pool/openssl-1_1
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
65 Commits 1 Branch 0 Tags 34 MiB
C 100%
a13839c7c6
Go to file
Pedro Monreal Gonzalez a13839c7c6 Accepting request 873674 from home:pmonrealgonzalez:branches:security:tls 
- Update to 1.1.1j
  * Fixed the X509_issuer_and_serial_hash() function. It attempts
    to create a unique hash value based on the issuer and serial
    number data contained within an X509 certificate. However it
    was failing to correctly handle any errors that may occur
    while parsing the issuer field [bsc#1182331, CVE-2021-23841]
  * Fixed the RSA_padding_check_SSLv23() function and the
    RSA_SSLV23_PADDING padding mode to correctly check for
    rollback attacks.
  * Fixed the EVP_CipherUpdate, EVP_EncryptUpdate and
    EVP_DecryptUpdate functions. Previously they could overflow the
    output length argument in some cases where the input length is
    close to the maximum permissable length for an integer on the
    platform. In such cases the return value from the function call
    would be 1 (indicating success), but the output length value
    would be negative. This could cause applications to behave
    incorrectly or crash. [bsc#1182333, CVE-2021-23840]
  * Fixed SRP_Calc_client_key so that it runs in constant time.
    The previous implementation called BN_mod_exp without setting
    BN_FLG_CONSTTIME. This could be exploited in a side channel
    attack to recover the password. Since the attack is local host
    only this is outside of the current OpenSSL threat model and
    therefore no CVE is assigned.
- Rebase patches:
  * openssl-1.1.1-fips.patch
  * openssl-1.1.0-issuer-hash.patch
  * openssl-1.1.1-evp-kdf.patch

- Add version guards for the crypto-policies

OBS-URL: https://build.opensuse.org/request/show/873674
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=85
2021-02-22 12:20:01 +00:00
.gitattributes - Renamed from openssl-1_1_0 (bsc#1081335) 2018-02-16 12:13:08 +00:00
.gitignore - Renamed from openssl-1_1_0 (bsc#1081335) 2018-02-16 12:13:08 +00:00
0001-s390x-assembly-pack-perlasm-support.patch Accepting request 708112 from home:vitezslav_cizek:branches:factory 2019-06-06 11:11:21 +00:00
0002-crypto-chacha-asm-chacha-s390x.pl-add-vx-code-path.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
0003-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
0004-s390x-assembly-pack-fix-formal-interface-bug-in-chac.patch Accepting request 708112 from home:vitezslav_cizek:branches:factory 2019-06-06 11:11:21 +00:00
0005-s390x-assembly-pack-import-chacha-from-cryptogams-re.patch Accepting request 708112 from home:vitezslav_cizek:branches:factory 2019-06-06 11:11:21 +00:00
0006-s390x-assembly-pack-import-poly-from-cryptogams-repo.patch Accepting request 708112 from home:vitezslav_cizek:branches:factory 2019-06-06 11:11:21 +00:00
baselibs.conf Accepting request 631304 from home:vitezslav_cizek:branches:security:tls 2018-08-24 10:39:49 +00:00
openssl-1_1-disable-test_srp-sslapi.patch Accepting request 865443 from home:pmonrealgonzalez:branches:security:tls 2021-01-21 14:53:39 +00:00
openssl-1_1-seclevel.patch Accepting request 865443 from home:pmonrealgonzalez:branches:security:tls 2021-01-21 14:53:39 +00:00
openssl-1_1-use-seclevel2-in-tests.patch Accepting request 865443 from home:pmonrealgonzalez:branches:security:tls 2021-01-21 14:53:39 +00:00
openssl-1_1.changes Accepting request 873674 from home:pmonrealgonzalez:branches:security:tls 2021-02-22 12:20:01 +00:00
openssl-1_1.spec Accepting request 873674 from home:pmonrealgonzalez:branches:security:tls 2021-02-22 12:20:01 +00:00
openssl-1.1.0-issuer-hash.patch Accepting request 873674 from home:pmonrealgonzalez:branches:security:tls 2021-02-22 12:20:01 +00:00
openssl-1.1.0-no-html.patch Accepting request 790182 from home:vitezslav_cizek:branches:security:tls 2020-03-31 14:27:13 +00:00
openssl-1.1.1-evp-kdf.patch Accepting request 873674 from home:pmonrealgonzalez:branches:security:tls 2021-02-22 12:20:01 +00:00
openssl-1.1.1-fips-crng-test.patch Accepting request 796077 from home:vitezslav_cizek:branches:security:tls 2020-04-21 15:13:15 +00:00
openssl-1.1.1-fips-post-rand.patch Accepting request 854071 from home:vitezslav_cizek:branches:security:tls 2020-12-14 11:20:34 +00:00
openssl-1.1.1-fips.patch Accepting request 873674 from home:pmonrealgonzalez:branches:security:tls 2021-02-22 12:20:01 +00:00
openssl-1.1.1-ssh-kdf.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-1.1.1-system-cipherlist.patch Accepting request 850541 from home:vitezslav_cizek:branches:security:tls 2020-12-05 17:19:30 +00:00
openssl-1.1.1j.tar.gz Accepting request 873674 from home:pmonrealgonzalez:branches:security:tls 2021-02-22 12:20:01 +00:00
openssl-1.1.1j.tar.gz.asc Accepting request 873674 from home:pmonrealgonzalez:branches:security:tls 2021-02-22 12:20:01 +00:00
openssl-assembly-pack-accelerate-scalar-multiplication.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-DEFAULT_SUSE_cipher.patch Accepting request 635009 from home:vitezslav_cizek:branches:security:tls 2018-09-11 15:12:55 +00:00
openssl-Enable-curve-spefific-ECDSA-implementations-via-EC_M.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-fips_fix_selftests_return_value.patch Accepting request 778004 from home:vitezslav_cizek:branches:security:tls 2020-02-21 15:33:18 +00:00
openssl-fips_mode.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips_selftest_upstream_drbg.patch Accepting request 836174 from home:vitezslav_cizek:branches:security:tls 2020-09-23 06:41:06 +00:00
openssl-fips-add-SHA3-selftest.patch Accepting request 776093 from home:jsikes:branches:security:tls 2020-02-19 08:42:05 +00:00
openssl-fips-clearerror.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips-dont_run_FIPS_module_installed.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips-ignore_broken_atexit_test.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips-run_selftests_only_when_module_is_complete.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips-selftests_in_nonfips_mode.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-Fix-9bf682f-which-broke-nistp224_method.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-keep_EVP_KDF_functions_version.patch Accepting request 767728 from home:vitezslav_cizek:branches:security:tls 2020-01-27 14:25:49 +00:00
openssl-no-date.patch Accepting request 631304 from home:vitezslav_cizek:branches:security:tls 2018-08-24 10:39:49 +00:00
openssl-OPENSSL_s390xcap.pod-list-msa9-facility-bit-155.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-pkgconfig.patch Accepting request 631304 from home:vitezslav_cizek:branches:security:tls 2018-08-24 10:39:49 +00:00
openssl-ppc64-config.patch Accepting request 631304 from home:vitezslav_cizek:branches:security:tls 2018-08-24 10:39:49 +00:00
openssl-s390x-assembly-pack-accelerate-ECDSA.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-s390x-assembly-pack-accelerate-X25519-X448-Ed25519-and-Ed448.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-assembly-pack-add-support-for-pcc-and-kma-inst.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-assembly-pack-cleanse-only-sensitive-fields.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-assembly-pack-fix-msa3-stfle-bit-detection.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-assembly-pack-fix-OPENSSL_s390xcap-z15-cpu-mas.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-assembly-pack-update-OPENSSL_s390xcap-3.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-fix-x448-and-x448-test-vector-ctime-for-x25519-and-x448.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-s390xcpuid.pl-fix-comment.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-ship_fips_standalone_hmac.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-truststore.patch Accepting request 631304 from home:vitezslav_cizek:branches:security:tls 2018-08-24 10:39:49 +00:00
openssl-unknown_dgst.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl.keyring Accepting request 706506 from home:vitezslav_cizek:branches:o11 2019-05-30 12:30:15 +00:00
showciphers.c - Renamed from openssl-1_1_0 (bsc#1081335) 2018-02-16 12:13:08 +00:00