openssl-1_1

pool/openssl-1_1

SHA256

Fork 1

Commit Graph

Author	SHA256	Message	Date
Vítězslav Čížek	3e8cec6722	Accepting request 631304 from home:vitezslav_cizek:branches:security:tls - Update to 1.1.1-pre9 (Beta 7) * Support for TLSv1.3 added * Move the display of configuration data to configdata.pm. * Allow GNU style "make variables" to be used with Configure. * Add a STORE module (OSSL_STORE) * Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes * Add multi-prime RSA (RFC 8017) support * Add SM3 implemented according to GB/T 32905-2016 * Add SM4 implemented according to GB/T 32907-2016. * Add 'Maximum Fragment Length' TLS extension negotiation and support * Add ARIA support * Add SHA3 * Rewrite of devcrypto engine * Add support for SipHash * Grand redesign of the OpenSSL random generator - pretend the release is not a Beta, to avoid "OpenSSL version mismatch" with OpenSSH * add openssl-pretend_we_are_not_beta.patch - drop FIPS support * don't build with FIPS mode (not supported in 1.1.1) * don't create the -hmac subpackages - drop FIPS patches * openssl-fips-clearerror.patch * openssl-fips-dont-fall-back-to-default-digest.patch * openssl-fips-dont_run_FIPS_module_installed.patch * openssl-fips-fix-odd-rsakeybits.patch * openssl-fips-rsagen-d-bits.patch * openssl-fips-selftests_in_nonfips_mode.patch * openssl-fips_disallow_ENGINE_loading.patch * openssl-rsakeygen-minimum-distance.patch OBS-URL: https://build.opensuse.org/request/show/631304 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=19	2018-08-24 10:39:49 +00:00
Tomáš Chvátal	d99d49a007	Accepting request 591684 from home:vitezslav_cizek:branches:security:tls - Update to 1.1.0h OpenSSL Security Advisory [27 Mar 2018] * Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739) (bsc#1087102) * rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) (bsc#1071906) - refresh patches: * 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch * openssl-1.1.0-fips.patch * openssl-pkgconfig.patch * openssl-rsakeygen-minimum-distance.patch * openssl-static-deps.patch OBS-URL: https://build.opensuse.org/request/show/591684 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=7	2018-03-27 15:20:21 +00:00
Vítězslav Čížek	02427a3414	- Renamed from openssl-1_1_0 (bsc#1081335) * All the minor versions of the 1.1.x openssl branch have the same sonum and keep ABI compatibility - Remove bit obsolete syntax - Use %license macro - Don't disable afalgeng on aarch64 - Add support for s390x CPACF enhancements (fate#321518) patches taken from https://github.com/openssl/openssl/pull/2859: * 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch * 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch * 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch * 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch * 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch * 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch * 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch * 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch * 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch * 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch * 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch - Do not filter pkgconfig() provides/requires. - Obsolete openssl-1_0_0 by openssl-1_1_0: this is required for a clean upgrade path as an aid to zypp (boo#1070003). - Update to 1.1.0g OpenSSL Security Advisory [02 Nov 2017] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=2	2018-02-16 12:13:08 +00:00

Author

SHA256

Message

Date

Vítězslav Čížek

3e8cec6722

Accepting request 631304 from home:vitezslav_cizek:branches:security:tls

- Update to 1.1.1-pre9 (Beta 7)
  * Support for TLSv1.3 added
  * Move the display of configuration data to configdata.pm.
  * Allow GNU style "make variables" to be used with Configure.
  * Add a STORE module (OSSL_STORE)
  * Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes
  * Add multi-prime RSA (RFC 8017) support
  * Add SM3 implemented according to GB/T 32905-2016
  * Add SM4 implemented according to GB/T 32907-2016.
  * Add 'Maximum Fragment Length' TLS extension negotiation and support
  * Add ARIA support
  * Add SHA3
  * Rewrite of devcrypto engine
  * Add support for SipHash
  * Grand redesign of the OpenSSL random generator
- pretend the release is not a Beta, to avoid "OpenSSL version mismatch"
  with OpenSSH
  * add openssl-pretend_we_are_not_beta.patch
- drop FIPS support
  * don't build with FIPS mode (not supported in 1.1.1)
  * don't create the -hmac subpackages
  - drop FIPS patches
    * openssl-fips-clearerror.patch
    * openssl-fips-dont-fall-back-to-default-digest.patch
    * openssl-fips-dont_run_FIPS_module_installed.patch
    * openssl-fips-fix-odd-rsakeybits.patch
    * openssl-fips-rsagen-d-bits.patch
    * openssl-fips-selftests_in_nonfips_mode.patch
    * openssl-fips_disallow_ENGINE_loading.patch
    * openssl-rsakeygen-minimum-distance.patch

OBS-URL: https://build.opensuse.org/request/show/631304
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=19

2018-08-24 10:39:49 +00:00

Tomáš Chvátal

d99d49a007

Accepting request 591684 from home:vitezslav_cizek:branches:security:tls

- Update to 1.1.0h
  OpenSSL Security Advisory [27 Mar 2018]
  * Constructed ASN.1 types with a recursive definition could exceed
    the stack (CVE-2018-0739) (bsc#1087102)
  * rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
    (bsc#1071906)
- refresh patches:
  * 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
  * openssl-1.1.0-fips.patch
  * openssl-pkgconfig.patch
  * openssl-rsakeygen-minimum-distance.patch
  * openssl-static-deps.patch

OBS-URL: https://build.opensuse.org/request/show/591684
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=7

2018-03-27 15:20:21 +00:00

Vítězslav Čížek

02427a3414

- Renamed from openssl-1_1_0 (bsc#1081335)

* All the minor versions of the 1.1.x openssl branch have the same
    sonum and keep ABI compatibility

- Remove bit obsolete syntax
- Use %license macro

- Don't disable afalgeng on aarch64

- Add support for s390x CPACF enhancements (fate#321518)
  patches taken from https://github.com/openssl/openssl/pull/2859:
  * 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch
  * 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
  * 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch
  * 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch
  * 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch
  * 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch
  * 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch
  * 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
  * 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
  * 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
  * 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch

- Do not filter pkgconfig() provides/requires.

- Obsolete openssl-1_0_0 by openssl-1_1_0: this is required for a
  clean upgrade path as an aid to zypp (boo#1070003).

- Update to 1.1.0g
  OpenSSL Security Advisory [02 Nov 2017]

OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=2

2018-02-16 12:13:08 +00:00

3 Commits