pool/openssl-1_1
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
134 Commits 2 Branches 0 Tags 15 MiB
11ddbc986a
Commit Graph

134 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Dominique Leuenberger
11ddbc986a Accepting request 1062225 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/1062225
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=41
 2023-02-02 17:08:04 +00:00
Pedro Monreal Gonzalez
6d27aa3f13 Accepting request 1062217 from security:tls:unstable 
- Set OpenSSL 3.0 as the default openssl [bsc#1205042]
  * For compatibility with OpenSSL 3.0, the OpenSSL master
    configuration file openssl.cnf has been renamed to
    openssl-1_1.cnf. The executables openssl, c_rehash, CA.pl and
    tsget.pl have been also renamed to openssl-1_1, c_rehash-1_1,
    CA-1_1.pl and tsget-1_1.pl, respectively.
  * Add openssl-1_1-devel as conflicting with libopenssl-3-devel
  * Add openssl-1_1-openssl-config.patch

OBS-URL: https://build.opensuse.org/request/show/1062217
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=126
 2023-01-31 12:15:21 +00:00
Dominique Leuenberger
1db74d6acf Accepting request 1042988 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/1042988
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=40
 2022-12-18 16:22:17 +00:00
Pedro Monreal Gonzalez
93c266235b Accepting request 1042984 from home:ohollmann:branches:security:tls 
OBS-URL: https://build.opensuse.org/request/show/1042984
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=124
 2022-12-14 20:20:45 +00:00
Otto Hollmann
0ce74d253b Accepting request 1042846 from home:ohollmann:branches:security:tls 
- POWER10 performance enhancements for cryptography [jsc#PED-512]
  * openssl-1_1-AES-GCM-performance-optimzation-with-stitched-method.patch
  * openssl-1_1-Fixed-counter-overflow.patch
  * openssl-1_1-chacha20-performance-optimizations-for-ppc64le-with-.patch
  * openssl-1_1-Fixed-conditional-statement-testing-64-and-256-bytes.patch
  * openssl-1_1-Fix-AES-GCM-on-Power-8-CPUs.patch

OBS-URL: https://build.opensuse.org/request/show/1042846
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=123
 2022-12-14 09:46:30 +00:00
Dominique Leuenberger
48848f012a Accepting request 1032895 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/1032895
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=39
 2022-11-03 18:12:58 +00:00
Pedro Monreal Gonzalez
4cf96f27f1 Accepting request 1032887 from home:ohollmann:branches:security:tls 
- Updated openssl.keyring with key A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C
- Update to 1.1.1s:
  * Fixed a regression introduced in 1.1.1r version not refreshing the
    certificate data to be signed before signing the certificate.
- Update to 1.1.1r:
  * Fixed the linux-mips64 Configure target which was missing the
    SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
    platform.
  * Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
    causing incorrect results in some cases as a result.
  * Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
    report correct results in some cases
  * Fixed a regression introduced in 1.1.1o for re-signing certificates with
    different key sizes
  * Added the loongarch64 target
  * Fixed a DRBG seed propagation thread safety issue
  * Fixed a memory leak in tls13_generate_secret
  * Fixed reported performance degradation on aarch64. Restored the
    implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
    32-bit lane assignment in CTR mode") for 64bit targets only, since it is
    reportedly 2-17% slower and the silicon errata only affects 32bit targets.
    The new algorithm is still used for 32 bit targets.
  * Added a missing header for memcmp that caused compilation failure on some
    platforms

OBS-URL: https://build.opensuse.org/request/show/1032887
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=121
 2022-11-02 13:56:40 +00:00
Richard Brown
f932996074 Accepting request 1007224 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/1007224
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=38
 2022-10-01 15:41:27 +00:00
Pedro Monreal Gonzalez
ba6be953da Accepting request 1007029 from home:ohollmann:branches:home:jsikes:branches:security:tls 
- Added openssl-1_1-paramgen-default_to_rfc7919.patch
  * bsc#1180995
  * Default to RFC7919 groups when generating ECDH parameters
    using 'genpkey' or 'dhparam' in FIPS mode.

OBS-URL: https://build.opensuse.org/request/show/1007029
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=119
 2022-09-30 10:26:12 +00:00
Dominique Leuenberger
c72c767e80 Accepting request 987305 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/987305
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=37
 2022-07-08 12:01:24 +00:00
Jason Sikes
bc10d3dbd2 Accepting request 987301 from home:jsikes:branches:security:tls 
Fixed CVE-2022-2097. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/987301
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=117
 2022-07-07 02:51:21 +00:00
Jason Sikes
71b469adbb Accepting request 985766 from home:Andreas_Schwab:Factory 
- openssl-riscv64-config.patch: backport of riscv64 config support

OBS-URL: https://build.opensuse.org/request/show/985766
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=116
 2022-07-07 02:47:54 +00:00
Dominique Leuenberger
32bcc01e6d Accepting request 985235 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/985235
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=36
 2022-06-28 13:21:07 +00:00
Jason Sikes
282de1dff4 Accepting request 984626 from home:jsikes:branches:security:tls 
update to 1.1.1p. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/984626
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=114
 2022-06-27 07:21:15 +00:00
Dominique Leuenberger
af41bdf3bd Accepting request 981089 from security:tls 
- Update to 1.1.1o: [CVE-2022-1292, bsc#1199166]
  * Fixed a bug in the c_rehash script which was not properly sanitising
    shell metacharacters to prevent command injection.
  * Rebased openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
  * Rebased openssl-s390x-assembly-pack-add-support-for-pcc-and-kma-inst.patch
- Added openssl-update_expired_certificates.patch
  * Openssl failed tests because of expired certificates.
  * bsc#1185637
  * Sourced from https://github.com/openssl/openssl/pull/18446/commits

OBS-URL: https://build.opensuse.org/request/show/981089
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=35
 2022-06-09 12:09:46 +00:00
Marcus Meissner
9e96c4741f OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=112 2022-06-07 06:45:15 +00:00
Marcus Meissner
57ab29103c Accepting request 980599 from home:jsikes:branches:security:tls 
Fixed CVE-2022-1292 and updated expired certificates. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/980599
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=111
 2022-06-07 06:28:40 +00:00
Dominique Leuenberger
020eadbe13 Accepting request 961992 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/961992
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=34
 2022-03-17 16:01:24 +00:00
Pedro Monreal Gonzalez
eb052185fb Accepting request 961990 from home:pmonrealgonzalez:branches:security:tls 
- Update to 1.1.1n: [bsc#1196877, CVE-2022-0778]
  * Security fix [CVE-2022-0778]: Infinite loop for non-prime moduli
    in BN_mod_sqrt() reachable when parsing certificates.
  * Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK
    (RFC 5489) to the list of ciphersuites providing Perfect Forward
    Secrecy as required by SECLEVEL >= 3.
  * Rebase openssl-1.1.1-fips.patch openssl-1.1.1-evp-kdf.patch

OBS-URL: https://build.opensuse.org/request/show/961990
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=109
 2022-03-15 18:24:32 +00:00
Dominique Leuenberger
7812ff217a Accepting request 960473 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/960473
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=33
 2022-03-11 20:39:43 +00:00
Pedro Monreal Gonzalez
8cce2e6a14 Accepting request 960455 from home:pmonrealgonzalez:branches:security:tls 
- Security fix: [bsc#1192820, CVE-2002-20001]
  * Fix DHEATER: The Diffie-Hellman Key Agreement Protocol allows
    remote attackers (from the client side) to send arbitrary
    numbers that are actually not public keys, and trigger
    expensive server-side DHE calculation.
  * Stop recommending the DHE in SSL_DEFAULT_SUSE_CIPHER_LIST
  * Rebase openssl-DEFAULT_SUSE_cipher.patch

- Fix the engines section in /etc/ssl/openssl.cnf [bsc#1194187]
  * In an INI-type file, the sections begin with a [section_name]
    and they run until the next section begins.
  * Rebase openssl-1_1-use-include-directive.patch

OBS-URL: https://build.opensuse.org/request/show/960455
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=107
 2022-03-09 11:25:28 +00:00
Dominique Leuenberger
bcde5a1d7a Accepting request 954341 from security:tls 
- Pull libopenssl-1_1 when updating openssl-1_1 with the same
  version. [bsc#1195792]

- FIPS: Fix function and reason error codes [bsc#1182959]
  * Add openssl-1_1-FIPS-fix-error-reason-codes.patch

OBS-URL: https://build.opensuse.org/request/show/954341
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=32
 2022-02-15 22:56:57 +00:00
Pedro Monreal Gonzalez
66f0a2e283 Accepting request 954339 from home:pmonrealgonzalez:branches:security:tls 
OBS-URL: https://build.opensuse.org/request/show/954339
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=106
 2022-02-14 15:41:59 +00:00
Pedro Monreal Gonzalez
5a8d36f4fd Accepting request 954189 from home:pmonrealgonzalez:branches:security:tls 
- Pull libopenssl-1_1 when updating openssl-1_1 with the same
  version. [bsc#1195792]

- FIPS: Fix function and reason error codes [bsc#1182959]
  * Add openssl-1_1-FIPS-fix-error-reason-codes.patch

OBS-URL: https://build.opensuse.org/request/show/954189
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=105
 2022-02-14 12:37:47 +00:00
Dominique Leuenberger
9119d6bfb8 Accepting request 951364 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/951364
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=31
 2022-02-05 22:22:59 +00:00
Pedro Monreal Gonzalez
7f50aa7dba Accepting request 951360 from home:pmonrealgonzalez:branches:security:tls 
- Enable zlib compression support [bsc#1195149]

OBS-URL: https://build.opensuse.org/request/show/951360
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=104
 2022-02-03 17:41:11 +00:00
Pedro Monreal Gonzalez
e71c296884 Accepting request 950464 from home:pmonrealgonzalez:branches:security:tls 
- Backport cryptographic improvements from OpenSSL 3 [jsc#SLE-19742]
- POWER10 performance enhancements for cryptography [jsc#SLE-18136]

OBS-URL: https://build.opensuse.org/request/show/950464
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=103
 2022-02-01 15:05:00 +00:00
Pedro Monreal Gonzalez
8903999f6a Accepting request 949750 from home:pmonrealgonzalez:branches:security:tls 
- Backport cryptographic improvements from OpenSSL 3 [jsc#SLE-19766]
  * Optimize RSA on armv8: openssl-1_1-Optimize-RSA-armv8.patch
  * Optimize AES-XTS mode for aarch64:
    openssl-1_1-Optimize-AES-XTS-aarch64.patch
  * Optimize AES-GCM for uarchs with unroll and new instructions:
    openssl-1_1-Optimize-AES-GCM-uarchs.patch

- POWER10 performance enhancements for cryptography [jsc#SLE-19409]
  * openssl-1_1-Optimize-ppc64.patch

OBS-URL: https://build.opensuse.org/request/show/949750
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=102
 2022-01-28 17:51:43 +00:00
Dominique Leuenberger
2cdc16e06a Accepting request 943542 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/943542
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=30
 2022-01-07 11:44:23 +00:00
Pedro Monreal Gonzalez
4ef4397187 Accepting request 942952 from home:pmonrealgonzalez:branches:security:tls 
- Update to 1.1.1m:
  * Avoid loading of a dynamic engine twice.
  * Prioritise DANE TLSA issuer certs over peer certs
- Rebased patches:
  * openssl-1.1.1-evp-kdf.patch
  * openssl-1.1.1-system-cipherlist.patch

- Enforce crypto-policies for the upcoming Leap 15.4 and SLE 15-SP4

OBS-URL: https://build.opensuse.org/request/show/942952
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=101
 2022-01-03 08:42:13 +00:00
Dominique Leuenberger
5f529e794d Accepting request 940471 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/940471
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=29
 2021-12-18 19:29:54 +00:00
Pedro Monreal Gonzalez
c13b2fd4bf Accepting request 936137 from home:markkp:branches:security:tls 
- Added openssl-1_1-use-include-directive.patch so that the default
  /etc/ssl/openssl.cnf file will include any configuration files that
  other packages might place into /etc/ssl/engines.d/ and
  /etc/ssl/engdef.d/ This is a fix for bsc#1004463 where scripting was
  being used to modify the openssl.cnf file. The scripting would fail
  if either the default openssl.cnf file, or the sample openssl-ibmca
  configuration file would be changed by upstream.
- Updated spec file to create the two new necessary directores for
  the above patch.

OBS-URL: https://build.opensuse.org/request/show/936137
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=100
 2021-12-14 12:43:58 +00:00
Dominique Leuenberger
de911df7f8 Accepting request 934684 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/934684
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=28
 2021-12-05 21:45:45 +00:00
Pedro Monreal Gonzalez
81ba30e4f7 Accepting request 930969 from home:gbelinassi 
- Add support for livepatches (jsc#SLE-20049).
- Generate ipa-clones tarball artifact when livepatching is enabled.

Userspace Livepatching allows your application to be updated without restarting. For a library to be livepatchable, it has to be compiled with special flags (-fpatchable-functions-entry=X,Y).

To aid the development of livepatches, ipa-clones are also generated in the build process and packed into a livepatch tarball. This tarball is meant to be used by developers during their workflow: these files contains log of changes that gcc did in the compiled code that may change code layout, which must be accounted when developing a livepatch. For instance, livepatching a function which is inlined requires livepatching every function that calls it. Tools that use such files already exists in kernel-livepatching and we aim porting them to userspace livepatching as well.

OBS-URL: https://build.opensuse.org/request/show/930969
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=99
 2021-11-30 09:07:05 +00:00
Pedro Monreal Gonzalez
031c49bd14 Accepting request 928526 from home:dancermak:branches:security:tls 
Drop openssl-no-date.patch

OBS-URL: https://build.opensuse.org/request/show/928526
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=98
 2021-11-22 18:47:15 +00:00
Dominique Leuenberger
863b688e84 Accepting request 930407 from security:tls 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/930407
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=27
 2021-11-11 20:35:46 +00:00
Pedro Monreal Gonzalez
adc35a7f9e Accepting request 928745 from home:gladiac:branches:security:tls 
- Add missing libopenssl1_1-hmac 32bit package

OBS-URL: https://build.opensuse.org/request/show/928745
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=97
 2021-11-05 12:49:39 +00:00
Dominique Leuenberger
b0d056e146 Accepting request 914095 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/914095
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=26
 2021-08-28 20:28:35 +00:00
Jason Sikes
f21d23e877 Accepting request 914079 from home:pmonrealgonzalez:branches:security:tls 
- Update to 1.1.1l:
  * [bsc#1189520, CVE-2021-3711] Fixed an SM2 Decryption Buffer Overflow.
  * [bsc#1189521, CVE-2021-3712] Fixed various read buffer overruns
    processing ASN.1 strings

- Require the crypto-policies package from libopenssl-1_1

OBS-URL: https://build.opensuse.org/request/show/914079
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=96
 2021-08-25 02:52:01 +00:00
Dominique Leuenberger
11b1c70b4c Accepting request 906782 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/906782
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=25
 2021-07-21 17:05:32 +00:00
Pedro Monreal Gonzalez
bbd5132f50 Accepting request 906749 from home:jsikes:branches:security:tls 
New candidate fix for bsc1180995. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/906749
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=95
 2021-07-17 07:22:41 +00:00
Pedro Monreal Gonzalez
15122a3c70 Accepting request 895194 from home:jsikes:branches:security:tls 
Fixed error in spec file. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/895194
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=94
 2021-05-24 15:50:42 +00:00
Dominique Leuenberger
9119842a93 Accepting request 886506 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/886506
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=24
 2021-04-19 19:06:14 +00:00
Jason Sikes
7d266d26c5 Accepting request 886496 from home:jsikes:branches:security:tls 
Added bsc numbers to changelog.

OBS-URL: https://build.opensuse.org/request/show/886496
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=92
 2021-04-18 23:41:13 +00:00
Richard Brown
f4f7fdf3c5 Accepting request 882115 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/882115
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=23
 2021-04-08 19:01:22 +00:00
Jason Sikes
abf147163e Accepting request 882114 from home:jsikes:branches:security:tls 
Update to 1.1.1k with CVE fixes. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/882114
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=90
 2021-03-30 07:22:25 +00:00
Jason Sikes
2a418dd2f6 Accepting request 881422 from home:jsikes:branches:security:tls 
Updated to 1.1.1k. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/881422
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=89
 2021-03-25 23:47:36 +00:00
Dominique Leuenberger
3ae49ce958 Accepting request 878152 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/878152
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=22
 2021-03-12 12:30:28 +00:00
Pedro Monreal Gonzalez
50473db176 Accepting request 876739 from home:pmonrealgonzalez:branches:security:tls 
- Fix unresolved error codes [bsc#1182959]
- Update patches:
  * openssl-1.1.1-fips.patch
  * openssl-1.1.1-evp-kdf.patch

OBS-URL: https://build.opensuse.org/request/show/876739
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=87
 2021-03-10 11:16:54 +00:00
Richard Brown
9548fda780 Accepting request 874306 from security:tls 
OBS-URL: https://build.opensuse.org/request/show/874306
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=21
 2021-03-03 17:33:24 +00:00