pool/openssl-1_1
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 755640 from home:pmonrealgonzalez:branches:security:tls

Browse Source 
- Security fix: [bsc#1158809, CVE-2019-1551]
  * Overflow bug in the x64_64 Montgomery squaring procedure used
    in exponentiation with 512-bit moduli
- Add openssl-1_1-CVE-2019-1551.patch

OBS-URL: https://build.opensuse.org/request/show/755640
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=47
This commit is contained in:
Tomáš Chvátal 2019-12-11 07:08:38 +00:00 committed by Git OBS Bridge
parent b1d4609f8b
commit 2e0a10cc4c
3 changed files with 1071 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1058
openssl-1_1-CVE-2019-1551.patch Normal file
View File

File diff suppressed because it is too large Load Diff

8
openssl-1_1.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Tue Dec 10 16:04:06 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Security fix: [bsc#1158809, CVE-2019-1551]
* Overflow bug in the x64_64 Montgomery squaring procedure used
in exponentiation with 512-bit moduli
- Add openssl-1_1-CVE-2019-1551.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Oct 14 18:36:37 UTC 2019 - Jason Sikes <jsikes@suse.com> Mon Oct 14 18:36:37 UTC 2019 - Jason Sikes <jsikes@suse.com>

7
openssl-1_1.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package openssl-1_1 # spec file for package openssl-1_1
# #
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2019 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -51,6 +51,9 @@ Patch11: 0004-s390x-assembly-pack-fix-formal-interface-bug-in-chac.patch
Patch12: 0005-s390x-assembly-pack-import-chacha-from-cryptogams-re.patch Patch12: 0005-s390x-assembly-pack-import-chacha-from-cryptogams-re.patch
Patch13: 0006-s390x-assembly-pack-import-poly-from-cryptogams-repo.patch Patch13: 0006-s390x-assembly-pack-import-poly-from-cryptogams-repo.patch
Patch14: openssl-jsc-SLE-8789-backport_KDF.patch Patch14: openssl-jsc-SLE-8789-backport_KDF.patch
# OpenSSL Security Advisory [6 December 2019] bsc#1158809 CVE-2019-1551
# PATCH-FIX-UPSTREAM Integer overflow in RSAZ modular exponentiation on x86_64
Patch15: openssl-1_1-CVE-2019-1551.patch
BuildRequires: pkgconfig BuildRequires: pkgconfig
Conflicts: ssl Conflicts: ssl
Provides: ssl Provides: ssl
@ -201,7 +204,7 @@ set -x
# Do not install demo scripts executable under /usr/share/doc # Do not install demo scripts executable under /usr/share/doc
find demos -type f -perm /111 -exec chmod 644 {} \; find demos -type f -perm /111 -exec chmod 644 {} \;
# Place showciphers.c for %doc macro # Place showciphers.c for %%doc macro
cp %{SOURCE5} . cp %{SOURCE5} .
%post -n libopenssl1_1 -p /sbin/ldconfig %post -n libopenssl1_1 -p /sbin/ldconfig