pool/openssl-3
SHA256
12
0
Fork 2
Code Issues Pull Requests Activity

Commit Graph

  • be5aa8e361 Sync changes to SLFO-1.2 branch slfo-main slfo-1.2 Adrian Schröter 2025-08-20 10:00:00 +02:00
  • afe8736aba Accepting request 1297961 from security:tls factory Dominique Leuenberger 2025-08-09 17:57:12 +00:00
  • 30c6de24df - Update to 3.5.2: * Miscellaneous minor bug fixes. * The FIPS provider now performs a PCT on key import for RSA, EC and ECX. This is mandated by FIPS 140-3 IG 10.3.A additional comment 1. - Rebase patches: * openssl-FIPS-140-3-keychecks.patch * openssl-FIPS-NO-DES-support.patch * openssl-FIPS-enforce-EMS-support.patch * openssl-disable-fipsinstall.patch - Move ssl configuration files to the libopenssl package [bsc#1247463] - Don't install unneeded NOTES devel Pedro Monreal Gonzalez 2025-08-06 13:16:19 +00:00
  • 97acb0832f Accepting request 1296523 from security:tls Dominique Leuenberger 2025-07-31 15:45:52 +00:00
  • 6046fdcaeb - Disable LTO for userspace livepatching [jsc#PED-13245] Pedro Monreal Gonzalez 2025-07-30 09:28:14 +00:00
  • 66e88c4add - Use termios instead of obsolete termio Pedro Monreal Gonzalez 2025-07-29 08:21:34 +00:00
  • 3b25bca574 Accepting request 1291169 from security:tls Ana Guerrero 2025-07-09 15:25:32 +00:00
  • 2ae28710e3 Accepting request 1291089 from home:lmulling:branches:security:tls Pedro Monreal Gonzalez 2025-07-08 06:49:27 +00:00
  • 20fff9f8c0 Accepting request 1281096 from security:tls Dominique Leuenberger 2025-05-30 12:20:40 +00:00
  • 92e37434ce - Fix P-384 curve on lower-than-P9 PPC64 targets [bsc#1243014] * Add openssl-Fix-P384-on-P8-targets.patch [a72f753c] Pedro Monreal Gonzalez 2025-05-29 09:27:54 +00:00
  • 76538713a2 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=145 Pedro Monreal Gonzalez 2025-05-28 09:26:43 +00:00
  • 24d6d64b5c - Fixed CVE-2025-27587 Pedro Monreal Gonzalez 2025-05-28 06:57:23 +00:00
  • cbc553d55a - bsc#1243564 CVE-2025-4575: Fix the x509 application adding trusted use instead of rejected use * Add openssl-CVE-2025-4575.patch Pedro Monreal Gonzalez 2025-05-27 09:21:22 +00:00
  • 2dc845ffe5 Accepting request 1278744 from security:tls Ana Guerrero 2025-05-23 12:26:45 +00:00
  • 002501c0b8 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=141 Pedro Monreal Gonzalez 2025-05-20 13:04:16 +00:00
  • 5d3e6b585a Accepting request 1270033 from security:tls Dominique Leuenberger 2025-04-29 14:39:52 +00:00
  • 8a00581af4 - Update to 3.5.0: * Changes: - Default encryption cipher for the req, cms, and smime applications changed from des-ede3-cbc to aes-256-cbc. - The default TLS supported groups list has been changed to include and prefer hybrid PQC KEM groups. Some practically unused groups were removed from the default list. - The default TLS keyshares have been changed to offer X25519MLKEM768 and and X25519. - All BIO_meth_get_*() functions were deprecated. * New features: - Support for server side QUIC (RFC 9000) - Support for 3rd party QUIC stacks including 0-RTT support - Support for PQC algorithms (ML-KEM, ML-DSA and SLH-DSA) - A new configuration option no-tls-deprecated-ec to disable support for TLS groups deprecated in RFC8422 - A new configuration option enable-fips-jitter to make the FIPS provider to use the JITTER seed source - Support for central key generation in CMP - Support added for opaque symmetric key objects (EVP_SKEY) - Support for multiple TLS keyshares and improved TLS key establishment group configurability - API support for pipelining in provided cipher algorithms * Remove patches: - openssl-3-disable-hmac-hw-acceleration-with-engine-digest.patch - openssl-3-support-CPACF-sha3-shake-perf-improvement.patch - openssl-3-add-defines-CPACF-funcs.patch - openssl-3-fix-memleak-s390x_HMAC_CTX_copy.patch - openssl-3-add-xof-state-handling-s3_absorb.patch - openssl-3-fix-state-handling-sha3_absorb_s390x.patch Pedro Monreal Gonzalez 2025-04-16 13:02:20 +00:00
  • a91f523eac Accepting request 1255522 from security:tls Ana Guerrero 2025-03-27 21:31:30 +00:00
  • fc3cc89792 Accepting request 1255099 from home:lmulling:branches:security:tls Pedro Monreal Gonzalez 2025-03-24 08:13:44 +00:00
  • ab574f714d Accepting request 1251128 from security:tls Dominique Leuenberger 2025-03-08 16:51:16 +00:00
  • d801e4b1ff - Introduce --without lto. When %{optflags} contains -flto=*, tests cases are also built using -flto=* which significantly increases build times, this option disables lto which improve iteration times when developing. Pedro Monreal Gonzalez 2025-03-07 08:17:54 +00:00
  • e992b24c38 Accepting request 1245244 from security:tls Ana Guerrero 2025-02-12 20:30:27 +00:00
  • 76e0808cc2 expected. [bsc#1236599, CVE-2024-12797] Pedro Monreal Gonzalez 2025-02-12 07:58:33 +00:00
  • ef668cd7fa - Update to 3.2.4: * Fixed RFC7250 handshakes with unauthenticated servers don't abort as expected. [CVE-2024-12797] * Fixed timing side-channel in ECDSA signature computation. [CVE-2024-13176] * Fixed possible OOB memory access with invalid low-level GF(2^m) elliptic curve parameters. [CVE-2024-9143] - Remove patch openssl-CVE-2024-13176.patch - Rebase patches: * openssl-3-add_EVP_DigestSqueeze_api.patch * openssl-DH-Disable-FIPS-186-4-type-parameters-in-FIPS-mode.patch * openssl-FIPS-RSA-encapsulate.patch * openssl-disable-fipsinstall.patch Pedro Monreal Gonzalez 2025-02-12 07:49:34 +00:00
  • e1389a0ce1 Accepting request 1240110 from security:tls Dominique Leuenberger 2025-01-25 18:09:48 +00:00
  • e5f6af2c44 - bsc#1236136 CVE-2024-13176: Fix timing side-channel in ECDSA signature computation * Add patch openssl-CVE-2024-13176.patch Pedro Monreal Gonzalez 2025-01-24 08:48:18 +00:00
  • 8853ae0bcf Accepting request 1234617 from security:tls Ana Guerrero 2025-01-05 14:27:00 +00:00
  • b062a1d507 - Add support for userspace livepatching on ppc64le (jsc#PED-11850). - Fix evp_properties section in the openssl.cnf file [bsc#1234647] * Rebase patches: - openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch - openssl-TESTS-Disable-default-provider-crypto-policies.patch Pedro Monreal Gonzalez 2025-01-02 18:17:13 +00:00
  • 5afc4138ca - Add support for userspace livepatching on ppc64le (jsc#PED-10952). - Use gcc-13 for ppc64le. Pedro Monreal Gonzalez 2025-01-02 08:25:49 +00:00
  • b3fd9c08d5 Accepting request 1223748 from security:tls Ana Guerrero 2024-11-13 14:26:48 +00:00
  • de90bec471 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=125 Pedro Monreal Gonzalez 2024-11-12 16:03:34 +00:00
  • 5683a46d7c OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=124 Pedro Monreal Gonzalez 2024-11-11 09:13:41 +00:00
  • a17015e560 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=123 Pedro Monreal Gonzalez 2024-11-11 07:53:58 +00:00
  • 45b932767a Accepting request 1221596 from security:tls Ana Guerrero 2024-11-06 15:49:16 +00:00
  • 8c598ed63d - Support MSA 11 HMAC on s390x jsc#PED-10273 * Add openssl-3-disable-hmac-hw-acceleration-with-engine-digest.patch * Add openssl-3-fix-hmac-digest-detection-s390x.patch * Add openssl-3-fix-memleak-s390x_HMAC_CTX_copy.patch Pedro Monreal Gonzalez 2024-11-05 19:08:08 +00:00
  • dcc7abb986 Accepting request 1217013 from security:tls Ana Guerrero 2024-10-29 13:32:23 +00:00
  • 6e95485a74 - Update to 3.1.7: * Major changes between OpenSSL 3.1.6 and OpenSSL 3.1.7 [3 Sep 2024] - Fixed possible denial of service in X.509 name checks (CVE-2024-6119) - Fixed possible buffer overread in SSL_select_next_proto() (CVE-2024-5535) * Major changes between OpenSSL 3.1.5 and OpenSSL 3.1.6 [4 Jun 2024] - Fixed potential use after free after SSL_free_buffers() is called (CVE-2024-4741) - Fixed an issue where checking excessively long DSA keys or parameters may be very slow (CVE-2024-4603) - Fixed unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511) * Major changes between OpenSSL 3.1.4 and OpenSSL 3.1.5 [30 Jan 2024] - Fixed PKCS12 Decoding crashes (CVE-2024-0727) - Fixed Excessive time spent checking invalid RSA public keys [CVE-2023-6237) - Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC CPUs which support PowerISA 2.07 (CVE-2023-6129) - Fix excessive time spent in DH check / generation with large Q parameter value (CVE-2023-5678) * Update openssl.keyring with BA5473A2B0587B07FB27CF2D216094DFD0CB81EF * Rebase patches: - openssl-Force-FIPS.patch - openssl-FIPS-embed-hmac.patch - openssl-FIPS-services-minimize.patch - openssl-FIPS-RSA-disable-shake.patch - openssl-CVE-2023-50782.patch * Remove patches fixed in the update: - openssl-Improve-performance-for-6x-unrolling-with-vpermxor-i.patch - openssl-CVE-2024-6119.patch openssl-CVE-2024-5535.patch Pedro Monreal Gonzalez 2024-10-22 12:02:36 +00:00
  • f15b6cf3be Accepting request 1208827 from security:tls Ana Guerrero 2024-10-20 08:02:58 +00:00
  • 05037720cc * Added openssl-CVE-2024-41996.patch Pedro Monreal Gonzalez 2024-10-18 08:58:53 +00:00
  • aaffc1c436 - Security fix: [bsc#1231741, CVE-2024-9143] * Low-level invalid GF(2^m) parameters lead to OOB memory access * Add openssl-CVE-2024-9143.patch Pedro Monreal Gonzalez 2024-10-18 08:55:02 +00:00
  • 0ed017ed4c Accepting request 1202944 from security:tls Ana Guerrero 2024-09-25 19:51:14 +00:00
  • e20eeb46a1 - Security fix: [bsc#1230698, CVE-2024-41996] * Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used * Added openssl-CVE-2024-41996.patch Pedro Monreal Gonzalez 2024-09-24 12:22:05 +00:00
  • 625347398c Accepting request 1198659 from security:tls Ana Guerrero 2024-09-05 13:45:58 +00:00
  • b76e72dd67 - Security fix: [bsc#1229465, CVE-2024-6119] * possible denial of service in X.509 name checks * openssl-CVE-2024-6119.patch Pedro Monreal Gonzalez 2024-09-04 08:01:42 +00:00
  • 544f685d38 Accepting request 1192379 from security:tls Dominique Leuenberger 2024-08-14 12:14:36 +00:00
  • 6bc57d937f - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] * SHA-1 is not allowed anymore in FIPS 186-5 for signature verification operations. After 12/31/2030, NIST will disallow SHA-1 for all of its usages. * Add openssl-3-FIPS-Deny-SHA-1-sigver-in-FIPS-provider.patch Pedro Monreal Gonzalez 2024-08-07 21:54:42 +00:00
  • 0101050f9d Accepting request 1189313 from security:tls Dominique Leuenberger 2024-07-26 14:12:26 +00:00
  • 078276e0f4 Accepting request 1189310 from home:pmonrealgonzalez:branches:security:tls Pedro Monreal Gonzalez 2024-07-24 06:29:07 +00:00
  • 4bad59c768 Accepting request 1189030 from home:pmonrealgonzalez:branches:security:tls Pedro Monreal Gonzalez 2024-07-22 13:04:55 +00:00
  • aa970d108e Accepting request 1188975 from home:pmonrealgonzalez:branches:security:tls Pedro Monreal Gonzalez 2024-07-22 09:57:50 +00:00
  • 2d6b81ba83 Accepting request 1187470 from security:tls Ana Guerrero 2024-07-16 20:02:07 +00:00
  • 8889b85855 Add reproducible.patch to fix bsc#1223336 aes-gcm-avx512.pl: fix non-reproducibility issue Pedro Monreal Gonzalez 2024-07-15 06:38:50 +00:00
  • 3597e0200f Accepting request 1178897 from security:tls Ana Guerrero 2024-06-07 13:01:41 +00:00
  • 894b22b184 Accepting request 1178810 from home:mwilck:branches:security:tls Otto Hollmann 2024-06-06 06:49:30 +00:00
  • 82987bb3e6 Accepting request 1175444 from security:tls Ana Guerrero 2024-05-23 13:34:05 +00:00
  • d526b57c70 Accepting request 1175345 from home:ohollmann:branches:security:tls Otto Hollmann 2024-05-21 07:20:01 +00:00
  • 9076d418a2 Accepting request 1172941 from security:tls Dominique Leuenberger 2024-05-11 16:18:55 +00:00
  • 6ed66302c1 Accepting request 1172786 from home:gbelinassi:branches:security:tls Otto Hollmann 2024-05-09 13:24:04 +00:00
  • a1a6f75253 Accepting request 1172431 from security:tls Dominique Leuenberger 2024-05-09 10:07:13 +00:00
  • b5e1eac45b Accepting request 1172425 from home:ohollmann:branches:security:tls Otto Hollmann 2024-05-07 12:41:18 +00:00
  • d42e251a7a Accepting request 1153155 from security:tls Dominique Leuenberger 2024-03-01 22:33:54 +00:00
  • dd8f6feed8 Accepting request 1149993 from home:pmonrealgonzalez:branches:security:tls Otto Hollmann 2024-02-29 10:11:22 +00:00
  • 5ddfcb3ad7 Accepting request 1144625 from security:tls Ana Guerrero 2024-02-08 18:01:58 +00:00
  • 2376921425 Accepting request 1144624 from home:ohollmann:branches:security:tls Otto Hollmann 2024-02-06 14:05:56 +00:00
  • 1708d586dc Accepting request 1144347 from home:ohollmann:branches:security:tls Otto Hollmann 2024-02-06 12:39:08 +00:00
  • f329bbc5a1 Accepting request 1142584 from security:tls Ana Guerrero 2024-01-30 17:25:01 +00:00
  • 215566de79 Accepting request 1142575 from home:pmonrealgonzalez:branches:security:tls Pedro Monreal Gonzalez 2024-01-29 15:53:58 +00:00
  • be2dc0eb62 Accepting request 1141236 from home:ohollmann:branches:security:tls Pedro Monreal Gonzalez 2024-01-24 12:36:32 +00:00
  • 53a0a66cd9 to openssl-crypto-policies-support.patch Otto Hollmann 2024-01-18 16:19:01 +00:00
  • 376f963558 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=86 Otto Hollmann 2024-01-18 16:11:44 +00:00
  • 7957f2e845 Accepting request 1139750 from security:tls:unstable Otto Hollmann 2024-01-18 15:17:04 +00:00
  • dd8139948c Accepting request 1139148 from home:ohollmann:branches:security:tls Otto Hollmann 2024-01-16 11:34:56 +00:00
  • 818a99a4d6 Accepting request 1138127 from home:ohollmann:branches:security:tls Otto Hollmann 2024-01-11 13:07:56 +00:00
  • 9825851069 Accepting request 1131607 from home:Guillaume_G:PAC_BTI Otto Hollmann 2023-12-08 07:15:05 +00:00
  • b29904586e Accepting request 1130970 from home:ohollmann:branches:security:tls Otto Hollmann 2023-12-05 11:55:06 +00:00
  • 259f0441ec Accepting request 1129505 from home:ohollmann:branches:security:tls Otto Hollmann 2023-11-28 11:04:23 +00:00
  • 1bae1185e6 Accepting request 1126784 from security:tls Ana Guerrero 2023-11-17 19:47:55 +00:00
  • 737365e2ce Accepting request 1126089 from home:ohollmann:branches:security:tls Otto Hollmann 2023-11-15 09:54:25 +00:00
  • 6c66e1ec52 Accepting request 1120189 from security:tls Ana Guerrero 2023-10-27 20:27:00 +00:00
  • 69a932c2a0 Accepting request 1120051 from security:tls:unstable Otto Hollmann 2023-10-24 16:01:48 +00:00
  • 75ca6a87ba Accepting request 1118892 from security:tls Ana Guerrero 2023-10-20 21:17:16 +00:00
  • 6fa380a834 Accepting request 1117440 from home:jengelh:man Otto Hollmann 2023-10-19 09:40:34 +00:00
  • 4500e3f99f Accepting request 1113690 from security:tls Ana Guerrero 2023-09-29 19:12:21 +00:00
  • dff8b6b524 Accepting request 1112471 from home:ohollmann:branches:security:tls Otto Hollmann 2023-09-20 07:23:48 +00:00
  • 26aeca1040 Accepting request 1101934 from security:tls Dominique Leuenberger 2023-08-04 13:02:42 +00:00
  • ae873c4025 Accepting request 1101930 from home:pmonrealgonzalez:branches:security:tls Pedro Monreal Gonzalez 2023-08-02 10:04:19 +00:00
  • a9ef9b6a79 Accepting request 1099669 from security:tls Ana Guerrero 2023-07-24 16:11:36 +00:00
  • 79c28ad03b Accepting request 1099662 from home:pmonrealgonzalez:branches:security:tls Pedro Monreal Gonzalez 2023-07-20 08:41:29 +00:00
  • 0ed0686753 Accepting request 1099214 from home:pmonrealgonzalez:branches:security:tls Pedro Monreal Gonzalez 2023-07-18 09:07:15 +00:00
  • a48883733f Accepting request 1095607 from security:tls Dominique Leuenberger 2023-06-29 15:27:49 +00:00
  • b496b916bd - Improve cross-package provides/conflicts [boo#1210313] * Add Provides/Conflicts: ssl-devel * Remove explicit conflicts with other devel-libraries * Remove Provides: openssl(cli) - it's managed by meta package Otto Hollmann 2023-06-21 13:05:11 +00:00
  • ad1bcf2871 Accepting request 1089933 from security:tls Dominique Leuenberger 2023-06-01 15:18:42 +00:00
  • e5f5639ff0 Accepting request 1089931 from security:tls:unstable Otto Hollmann 2023-05-31 07:04:29 +00:00
  • a451b8be27 Accepting request 1089847 from security:tls:unstable Otto Hollmann 2023-05-30 16:00:51 +00:00
  • 0ddca788f5 Accepting request 1075338 from home:ohollmann:branches:security:tls Otto Hollmann 2023-03-29 19:28:53 +00:00
  • 835b3ad63f Accepting request 1075073 from security:tls:unstable Otto Hollmann 2023-03-29 07:57:50 +00:00
  • e4ef647823 Accepting request 1074731 from home:ohollmann:branches:security:tls Otto Hollmann 2023-03-27 15:13:59 +00:00
  • bcd1eb4d85 Accepting request 1074653 from home:ohollmann:branches:security:tls Otto Hollmann 2023-03-27 11:56:02 +00:00
  • b14bb06ffe Accepting request 1071820 from security:tls:unstable Otto Hollmann 2023-03-14 16:01:30 +00:00
  • 7fbc471cd4 Accepting request 1070585 from security:tls Dominique Leuenberger 2023-03-12 15:22:18 +00:00