1a7003e813
- Use find -exec +. Replace `pwd` by simply $PWD. - Drop Obsoletes on libopenssl1*. libopenssl3 has a new SONAME and does not conflict with anything previously. OBS-URL: https://build.opensuse.org/request/show/808417 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=8
66 lines
3.3 KiB
Plaintext
66 lines
3.3 KiB
Plaintext
-------------------------------------------------------------------
|
|
Sat May 23 14:06:54 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Use find -exec +. Replace `pwd` by simply $PWD.
|
|
- Drop Obsoletes on libopenssl1*. libopenssl3 has a new SONAME and
|
|
does not conflict with anything previously.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 20 12:46:24 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
|
|
|
|
- Obsolete openssl 1.1
|
|
- Update baselibs.conf
|
|
- Set man page permissions to 644
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 15 15:29:05 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
|
|
|
|
- Update to 3.0.0 Alpha 2
|
|
- drop obsolete version.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 23 19:49:05 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
|
|
|
|
- Initial packaging 3.0.0 Alpha 1
|
|
* Major Release
|
|
OpenSSL 3.0 is a major release and consequently any application
|
|
that currently uses an older version of OpenSSL will at the
|
|
very least need to be recompiled in order to work with the new version.
|
|
It is the intention that the large majority of applications will
|
|
work unchanged with OpenSSL 3.0 if those applications previously
|
|
worked with OpenSSL 1.1.1. However this is not guaranteed and
|
|
some changes may be required in some cases.
|
|
* Providers and FIPS support
|
|
Providers collect together and make available algorithm implementations.
|
|
With OpenSSL 3.0 it is possible to specify, either programmatically
|
|
or via a config file, which providers you want to use for any given application
|
|
* Low Level APIs
|
|
Use of the low level APIs have been deprecated.
|
|
* Legacy Algorithms
|
|
Some cryptographic algorithms that were available via the EVP APIs
|
|
are now considered legacy and their use is strongly discouraged.
|
|
These legacy EVP algorithms are still available in OpenSSL 3.0 but not by default.
|
|
If you want to use them then you must load the legacy provider.
|
|
* Engines and "METHOD" APIs
|
|
The ENGINE API and any function that creates or modifies custom "METHODS"
|
|
are being deprecated in OpenSSL 3.0
|
|
Authors and maintainers of external engines are strongly encouraged to
|
|
refactor their code transforming engines into providers using
|
|
the new Provider API and avoiding deprecated methods.
|
|
* Versioning Scheme
|
|
The OpenSSL versioning scheme has changed with the 3.0 release.
|
|
The new versioning scheme has this format: MAJOR.MINOR.PATCH
|
|
The patch level is indicated by the third number instead of a letter
|
|
at the end of the release version number.
|
|
A change in the second (MINOR) number indicates that new features may have been added.
|
|
OpenSSL versions with the same major number are API and ABI compatible.
|
|
If the major number changes then API and ABI compatibility is not guaranteed.
|
|
* Other major new features
|
|
Implementation of the Certificate Management Protocol (CMP, RFC 4210)
|
|
also covering CRMF (RFC 4211) and HTTP transfer (RFC 6712).
|
|
A proper HTTP(S) client in libcrypto supporting GET and POST,
|
|
redirection, plain and ASN.1-encoded contents, proxies, and timeouts
|
|
EVP_KDF APIs have been introduced for working with Key Derivation Functions
|
|
EVP_MAC APIs have been introduced for working with MACs
|
|
Support for Linux Kernel TLS
|