openssl

pool/openssl

SHA256

Fork 2

Commit Graph

Author	SHA256	Message	Date
Dominique Leuenberger	bdf3209e96	Accepting request 310849 from Base:System - update to 1.0.2a * Major changes since 1.0.1: - Suite B support for TLS 1.2 and DTLS 1.2 - Support for DTLS 1.2 - TLS automatic EC curve selection. - API to set TLS supported signature algorithms and curves - SSL_CONF configuration API. - TLS Brainpool support. - ALPN support. - CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH. - packaging changes: * merged patches modifying CIPHER_LIST into one, dropping: - openssl-1.0.1e-add-suse-default-cipher-header.patch - openssl-libssl-noweakciphers.patch * fix a manpage with invalid name - added openssl-fix_invalid_manpage_name.patch * remove a missing fips function - openssl-missing_FIPS_ec_group_new_by_curve_name.patch * reimported patches from Fedora dropped patches: - openssl-1.0.1c-default-paths.patch - openssl-1.0.1c-ipv6-apps.patch - openssl-1.0.1e-fips-ctor.patch - openssl-1.0.1e-fips-ec.patch - openssl-1.0.1e-fips.patch - openssl-1.0.1e-new-fips-reqs.patch - VIA_padlock_support_on_64systems.patch added patches: - openssl-1.0.2a-default-paths.patch - openssl-1.0.2a-fips-ctor.patch (forwarded request 309611 from vitezslav_cizek) OBS-URL: https://build.opensuse.org/request/show/310849 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=127	2015-06-08 06:25:56 +00:00
Stephan Kulow	6a3418284a	Accepting request 233553 from Base:System - Add upstream patches fixing coverity scan issues: * 0018-fix-coverity-issues-966593-966596.patch * 0020-Initialize-num-properly.patch * 0022-bignum-allow-concurrent-BN_MONT_CTX_set_locked.patch * 0023-evp-prevent-underflow-in-base64-decoding.patch * 0024-Fixed-NULL-pointer-dereference-in-PKCS7_dataDecode-r.patch * 0025-fix-coverity-issue-966597-error-line-is-not-always-i.patch - Update 0001-libcrypto-Hide-library-private-symbols.patch to cover more private symbols, now 98% complete and probably not much more can be done to fix the rest of the ill-defined API. - openssl-fips-hidden.patch new, hides private symbols added by the FIPS patches. - openssl-no-egd.patch disable the EGD (entropy gathering daemon) interface, we have no EGD in the distro and obtaining entropy from a place other than /dev/*random, the hardware rng or the openSSL internal PRNG is an extremely bad & dangerous idea. - use secure_getenv instead of getenv everywhere. (forwarded request 233217 from elvigia) OBS-URL: https://build.opensuse.org/request/show/233553 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=117	2014-05-14 08:26:07 +00:00

Author

SHA256

Message

Date

Dominique Leuenberger

bdf3209e96

Accepting request 310849 from Base:System

- update to 1.0.2a
  * Major changes since 1.0.1:
    - Suite B support for TLS 1.2 and DTLS 1.2
    - Support for DTLS 1.2
    - TLS automatic EC curve selection.
    - API to set TLS supported signature algorithms and curves
    - SSL_CONF configuration API.
    - TLS Brainpool support.
    - ALPN support.
    - CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
- packaging changes:
  * merged patches modifying CIPHER_LIST into one, dropping:
    - openssl-1.0.1e-add-suse-default-cipher-header.patch
    - openssl-libssl-noweakciphers.patch
  * fix a manpage with invalid name
    - added openssl-fix_invalid_manpage_name.patch
  * remove a missing fips function
    - openssl-missing_FIPS_ec_group_new_by_curve_name.patch
  * reimported patches from Fedora
    dropped patches:
    - openssl-1.0.1c-default-paths.patch
    - openssl-1.0.1c-ipv6-apps.patch
    - openssl-1.0.1e-fips-ctor.patch
    - openssl-1.0.1e-fips-ec.patch
    - openssl-1.0.1e-fips.patch
    - openssl-1.0.1e-new-fips-reqs.patch
    - VIA_padlock_support_on_64systems.patch
    added patches:
    - openssl-1.0.2a-default-paths.patch
    - openssl-1.0.2a-fips-ctor.patch (forwarded request 309611 from vitezslav_cizek)

OBS-URL: https://build.opensuse.org/request/show/310849
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=127

2015-06-08 06:25:56 +00:00

Stephan Kulow

6a3418284a

Accepting request 233553 from Base:System

- Add upstream patches fixing coverity scan issues:
* 0018-fix-coverity-issues-966593-966596.patch
* 0020-Initialize-num-properly.patch
* 0022-bignum-allow-concurrent-BN_MONT_CTX_set_locked.patch
* 0023-evp-prevent-underflow-in-base64-decoding.patch
* 0024-Fixed-NULL-pointer-dereference-in-PKCS7_dataDecode-r.patch
* 0025-fix-coverity-issue-966597-error-line-is-not-always-i.patch
- Update 0001-libcrypto-Hide-library-private-symbols.patch
  to cover more private symbols, now 98% complete and probably
  not much more can be done to fix the rest of the ill-defined API.
- openssl-fips-hidden.patch new, hides private symbols added by the
  FIPS patches.
- openssl-no-egd.patch disable the EGD (entropy gathering daemon)
  interface, we have no EGD in the distro and obtaining entropy from
  a place other than /dev/*random, the hardware rng or the openSSL
  internal PRNG is an extremely bad & dangerous idea.
- use secure_getenv instead of getenv everywhere. (forwarded request 233217 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/233553
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=117

2014-05-14 08:26:07 +00:00

2 Commits