Accepting request 102443 from Base:System

update to 1.0.0g

OBS-URL: https://build.opensuse.org/request/show/102443
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=72

openssl-1.0.0e.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d4cecef7f43d8adc75d7eb6aa9b96cbd8048d919fae6a9d4e89acedac3eabc33
-size 3222400

openssl-1.0.0g.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:191358567173d576dc110279285e14926751028e36d0760a4a6fab8348dccda7
+size 3215079

openssl.changes

@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Thu Feb  2 06:55:12 UTC 2012 - gjhe@suse.com
+
+- Update to version 1.0.0g fix the following:
+  DTLS DoS attack (CVE-2012-0050)
+
+-------------------------------------------------------------------
+Wed Jan 11 05:35:18 UTC 2012 - gjhe@suse.com
+
+- Update to version 1.0.0f fix the following:
+  DTLS Plaintext Recovery Attack (CVE-2011-4108)
+  Uninitialized SSL 3.0 Padding (CVE-2011-4576)
+  Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577)
+  SGC Restart DoS Attack (CVE-2011-4619)
+  Invalid GOST parameters DoS Attack (CVE-2012-0027) 
+
 -------------------------------------------------------------------
 Tue Oct 18 16:43:50 UTC 2011 - crrodriguez@opensuse.org
 

openssl.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package openssl
 #
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -30,9 +30,7 @@ AutoReqProv:    on
 %ifarch ppc64
 Obsoletes:      openssl-64bit
 %endif
-#
-#Version:        1.0.0
-Version:        1.0.0e
+Version:        1.0.0g
 Release:        1
 Summary:        Secure Sockets and Transport Layer Security
 Url:            http://www.openssl.org/