rpm/openssl-1_1
SHA256
1
0
Fork 0
forked from pool/openssl-1_1
Code Pull Requests Activity
90 Commits 2 Branches 0 Tags 34 MiB
ba6be953da
Commit Graph

3 Commits

Author SHA256 Message Date
Pedro Monreal Gonzalez
8cce2e6a14 Accepting request 960455 from home:pmonrealgonzalez:branches:security:tls 
- Security fix: [bsc#1192820, CVE-2002-20001]
  * Fix DHEATER: The Diffie-Hellman Key Agreement Protocol allows
    remote attackers (from the client side) to send arbitrary
    numbers that are actually not public keys, and trigger
    expensive server-side DHE calculation.
  * Stop recommending the DHE in SSL_DEFAULT_SUSE_CIPHER_LIST
  * Rebase openssl-DEFAULT_SUSE_cipher.patch

- Fix the engines section in /etc/ssl/openssl.cnf [bsc#1194187]
  * In an INI-type file, the sections begin with a [section_name]
    and they run until the next section begins.
  * Rebase openssl-1_1-use-include-directive.patch

OBS-URL: https://build.opensuse.org/request/show/960455
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=107
 2022-03-09 11:25:28 +00:00
Vítězslav Čížek
a3426a21a5 Accepting request 635009 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1 release
  * This is the first official release of the OpenSSL 1.1.1 branch
    which brings TLS 1.3 support
- remove all TLS 1.3 ciphers from the DEFAULT_SUSE cipher list as they
  are configured differently
  * modified openssl-DEFAULT_SUSE_cipher.patch
- drop obsolete openssl-pretend_we_are_not_beta.patch

OBS-URL: https://build.opensuse.org/request/show/635009
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=22
 2018-09-11 15:12:55 +00:00
Vítězslav Čížek
3e8cec6722 Accepting request 631304 from home:vitezslav_cizek:branches:security:tls 
- Update to 1.1.1-pre9 (Beta 7)
  * Support for TLSv1.3 added
  * Move the display of configuration data to configdata.pm.
  * Allow GNU style "make variables" to be used with Configure.
  * Add a STORE module (OSSL_STORE)
  * Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes
  * Add multi-prime RSA (RFC 8017) support
  * Add SM3 implemented according to GB/T 32905-2016
  * Add SM4 implemented according to GB/T 32907-2016.
  * Add 'Maximum Fragment Length' TLS extension negotiation and support
  * Add ARIA support
  * Add SHA3
  * Rewrite of devcrypto engine
  * Add support for SipHash
  * Grand redesign of the OpenSSL random generator
- pretend the release is not a Beta, to avoid "OpenSSL version mismatch"
  with OpenSSH
  * add openssl-pretend_we_are_not_beta.patch
- drop FIPS support
  * don't build with FIPS mode (not supported in 1.1.1)
  * don't create the -hmac subpackages
  - drop FIPS patches
    * openssl-fips-clearerror.patch
    * openssl-fips-dont-fall-back-to-default-digest.patch
    * openssl-fips-dont_run_FIPS_module_installed.patch
    * openssl-fips-fix-odd-rsakeybits.patch
    * openssl-fips-rsagen-d-bits.patch
    * openssl-fips-selftests_in_nonfips_mode.patch
    * openssl-fips_disallow_ENGINE_loading.patch
    * openssl-rsakeygen-minimum-distance.patch

OBS-URL: https://build.opensuse.org/request/show/631304
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=19
 2018-08-24 10:39:49 +00:00