pool/openssl
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
169 Commits 1 Branch 0 Tags 2.5 MiB
33e78aed93
Commit Graph

169 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Otto Hollmann
33e78aed93 Accepting request 1089849 from home:ohollmann:branches:security:tls 
- Update to 3.1.1

OBS-URL: https://build.opensuse.org/request/show/1089849
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=48
 2023-05-30 16:00:41 +00:00
Otto Hollmann
0d4475652c Accepting request 1071823 from home:ohollmann:branches:security:tls 
- Update to 3.1.0

OBS-URL: https://build.opensuse.org/request/show/1071823
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=47
 2023-03-14 16:01:53 +00:00
Martin Pluskal
dda6eff298 Accepting request 1063661 from home:ohollmann:branches:security:tls 
- Update to 3.0.8

OBS-URL: https://build.opensuse.org/request/show/1063661
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=46
 2023-02-08 08:07:35 +00:00
Pedro Monreal Gonzalez
42b4266fec Accepting request 1062221 from security:tls:unstable 
- Update to 3.0.7
- Update to 3.0.6
- Update to 3.0.5
- Update to 3.0.4
- Update to 3.0.3
- Update to 3.0.2
- Update to 3.0.1
- Update to 3.0.0

- Update to 3.0.0 Beta 2

- Update to 3.0.0 Beta 1

- Update to 3.0.0 Alpha 17
- Update to 3.0.0 Alpha 16

- Update to 3.0.0 Alpha 15

- Update to 3.0.0 Alpha 14

- Update to 3.0.0 Alpha 13

- Update to 3.0.0 Alpha 12

- Update to 3.0.0 Alpha 11

- Update to 3.0.0 Alpha 10

- Update to 3.0.0 Alpha 9

OBS-URL: https://build.opensuse.org/request/show/1062221
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=45
 2023-01-31 12:14:59 +00:00
Pedro Monreal Gonzalez
941923fd38 Accepting request 1032888 from home:ohollmann:branches:security:tls 
- updated to 1.1.s release

OBS-URL: https://build.opensuse.org/request/show/1032888
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=44
 2022-11-02 13:56:42 +00:00
Marcus Meissner
98ac383496 Accepting request 987342 from home:msmeissn:branches:security:tls 
- updated to 1.1.q release

OBS-URL: https://build.opensuse.org/request/show/987342
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=43
 2022-07-07 07:35:38 +00:00
Marcus Meissner
59b58b2546 Accepting request 985241 from home:msmeissn:branches:security:tls 
- Update to 1.1.1p release

OBS-URL: https://build.opensuse.org/request/show/985241
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=42
 2022-06-27 07:48:29 +00:00
Marcus Meissner
21dec5ccdf Accepting request 981125 from home:msmeissn:branches:security:tls 
- Update to 1.1.1o release

OBS-URL: https://build.opensuse.org/request/show/981125
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=41
 2022-06-07 12:01:44 +00:00
Pedro Monreal Gonzalez
c70cc7d040 Accepting request 975096 from home:jengelh:branches:security:tls 
- Use same %description as openssl-3 (describe the software, not the project).

OBS-URL: https://build.opensuse.org/request/show/975096
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=40
 2022-05-09 10:35:25 +00:00
Pedro Monreal Gonzalez
0313fcccb9 Accepting request 961991 from home:pmonrealgonzalez:branches:security:tls 
- Update to 1.1.1n release

OBS-URL: https://build.opensuse.org/request/show/961991
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=39
 2022-03-15 18:24:42 +00:00
Pedro Monreal Gonzalez
700aeb30e6 Accepting request 942953 from home:pmonrealgonzalez:branches:security:tls 
- Update to 1.1.1m release

OBS-URL: https://build.opensuse.org/request/show/942953
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=38
 2022-01-03 08:42:05 +00:00
Pedro Monreal Gonzalez
ae4363981e Accepting request 914576 from home:pmonrealgonzalez:branches:security:tls 
- Update to 1.1.1l release

OBS-URL: https://build.opensuse.org/request/show/914576
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=37
 2021-08-27 11:05:13 +00:00
Pedro Monreal Gonzalez
61375c96e5 Accepting request 897175 from home:dimstar:Factory 
Do not provide ssl - it's the symbol used to conflict the various ssl implementations; fixup history, as this package could never exist like this

OBS-URL: https://build.opensuse.org/request/show/897175
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=36
 2021-06-03 11:06:47 +00:00
Pedro Monreal Gonzalez
03ad9b5de8 Accepting request 896339 from home:dimstar:Factory 
- Provide openssl(cli) and ssl by the meta package: Together with
  the suggests openssl in the base patterns, any consumer of these
  symbols should get the openssl meta package as candidate, which
  allows us to easier change the recommended default version.

OBS-URL: https://build.opensuse.org/request/show/896339
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=35
 2021-05-31 11:13:16 +00:00
Pedro Monreal Gonzalez
8c69be8980 Accepting request 881425 from home:jsikes:branches:security:tls 
Version update

OBS-URL: https://build.opensuse.org/request/show/881425
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=34
 2021-03-30 08:17:53 +00:00
Pedro Monreal Gonzalez
afb8eed7f6 Accepting request 873680 from home:pmonrealgonzalez:branches:security:tls 
- Update to 1.1.1j release

OBS-URL: https://build.opensuse.org/request/show/873680
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=33
 2021-02-22 12:20:11 +00:00
Pedro Monreal Gonzalez
de3e0f894d Accepting request 854069 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1i release

OBS-URL: https://build.opensuse.org/request/show/854069
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=32
 2020-12-14 11:22:10 +00:00
Pedro Monreal Gonzalez
ced74d8631 Accepting request 836173 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1h release

OBS-URL: https://build.opensuse.org/request/show/836173
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=31
 2020-09-23 06:41:04 +00:00
Martin Pluskal
76a7de0b98 Accepting request 796076 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1g release

OBS-URL: https://build.opensuse.org/request/show/796076
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=30
 2020-04-21 15:13:11 +00:00
Pedro Monreal Gonzalez
90ef91ed19 Accepting request 790181 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1f release

OBS-URL: https://build.opensuse.org/request/show/790181
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=29
 2020-03-31 14:27:25 +00:00
Vítězslav Čížek
9956f6eae8 Accepting request 787238 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1e release

OBS-URL: https://build.opensuse.org/request/show/787238
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=28
 2020-03-22 11:19:18 +00:00
Tomáš Chvátal
5605777932 Accepting request 753234 from home:dimstar:Factory 
Fix build in Staging:N with RPM 4.15

OBS-URL: https://build.opensuse.org/request/show/753234
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=27
 2019-12-03 13:04:43 +00:00
Pedro Monreal Gonzalez
101b1f684e Accepting request 730186 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1d release

OBS-URL: https://build.opensuse.org/request/show/730186
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=26
 2019-09-11 15:32:19 +00:00
Tomáš Chvátal
a4b427864c Accepting request 706514 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1c release

OBS-URL: https://build.opensuse.org/request/show/706514
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=25
 2019-05-30 13:21:00 +00:00
Tomáš Chvátal
010eeaff31 Accepting request 680155 from home:pmonrealgonzalez:branches:security:tls 
- Update to 1.1.1b release

OBS-URL: https://build.opensuse.org/request/show/680155
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=24
 2019-02-28 15:36:08 +00:00
Tomáš Chvátal
f89f52bf78 Accepting request 650514 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1a release

OBS-URL: https://build.opensuse.org/request/show/650514
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=23
 2018-11-20 14:58:06 +00:00
Vítězslav Čížek
ed50f7c230 Accepting request 635008 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1 release

OBS-URL: https://build.opensuse.org/request/show/635008
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=22
 2018-09-11 15:12:30 +00:00
Vítězslav Čížek
4455ff4fb3 Accepting request 631305 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1~pre9 (Beta 7)

OBS-URL: https://build.opensuse.org/request/show/631305
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=21
 2018-08-24 10:39:43 +00:00
Tomáš Chvátal
dcffbd897d Accepting request 629238 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.0i release

OBS-URL: https://build.opensuse.org/request/show/629238
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=20
 2018-08-14 16:24:37 +00:00
Tomáš Chvátal
1ab3b9a360 Accepting request 591685 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.0h release

OBS-URL: https://build.opensuse.org/request/show/591685
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=19
 2018-03-27 15:19:47 +00:00
Vítězslav Čížek
357c68ceaa Accepting request 578317 from home:vitezslav_cizek:branches:security:tls 
- update baselibs.conf

OBS-URL: https://build.opensuse.org/request/show/578317
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=18
 2018-02-20 11:18:04 +00:00
Vítězslav Čížek
450bc8968e Accepting request 577235 from home:vitezslav_cizek:branches:security:tls 
- change the sonum to 1.1, as all the minor versions keep ABI
  compatibility (bsc#1081335)

OBS-URL: https://build.opensuse.org/request/show/577235
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=17
 2018-02-16 12:13:39 +00:00
Vítězslav Čížek
3e27fb1ef2 Accepting request 539342 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.0g release

OBS-URL: https://build.opensuse.org/request/show/539342
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=16
 2017-11-06 15:49:22 +00:00
Tomáš Chvátal
3a7d8fec85 Accepting request 538520 from home:vitezslav_cizek:branches:security:tls 
- Revert version back to 1.0.2m to get security fixes quickly to
  Tumbleweed
  * OpenSSL Security Advisory [02 Nov 2017] (bsc#1066242,bsc#1056058)

OBS-URL: https://build.opensuse.org/request/show/538520
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=15
 2017-11-03 12:35:59 +00:00
Tomáš Chvátal
fdaa161c0b - Switch to 1.1.0f release as default again 
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=14
 2017-07-31 11:16:13 +00:00
Tomáš Chvátal
b52242687e Accepting request 509430 from home:vitezslav_cizek:branches:security:tls 
- Obsolete openssl-debuginfo
  * the package doesn't exist any more, has been replaced by
    openssl-{so_version}-debuginfo (bsc#1040172)

OBS-URL: https://build.opensuse.org/request/show/509430
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=13
 2017-07-11 12:03:16 +00:00
Tomáš Chvátal
d6bd27301a - Revert back to 1.0.2l for now so we get new fixes of 1.0 openssl 
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=12
 2017-06-26 09:13:37 +00:00
Tomáš Chvátal
0083957a62 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=11 2017-06-26 09:13:25 +00:00
Tomáš Chvátal
1329b4c8df - Revert back to 1.0.0l for now so we get new fixes of 1.0 openssl 
to tumbleweed

OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=10
 2017-06-23 15:24:24 +00:00
Tomáš Chvátal
2ce6cf08f7 - Update to 1.1.0f release 
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=9
 2017-05-29 10:17:01 +00:00
Tomáš Chvátal
1c3f141485 - Switch default to openssl-1.1.0 
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl?expand=0&rev=8
 2017-05-24 08:06:09 +00:00
Dominique Leuenberger
9d1003ce7d Accepting request 492985 from security:tls 
- Provide pkgconfig(openssl)

- Provide basic baselibs.conf for 32bit subpackages
- Specify this package as noarch (as we just provide README files)

- Fix typo in openssl requires
- Add dependency on the branched devel package
- Provide all pkgconfig symbols to hide them in versioned subpkgs
- This allows us to propagate only the preffered version of openssl
  while allowing us to add extra openssl only as additional dependency

- Remove the ssl provides as it is applicable for only those that
  really provide it

- Prepare to split to various subpackages converting main one to
  dummy package
- Reduce to only provide main pkg and devel and depend on proper
  soversioned package
- Version in this package needs to be synced with the one provided
  by the split package
- Remove all the patches, now in the proper versioned namespace:
  * merge_from_0.9.8k.patch
  * openssl-1.0.0-c_rehash-compat.diff
  * bug610223.patch
  * openssl-ocloexec.patch
  * openssl-1.0.2a-padlock64.patch
  * openssl-fix-pod-syntax.diff
  * openssl-truststore.patch
  * compression_methods_switch.patch
  * 0005-libssl-Hide-library-private-symbols.patch

OBS-URL: https://build.opensuse.org/request/show/492985
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=138
 2017-05-18 18:46:33 +00:00
Yuchen Lin
491c541700 Accepting request 485219 from Base:System 
- Remove O3 from optflags, no need to not rely on distro wide settings
- Remove conditions for sle10 and sle11, we care only about sle12+
- USE SUSE instead of SuSE in readme
- Pass over with spec-cleaner (forwarded request 485192 from scarabeus_iv)

OBS-URL: https://build.opensuse.org/request/show/485219
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=137
 2017-04-11 07:29:32 +00:00
Dominique Leuenberger
de4d1be4ab Accepting request 454260 from Base:System 
- fix X509_CERT_FILE path (bsc#1022271) and rename
  updated openssl-1.0.1e-truststore.diff to openssl-truststore.patch (forwarded request 454258 from vitezslav_cizek)

OBS-URL: https://build.opensuse.org/request/show/454260
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=136
 2017-02-07 10:57:29 +00:00
Dominique Leuenberger
f7574150c5 Accepting request 452919 from Base:System 
- Updated to openssl 1.0.2k
  - bsc#1009528 / CVE-2016-7055: openssl: Montgomery multiplication may produce incorrect results
  - bsc#1019334 / CVE-2016-7056: openssl: ECSDA P-256 timing attack key recovery
  - bsc#1022085 / CVE-2017-3731: openssl: Truncated packet could crash via OOB read
  - bsc#1022086 / CVE-2017-3732: openssl: BN_mod_exp may produce incorrect results on x86_64

OBS-URL: https://build.opensuse.org/request/show/452919
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=135
 2017-01-31 11:37:40 +00:00
Dominique Leuenberger
021091d55f Accepting request 433063 from Base:System 
- resume reading from /dev/urandom when interrupted by a signal
  (bsc#995075)
  * add openssl-randfile_fread_interrupt.patch

- add FIPS changes from SP2:
- fix problems with locking in FIPS mode (bsc#992120)
  * duplicates: bsc#991877, bsc#991193, bsc#990392, bsc#990428
    and bsc#990207
  * bring back openssl-fipslocking.patch
- drop openssl-fips_RSA_compute_d_with_lcm.patch (upstream)
  (bsc#984323)
- don't check for /etc/system-fips (bsc#982268)
  * add openssl-fips-dont_run_FIPS_module_installed.patch
- refresh openssl-fips-rsagen-d-bits.patch (forwarded request 431508 from vitezslav_cizek)

OBS-URL: https://build.opensuse.org/request/show/433063
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=134
 2016-10-10 14:17:30 +00:00
Dominique Leuenberger
6a01eea162 Accepting request 430498 from Base:System 
- update to openssl-1.0.2j
  * Missing CRL sanity check (CVE-2016-7052 bsc#1001148)

- OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)
  Severity: High
  * OCSP Status Request extension unbounded memory growth
    (CVE-2016-6304) (bsc#999666)
  Severity: Low
  * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)
  * Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)
  * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)
  * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)
  * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)
  * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
  * Birthday attack against 64-bit block ciphers (SWEET32)
    (CVE-2016-2183) (bsc#995359)
  * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)
  * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
  * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
- update to openssl-1.0.2i
  * remove patches:
    openssl-1.0.2a-new-fips-reqs.patch
    openssl-1.0.2e-fips.patch
  * add patches:
    openssl-1.0.2i-fips.patch
    openssl-1.0.2i-new-fips-reqs.patch

- fix crash in print_notice (bsc#998190)
  * add openssl-print_notice-NULL_crash.patch

OBS-URL: https://build.opensuse.org/request/show/430498
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=133
 2016-09-28 13:03:33 +00:00
Dominique Leuenberger
fa61203f41 Accepting request 393456 from Base:System 
- OpenSSL Security Advisory [3rd May 2016]
- update to 1.0.2h (boo#977584, boo#977663)
  * Prevent padding oracle in AES-NI CBC MAC check
     A MITM attacker can use a padding oracle attack to decrypt traffic
     when the connection uses an AES CBC cipher and the server support
     AES-NI.
     (CVE-2016-2107, boo#977616)
  * Fix EVP_EncodeUpdate overflow
     An overflow can occur in the EVP_EncodeUpdate() function which is used for
     Base64 encoding of binary data. If an attacker is able to supply very large
     amounts of input data then a length check can overflow resulting in a heap
     corruption.
     (CVE-2016-2105, boo#977614)
  * Fix EVP_EncryptUpdate overflow
     An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
     is able to supply very large amounts of input data after a previous call to
     EVP_EncryptUpdate() with a partial block then a length check can overflow
     resulting in a heap corruption.
     (CVE-2016-2106, boo#977615)
  * Prevent ASN.1 BIO excessive memory allocation
     When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
     a short invalid encoding can casuse allocation of large amounts of memory
     potentially consuming excessive resources or exhausting memory.
     (CVE-2016-2109, boo#976942)
  * EBCDIC overread
     ASN1 Strings that are over 1024 bytes can cause an overread in applications
     using the X509_NAME_oneline() function on EBCDIC systems. This could result
     in arbitrary stack data being returned in the buffer.
     (CVE-2016-2176, boo#978224)
  * Modify behavior of ALPN to invoke callback after SNI/servername (forwarded request 393446 from vitezslav_cizek)

OBS-URL: https://build.opensuse.org/request/show/393456
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=132
 2016-05-08 08:38:49 +00:00
Dominique Leuenberger
fa96b8cfdd Accepting request 390473 from Base:System 
1

OBS-URL: https://build.opensuse.org/request/show/390473
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=131
 2016-04-22 14:17:16 +00:00
Dominique Leuenberger
2ebd052507 Accepting request 363602 from Base:System 
- update to 1.0.2g (bsc#968044)
  * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
    Builds that are not configured with "enable-weak-ssl-ciphers" will not
    provide any "EXPORT" or "LOW" strength ciphers.
  * Disable SSLv2 default build, default negotiation and weak ciphers.  SSLv2
    is by default disabled at build-time.  Builds that are not configured with
    "enable-ssl2" will not support SSLv2.  Even if "enable-ssl2" is used,
    users who want to negotiate SSLv2 via the version-flexible SSLv23_method()
    will need to explicitly call either of:
        SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
    or
        SSL_clear_options(ssl, SSL_OP_NO_SSLv2);
    (CVE-2016-0800)
  * Fix a double-free in DSA code
     (CVE-2016-0705)
  * Disable SRP fake user seed to address a server memory leak.
     Add a new method SRP_VBASE_get1_by_user that handles the seed properly.
     (CVE-2016-0798)
  * Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
     (CVE-2016-0797)
  *) Side channel attack on modular exponentiation
     http://cachebleed.info.
     (CVE-2016-0702)
  *) Change the req app to generate a 2048-bit RSA/DSA key by default,
     if no keysize is specified with default_bits. This fixes an
     omission in an earlier change that changed all RSA/DSA key generation
     apps to use 2048 bits by default. (forwarded request 363599 from vitezslav_cizek)

OBS-URL: https://build.opensuse.org/request/show/363602
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=130
 2016-03-05 10:21:18 +00:00