pool/openssl
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
209 Commits 1 Branch 0 Tags 2.5 MiB
factory
Commit Graph

3 Commits

Author SHA256 Message Date
Dominique Leuenberger
9d1003ce7d Accepting request 492985 from security:tls 
- Provide pkgconfig(openssl)

- Provide basic baselibs.conf for 32bit subpackages
- Specify this package as noarch (as we just provide README files)

- Fix typo in openssl requires
- Add dependency on the branched devel package
- Provide all pkgconfig symbols to hide them in versioned subpkgs
- This allows us to propagate only the preffered version of openssl
  while allowing us to add extra openssl only as additional dependency

- Remove the ssl provides as it is applicable for only those that
  really provide it

- Prepare to split to various subpackages converting main one to
  dummy package
- Reduce to only provide main pkg and devel and depend on proper
  soversioned package
- Version in this package needs to be synced with the one provided
  by the split package
- Remove all the patches, now in the proper versioned namespace:
  * merge_from_0.9.8k.patch
  * openssl-1.0.0-c_rehash-compat.diff
  * bug610223.patch
  * openssl-ocloexec.patch
  * openssl-1.0.2a-padlock64.patch
  * openssl-fix-pod-syntax.diff
  * openssl-truststore.patch
  * compression_methods_switch.patch
  * 0005-libssl-Hide-library-private-symbols.patch

OBS-URL: https://build.opensuse.org/request/show/492985
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=138
 2017-05-18 18:46:33 +00:00
Yuchen Lin
491c541700 Accepting request 485219 from Base:System 
- Remove O3 from optflags, no need to not rely on distro wide settings
- Remove conditions for sle10 and sle11, we care only about sle12+
- USE SUSE instead of SuSE in readme
- Pass over with spec-cleaner (forwarded request 485192 from scarabeus_iv)

OBS-URL: https://build.opensuse.org/request/show/485219
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=137
 2017-04-11 07:29:32 +00:00
Stephan Kulow
0985bc43b2 Accepting request 245642 from Base:System 
- openssl.keyring: the 1.0.1i release was done by 
  Matt Caswell <matt@openssl.org> UK 0E604491

- rename README.SuSE (old spelling) to README.SUSE (bnc#889013)

- update to 1.0.1i
  * Fix SRP buffer overrun vulnerability. Invalid parameters passed to the
    SRP code can be overrun an internal buffer. Add sanity check that
    g, A, B < N to SRP code.
    (CVE-2014-3512)
  * A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate
    TLS 1.0 instead of higher protocol versions when the ClientHello message
    is badly fragmented. This allows a man-in-the-middle attacker to force a
    downgrade to TLS 1.0 even if both the server and the client support a
    higher protocol version, by modifying the client's TLS records.
    (CVE-2014-3511)
  * OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject
    to a denial of service attack. A malicious server can crash the client
    with a null pointer dereference (read) by specifying an anonymous (EC)DH
    ciphersuite and sending carefully crafted handshake messages.
    (CVE-2014-3510)
  * By sending carefully crafted DTLS packets an attacker could cause openssl
    to leak memory. This can be exploited through a Denial of Service attack.
    (CVE-2014-3507)
  * An attacker can force openssl to consume large amounts of memory whilst
    processing DTLS handshake messages. This can be exploited through a
    Denial of Service attack.
    (CVE-2014-3506)
  * An attacker can force an error condition which causes openssl to crash
    whilst processing DTLS packets due to memory being freed twice. This

OBS-URL: https://build.opensuse.org/request/show/245642
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=121
 2014-08-25 09:03:07 +00:00