Accepting request 345044 from devel:libraries:c_c++

- Update to 1.3.15

OBS-URL: https://build.opensuse.org/request/show/345044
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mbedtls?expand=0&rev=6

mbedtls-1.3.14-gpl.tgz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:be76915bc406b4c4109629624baa5bf610a805d9976404e4086d44e5e6c86ff8
-size 1744343

mbedtls-1.3.15-gpl.tgz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ed0be9905ba08f614772ac2b6dcce0c65cf3fb235cab7e6894838efc19518da3
+size 1758935

mbedtls.changes

@@ -1,3 +1,36 @@
+-------------------------------------------------------------------
+Wed Nov 18 13:29:03 UTC 2015 - mpluskal@suse.com
+
+- Update to 1.3.15
+  * Fix potential double free if ssl_set_psk() is called more than once and
+    some allocation fails. Cannot be forced remotely. Found by Guido Vranken,
+    Intelworks.
+  * Fix potential heap corruption on Windows when
+    x509_crt_parse_path() is passed a path longer than 2GB. Cannot be
+    triggered remotely. Found by Guido Vranken, Intelworks.
+  * Fix potential buffer overflow in some asn1_write_xxx() functions.
+    Cannot be triggered remotely unless you create X.509 certificates based
+    on untrusted input or write keys of untrusted origin. Found by Guido
+    Vranken, Intelworks.
+  * The X509 max_pathlen constraint was not enforced on intermediate
+    certificates. Found by Nicholas Wilson, fix and tests provided by
+    Janos Follath. #280 and #319
+  * Self-signed certificates were not excluded from pathlen counting,
+    resulting in some valid X.509 being incorrectly rejected. Found and fix
+    provided by Janos Follath. #319
+  * Fix bug causing some handshakes to fail due to some non-fatal alerts not
+    begin properly ignored. Found by mancha and Kasom Koht-arsa, #308
+  * Fix build error with configurations where ECDHE-PSK is the only key
+    exchange. Found and fix provided by Chris Hammond. #270
+  * Fix failures in MPI on Sparc(64) due to use of bad assembly code.
+    Found by Kurt Danielson. #292
+  * Fix typo in name of the extKeyUsage OID. Found by inestlerode, #314
+  * Fix bug in ASN.1 encoding of booleans that caused generated CA
+    certificates to be rejected by some applications, including OS X
+    Keychain. Found and fixed by Jonathan Leroy, Inikup.
+  * Fix "Destination buffer is too small" error in cert_write program.
+    Found and fixed by Jonathan Leroy, Inikup.
+
 -------------------------------------------------------------------
 Thu Oct  8 06:53:02 UTC 2015 - mpluskal@suse.com
 

mbedtls.spec

@@ -18,7 +18,7 @@
 
 %define lib_name lib%{name}9
 Name:           mbedtls
-Version:        1.3.14
+Version:        1.3.15
 Release:        0
 Summary:        Open Source embedded SSL/TLS cryptographic library
 License:        GPL-2.0+