - FIPS: Add required selftests (bsc#1221760)
+  - FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821)
+  - FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827)
+  - FIPS: Zeroization is required (bsc#1221752)
+  - FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696)
+  - FIPS: NIST SP 800-56Brev2 (bsc#1221824)
+  - FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787)
+  - FIPS: Port openssl to use jitterentropy (bsc#1220523)
+  - FIPS: NIST SP 800-56Arev3 (bsc#1221822)
+  - FIPS: Error state has to be enforced (bsc#1221753)
+  - Build with enabled sm2 and sm4 support (bsc#1222899)
+  - fix non-reproducible build issue
+  - Fix HDKF key derivation (bsc#1225291)
+  - Enable livepatching support (bsc#1223428)
+
+libpulp:
+  - Update package with libpulp-0.3.5
+    * Change .so load policy from lazy to eager.
+    * Fix patch of references when mprotect is enabled.
+    * Fix tramposed calloc arguments.
+    * Fix crash of ulp packer on empty lines.
+
+  - Disabled ptrace_scope through aaa_base-enable-ptrace package (bsc#1221763).
+  - Update package with libpulp-0.3.4:
+    * Add debuginfo into ulp extract.
+
+  - Disabled ptrace_scope when building the package (bsc#1221763).
+  - Update package with libpulp-0.3.3:
+    * Fixed a race condition when process list is empty.
+    * Removed "Unable to get section data" error message (bsc#1223306).
+    * Bumped asunsafe_conversion attempts from 100 to 2000.
+    * Fixed banner test on clang-18.
+    * Check if ptrace_scope is enabled when attempting a ptrace operation (bsc#1221763).
+
+  - Update package with libpulp-0.3.1:
+    * Add timestamp information on `ulp patches`.
+
+ulp-macros:
+  - Initial release.
+</description>
+  <package>libpulp</package>
+  <package>openssl-3</package>
+  <package>ulp-macros</package>
+  <package>jitterentropy</package>
+  <seperate_build_arch/>
+</patchinfo>