Accepting request 882115 from security:tls
OBS-URL: https://build.opensuse.org/request/show/882115 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=23
This commit is contained in:
commit
f4f7fdf3c5
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf
|
|
||||||
size 9823161
|
|
@ -1,11 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQEzBAABCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmAr45gACgkQ2cTSbQ5g
|
|
||||||
RJE55AgAuAYlKdgDPQHfh7gyLmFl+fnO91iF8oaN/W4vFaAO2i3a/rwQayOOGWjh
|
|
||||||
UR4lUayR8ZLg+9p+69OGxogRd9mPp9YnZYSyLt/TO6BQcU9++CUIVYLgntUDiMzg
|
|
||||||
+doHvzWx7d9O070KBGb6+AwdUR2xZ29w+hcnq7DJ1xcLlbSj4iXzM1KapCEVlI08
|
|
||||||
gHw9UpIy3LASfx9CgiPK1FdKcelpRp4VvUDU4i2QgKzVtQrOLXv7InDBqIiLpwi5
|
|
||||||
PP0fAFnxQR1l7PgIF0T+dEyrz5xt60+6JpRaU8WIGqfrN+U4CuxKBvHW2ce7MgWz
|
|
||||||
oOIJ/1B7o5spKou6eKqm3gMP53J4hw==
|
|
||||||
=vzFe
|
|
||||||
-----END PGP SIGNATURE-----
|
|
3
openssl-1.1.1k.tar.gz
Normal file
3
openssl-1.1.1k.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5
|
||||||
|
size 9823400
|
11
openssl-1.1.1k.tar.gz.asc
Normal file
11
openssl-1.1.1k.tar.gz.asc
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
iQEzBAABCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmBckA0ACgkQ2cTSbQ5g
|
||||||
|
RJE17Qf/RlHonnl+fhmD+rqQ5b5q6zuN0UassMwglwfbvajSTw0RAPk9IAAAuw6l
|
||||||
|
g0htn8wRYKQDgAUz469H1TM983HqFaxoc2VThVt4Et3Vd0ddalxNjlz2ycndTpvm
|
||||||
|
gEURrL3czSOEZNEBczsJElclNpXrG61vcMFruLc27uwMMU3KPvgwRJj9DsSoyB7g
|
||||||
|
Scsbze4wRbkolfOCiXpPcNYgNBSJRCuStEePtrwwB8iMAoPrDbnCtPl4EWrDq7yi
|
||||||
|
VtEb5kR2v0I8Yb9uxo1vRf80yida2Rx2K/AWKNS4dz+7NMYKaS5VXj2+eiTxszNl
|
||||||
|
xDZYd2ZMLseRUooR+QwU8K8YGPyOAw==
|
||||||
|
=e5aY
|
||||||
|
-----END PGP SIGNATURE-----
|
@ -1,3 +1,24 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Mar 25 23:51:47 UTC 2021 - Jason Sikes <jsikes@suse.com>
|
||||||
|
|
||||||
|
- Update to 1.1.1k
|
||||||
|
* Fixed a problem with verifying a certificate chain when using
|
||||||
|
the X509_V_FLAG_X509_STRICT flag. This flag enables additional
|
||||||
|
security checks of the certificates present in a certificate
|
||||||
|
chain. It is not set by default. ([CVE-2021-3450])
|
||||||
|
|
||||||
|
* Fixed an issue where an OpenSSL TLS server may crash if sent a
|
||||||
|
maliciously crafted renegotiation ClientHello message from a
|
||||||
|
client. If a TLSv1.2 renegotiation ClientHello omits the
|
||||||
|
signature_algorithms extension (where it was present in the
|
||||||
|
initial ClientHello), but includes a signature_algorithms_cert
|
||||||
|
extension then a NULL pointer dereference will result, leading
|
||||||
|
to a crash and a denial of service attack.
|
||||||
|
|
||||||
|
A server is only vulnerable if it has TLSv1.2 and renegotiation
|
||||||
|
enabled (which is the default configuration). OpenSSL TLS
|
||||||
|
clients are not impacted by this issue. ([CVE-2021-3449])
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Mar 2 19:40:25 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
Tue Mar 2 19:40:25 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
||||||
|
|
||||||
|
@ -21,7 +21,7 @@
|
|||||||
%define _rname openssl
|
%define _rname openssl
|
||||||
Name: openssl-1_1
|
Name: openssl-1_1
|
||||||
# Don't forget to update the version in the "openssl" package!
|
# Don't forget to update the version in the "openssl" package!
|
||||||
Version: 1.1.1j
|
Version: 1.1.1k
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Secure Sockets and Transport Layer Security
|
Summary: Secure Sockets and Transport Layer Security
|
||||||
License: OpenSSL
|
License: OpenSSL
|
||||||
|
Loading…
Reference in New Issue
Block a user