From 217a612d5a15cb1b8b995c43a437e156604d09be70f01952c68becdb13f2de11 Mon Sep 17 00:00:00 2001 From: Stephan Kulow Date: Tue, 24 Nov 2015 21:31:51 +0000 Subject: [PATCH] Accepting request 345044 from devel:libraries:c_c++ - Update to 1.3.15 OBS-URL: https://build.opensuse.org/request/show/345044 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mbedtls?expand=0&rev=6 --- mbedtls-1.3.14-gpl.tgz | 3 --- mbedtls-1.3.15-gpl.tgz | 3 +++ mbedtls.changes | 33 +++++++++++++++++++++++++++++++++ mbedtls.spec | 2 +- 4 files changed, 37 insertions(+), 4 deletions(-) delete mode 100644 mbedtls-1.3.14-gpl.tgz create mode 100644 mbedtls-1.3.15-gpl.tgz diff --git a/mbedtls-1.3.14-gpl.tgz b/mbedtls-1.3.14-gpl.tgz deleted file mode 100644 index 8919f2d..0000000 --- a/mbedtls-1.3.14-gpl.tgz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:be76915bc406b4c4109629624baa5bf610a805d9976404e4086d44e5e6c86ff8 -size 1744343 diff --git a/mbedtls-1.3.15-gpl.tgz b/mbedtls-1.3.15-gpl.tgz new file mode 100644 index 0000000..9b541db --- /dev/null +++ b/mbedtls-1.3.15-gpl.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ed0be9905ba08f614772ac2b6dcce0c65cf3fb235cab7e6894838efc19518da3 +size 1758935 diff --git a/mbedtls.changes b/mbedtls.changes index 3806ba0..997303f 100644 --- a/mbedtls.changes +++ b/mbedtls.changes @@ -1,3 +1,36 @@ +------------------------------------------------------------------- +Wed Nov 18 13:29:03 UTC 2015 - mpluskal@suse.com + +- Update to 1.3.15 + * Fix potential double free if ssl_set_psk() is called more than once and + some allocation fails. Cannot be forced remotely. Found by Guido Vranken, + Intelworks. + * Fix potential heap corruption on Windows when + x509_crt_parse_path() is passed a path longer than 2GB. Cannot be + triggered remotely. Found by Guido Vranken, Intelworks. + * Fix potential buffer overflow in some asn1_write_xxx() functions. + Cannot be triggered remotely unless you create X.509 certificates based + on untrusted input or write keys of untrusted origin. Found by Guido + Vranken, Intelworks. + * The X509 max_pathlen constraint was not enforced on intermediate + certificates. Found by Nicholas Wilson, fix and tests provided by + Janos Follath. #280 and #319 + * Self-signed certificates were not excluded from pathlen counting, + resulting in some valid X.509 being incorrectly rejected. Found and fix + provided by Janos Follath. #319 + * Fix bug causing some handshakes to fail due to some non-fatal alerts not + begin properly ignored. Found by mancha and Kasom Koht-arsa, #308 + * Fix build error with configurations where ECDHE-PSK is the only key + exchange. Found and fix provided by Chris Hammond. #270 + * Fix failures in MPI on Sparc(64) due to use of bad assembly code. + Found by Kurt Danielson. #292 + * Fix typo in name of the extKeyUsage OID. Found by inestlerode, #314 + * Fix bug in ASN.1 encoding of booleans that caused generated CA + certificates to be rejected by some applications, including OS X + Keychain. Found and fixed by Jonathan Leroy, Inikup. + * Fix "Destination buffer is too small" error in cert_write program. + Found and fixed by Jonathan Leroy, Inikup. + ------------------------------------------------------------------- Thu Oct 8 06:53:02 UTC 2015 - mpluskal@suse.com diff --git a/mbedtls.spec b/mbedtls.spec index 064a148..8ac59c0 100644 --- a/mbedtls.spec +++ b/mbedtls.spec @@ -18,7 +18,7 @@ %define lib_name lib%{name}9 Name: mbedtls -Version: 1.3.14 +Version: 1.3.15 Release: 0 Summary: Open Source embedded SSL/TLS cryptographic library License: GPL-2.0+