Accepting request 914079 from home:pmonrealgonzalez:branches:security:tls

- Update to 1.1.1l:
  * [bsc#1189520, CVE-2021-3711] Fixed an SM2 Decryption Buffer Overflow.
  * [bsc#1189521, CVE-2021-3712] Fixed various read buffer overruns
    processing ASN.1 strings

- Require the crypto-policies package from libopenssl-1_1

OBS-URL: https://build.opensuse.org/request/show/914079
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=96
This commit is contained in:
Jason Sikes 2021-08-25 02:52:01 +00:00 committed by Git OBS Bridge
parent bbd5132f50
commit f21d23e877
6 changed files with 32 additions and 17 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5
size 9823400

View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmBckA0ACgkQ2cTSbQ5g
RJE17Qf/RlHonnl+fhmD+rqQ5b5q6zuN0UassMwglwfbvajSTw0RAPk9IAAAuw6l
g0htn8wRYKQDgAUz469H1TM983HqFaxoc2VThVt4Et3Vd0ddalxNjlz2ycndTpvm
gEURrL3czSOEZNEBczsJElclNpXrG61vcMFruLc27uwMMU3KPvgwRJj9DsSoyB7g
Scsbze4wRbkolfOCiXpPcNYgNBSJRCuStEePtrwwB8iMAoPrDbnCtPl4EWrDq7yi
VtEb5kR2v0I8Yb9uxo1vRf80yida2Rx2K/AWKNS4dz+7NMYKaS5VXj2+eiTxszNl
xDZYd2ZMLseRUooR+QwU8K8YGPyOAw==
=e5aY
-----END PGP SIGNATURE-----

3
openssl-1.1.1l.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1
size 9834044

11
openssl-1.1.1l.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmEk9nQACgkQ2cTSbQ5g
RJEWYAgAwRaW4k2SavaEeqwYzoZ7YN91Yax/pKpgKaRdg0Ypb/e+NSZ/xRMOnoHg
sxr/UqrhUVtmhHrBeMd7JgjkYmO2SsG3tX8M9ap1uxeImUMXtyxUYoIRHb0fLuHO
edklhU7ZP6NRxRdIw/huLoQwv3JEJ5PdhmK7QpX3kbSpybvSJr8+mE7ihrxI2Khc
58tsT+BEuYqduTZTD6MfXdspKdz/sPyjNV0T+6eOkUnDihwfS1j3BcT1HR9+gJbJ
qVXjQ/FZow9r3x+3shIHWXKQ0Iqytor5E/jnEIpG4O1WIhIqkjsZn8lJjoZtH0fP
i57jU1U6DrYl7Mtj3slmkUuCCmszVw==
=gSLl
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,16 @@
-------------------------------------------------------------------
Tue Aug 24 19:32:25 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
- Update to 1.1.1l:
* [bsc#1189520, CVE-2021-3711] Fixed an SM2 Decryption Buffer Overflow.
* [bsc#1189521, CVE-2021-3712] Fixed various read buffer overruns
processing ASN.1 strings
-------------------------------------------------------------------
Wed Jul 28 10:05:34 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
- Require the crypto-policies package from libopenssl-1_1
-------------------------------------------------------------------
Mon May 17 14:28:52 UTC 2021 - Jason Sikes <jsikes@suse.com>

View File

@ -21,7 +21,7 @@
%define _rname openssl
Name: openssl-1_1
# Don't forget to update the version in the "openssl" package!
Version: 1.1.1k
Version: 1.1.1l
Release: 0
Summary: Secure Sockets and Transport Layer Security
License: OpenSSL
@ -114,6 +114,9 @@ OpenSSL contains an implementation of the SSL and TLS protocols.
Summary: Secure Sockets and Transport Layer Security
License: OpenSSL
Group: Productivity/Networking/Security
%if 0%{?suse_version} && ! 0%{?sle_version}
Requires: crypto-policies
%endif
Recommends: ca-certificates-mozilla
# install libopenssl and libopenssl-hmac close together (bsc#1090765)
Suggests: libopenssl1_1-hmac = %{version}-%{release}
@ -174,8 +177,7 @@ This package contains optional documentation provided in addition to
this package's base documentation.
%prep
%setup -q -n %{_rname}-%{version}
%autopatch -p1
%autosetup -p1 -n %{_rname}-%{version}
%build
%ifarch armv5el armv5tel