rpm/openssl-1_1
SHA256
1
0
Fork 0
forked from pool/openssl-1_1
Code Pull Requests Activity
142 Commits 2 Branches 0 Tags 34 MiB
C 100%
28cda60acd
Go to file
Dominique Leuenberger 28cda60acd Accepting request 1089973 from security:tls 
- Update to 1.1.1u:
  * Mitigate for the time it takes for `OBJ_obj2txt` to translate gigantic
    OBJECT IDENTIFIER sub-identifiers to canonical numeric text form.
    OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical
    numeric text form.  For gigantic sub-identifiers, this would take a very
    long time, the time complexity being O(n^2) where n is the size of that
    sub-identifier.  (CVE-2023-2650, bsc#1211430)
    To mitigitate this, `OBJ_obj2txt()` will only translate an OBJECT
    IDENTIFIER to canonical numeric text form if the size of that OBJECT
    IDENTIFIER is 586 bytes or less, and fail otherwise.
    The basis for this restriction is RFC 2578 (STD 58), section 3.5. OBJECT
    IDENTIFIER values, which stipulates that OBJECT IDENTIFIERS may have at
    most 128 sub-identifiers, and that the maximum value that each sub-
    identifier may have is 2^32-1 (4294967295 decimal).
    For each byte of every sub-identifier, only the 7 lower bits are part of
    the value, so the maximum amount of bytes that an OBJECT IDENTIFIER with
    these restrictions may occupy is 32 * 128 / 7, which is approximately 586
    bytes.
    Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5
  * Reworked the Fix for the Timing Oracle in RSA Decryption
    (CVE-2022-4304, bsc#1207534). The previous fix for this timing side
    channel turned out to cause a severe 2-3x performance regression in the
    typical use case compared to 1.1.1s. The new fix uses existing constant
    time code paths, and restores the previous performance level while fully
    eliminating all existing timing side channels. The fix was developed by
    Bernd Edlinger with testing support by Hubert Kario.
  * Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention that
    it does not enable policy checking. Thanks to David Benjamin for
    discovering this issue. (CVE-2023-0466, bsc#1209873)
  * Fixed an issue where invalid certificate policies in leaf certificates are

OBS-URL: https://build.opensuse.org/request/show/1089973
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=45
2023-06-02 22:06:18 +00:00
.gitattributes - Renamed from openssl-1_1_0 (bsc#1081335) 2018-02-16 12:13:08 +00:00
.gitignore - Renamed from openssl-1_1_0 (bsc#1081335) 2018-02-16 12:13:08 +00:00
0001-s390x-assembly-pack-perlasm-support.patch Accepting request 708112 from home:vitezslav_cizek:branches:factory 2019-06-06 11:11:21 +00:00
0002-crypto-chacha-asm-chacha-s390x.pl-add-vx-code-path.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
0003-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
0004-s390x-assembly-pack-fix-formal-interface-bug-in-chac.patch Accepting request 708112 from home:vitezslav_cizek:branches:factory 2019-06-06 11:11:21 +00:00
0005-s390x-assembly-pack-import-chacha-from-cryptogams-re.patch Accepting request 708112 from home:vitezslav_cizek:branches:factory 2019-06-06 11:11:21 +00:00
0006-s390x-assembly-pack-import-poly-from-cryptogams-repo.patch Accepting request 708112 from home:vitezslav_cizek:branches:factory 2019-06-06 11:11:21 +00:00
baselibs.conf Accepting request 1089971 from security:tls:unstable 2023-05-31 09:13:51 +00:00
openssl-1_1-AES-GCM-performance-optimzation-with-stitched-method.patch Accepting request 1042846 from home:ohollmann:branches:security:tls 2022-12-14 09:46:30 +00:00
openssl-1_1-chacha20-performance-optimizations-for-ppc64le-with-.patch Accepting request 1042846 from home:ohollmann:branches:security:tls 2022-12-14 09:46:30 +00:00
openssl-1_1-disable-test_srp-sslapi.patch Accepting request 865443 from home:pmonrealgonzalez:branches:security:tls 2021-01-21 14:53:39 +00:00
openssl-1_1-FIPS-fix-error-reason-codes.patch Accepting request 954189 from home:pmonrealgonzalez:branches:security:tls 2022-02-14 12:37:47 +00:00
openssl-1_1-Fix-AES-GCM-on-Power-8-CPUs.patch Accepting request 1042984 from home:ohollmann:branches:security:tls 2022-12-14 20:20:45 +00:00
openssl-1_1-Fixed-conditional-statement-testing-64-and-256-bytes.patch Accepting request 1042846 from home:ohollmann:branches:security:tls 2022-12-14 09:46:30 +00:00
openssl-1_1-Fixed-counter-overflow.patch Accepting request 1042846 from home:ohollmann:branches:security:tls 2022-12-14 09:46:30 +00:00
openssl-1_1-openssl-config.patch Accepting request 1089971 from security:tls:unstable 2023-05-31 09:13:51 +00:00
openssl-1_1-Optimize-AES-GCM-uarchs.patch Accepting request 949750 from home:pmonrealgonzalez:branches:security:tls 2022-01-28 17:51:43 +00:00
openssl-1_1-Optimize-AES-XTS-aarch64.patch Accepting request 949750 from home:pmonrealgonzalez:branches:security:tls 2022-01-28 17:51:43 +00:00
openssl-1_1-Optimize-ppc64.patch Accepting request 949750 from home:pmonrealgonzalez:branches:security:tls 2022-01-28 17:51:43 +00:00
openssl-1_1-Optimize-RSA-armv8.patch Accepting request 949750 from home:pmonrealgonzalez:branches:security:tls 2022-01-28 17:51:43 +00:00
openssl-1_1-paramgen-default_to_rfc7919.patch Accepting request 1007029 from home:ohollmann:branches:home:jsikes:branches:security:tls 2022-09-30 10:26:12 +00:00
openssl-1_1-seclevel.patch Accepting request 865443 from home:pmonrealgonzalez:branches:security:tls 2021-01-21 14:53:39 +00:00
openssl-1_1-use-include-directive.patch Accepting request 960455 from home:pmonrealgonzalez:branches:security:tls 2022-03-09 11:25:28 +00:00
openssl-1_1-use-seclevel2-in-tests.patch Accepting request 865443 from home:pmonrealgonzalez:branches:security:tls 2021-01-21 14:53:39 +00:00
openssl-1_1.changes Accepting request 1089971 from security:tls:unstable 2023-05-31 09:13:51 +00:00
openssl-1_1.spec Accepting request 1089971 from security:tls:unstable 2023-05-31 09:13:51 +00:00
openssl-1.1.0-issuer-hash.patch Accepting request 873674 from home:pmonrealgonzalez:branches:security:tls 2021-02-22 12:20:01 +00:00
openssl-1.1.0-no-html.patch Accepting request 790182 from home:vitezslav_cizek:branches:security:tls 2020-03-31 14:27:13 +00:00
openssl-1.1.1-evp-kdf.patch Accepting request 961990 from home:pmonrealgonzalez:branches:security:tls 2022-03-15 18:24:32 +00:00
openssl-1.1.1-fips-crng-test.patch Accepting request 796077 from home:vitezslav_cizek:branches:security:tls 2020-04-21 15:13:15 +00:00
openssl-1.1.1-fips-post-rand.patch Accepting request 854071 from home:vitezslav_cizek:branches:security:tls 2020-12-14 11:20:34 +00:00
openssl-1.1.1-fips.patch Accepting request 961990 from home:pmonrealgonzalez:branches:security:tls 2022-03-15 18:24:32 +00:00
openssl-1.1.1-ssh-kdf.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-1.1.1-system-cipherlist.patch Accepting request 942952 from home:pmonrealgonzalez:branches:security:tls 2022-01-03 08:42:13 +00:00
openssl-1.1.1u.tar.gz Accepting request 1089971 from security:tls:unstable 2023-05-31 09:13:51 +00:00
openssl-1.1.1u.tar.gz.asc Accepting request 1089971 from security:tls:unstable 2023-05-31 09:13:51 +00:00
openssl-add_rfc3526_rfc7919.patch Accepting request 895194 from home:jsikes:branches:security:tls 2021-05-24 15:50:42 +00:00
openssl-assembly-pack-accelerate-scalar-multiplication.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-DEFAULT_SUSE_cipher.patch Accepting request 960455 from home:pmonrealgonzalez:branches:security:tls 2022-03-09 11:25:28 +00:00
openssl-Enable-curve-spefific-ECDSA-implementations-via-EC_M.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-fips_fix_selftests_return_value.patch Accepting request 778004 from home:vitezslav_cizek:branches:security:tls 2020-02-21 15:33:18 +00:00
openssl-fips_mode.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips_selftest_upstream_drbg.patch Accepting request 836174 from home:vitezslav_cizek:branches:security:tls 2020-09-23 06:41:06 +00:00
openssl-fips-add-SHA3-selftest.patch Accepting request 776093 from home:jsikes:branches:security:tls 2020-02-19 08:42:05 +00:00
openssl-fips-clearerror.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips-dont_run_FIPS_module_installed.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips-ignore_broken_atexit_test.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips-run_selftests_only_when_module_is_complete.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-fips-selftests_in_nonfips_mode.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-Fix-9bf682f-which-broke-nistp224_method.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-keep_EVP_KDF_functions_version.patch Accepting request 767728 from home:vitezslav_cizek:branches:security:tls 2020-01-27 14:25:49 +00:00
openssl-OPENSSL_s390xcap.pod-list-msa9-facility-bit-155.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-pkgconfig.patch Accepting request 631304 from home:vitezslav_cizek:branches:security:tls 2018-08-24 10:39:49 +00:00
openssl-ppc64-config.patch Accepting request 631304 from home:vitezslav_cizek:branches:security:tls 2018-08-24 10:39:49 +00:00
openssl-riscv64-config.patch Accepting request 985766 from home:Andreas_Schwab:Factory 2022-07-07 02:47:54 +00:00
openssl-s390x-assembly-pack-accelerate-ECDSA.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-s390x-assembly-pack-accelerate-X25519-X448-Ed25519-and-Ed448.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch Accepting request 980599 from home:jsikes:branches:security:tls 2022-06-07 06:28:40 +00:00
openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-assembly-pack-add-support-for-pcc-and-kma-inst.patch Accepting request 980599 from home:jsikes:branches:security:tls 2022-06-07 06:28:40 +00:00
openssl-s390x-assembly-pack-cleanse-only-sensitive-fields.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-assembly-pack-fix-msa3-stfle-bit-detection.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-assembly-pack-fix-OPENSSL_s390xcap-z15-cpu-mas.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-assembly-pack-update-OPENSSL_s390xcap-3.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-s390x-fix-x448-and-x448-test-vector-ctime-for-x25519-and-x448.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl-s390xcpuid.pl-fix-comment.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-ship_fips_standalone_hmac.patch Accepting request 766865 from home:vitezslav_cizek:branches:security:tls 2020-01-24 11:52:58 +00:00
openssl-truststore.patch Accepting request 631304 from home:vitezslav_cizek:branches:security:tls 2018-08-24 10:39:49 +00:00
openssl-unknown_dgst.patch Accepting request 786956 from home:vitezslav_cizek:branches:security:tls 2020-03-20 17:43:35 +00:00
openssl.keyring Accepting request 1089971 from security:tls:unstable 2023-05-31 09:13:51 +00:00
showciphers.c - Renamed from openssl-1_1_0 (bsc#1081335) 2018-02-16 12:13:08 +00:00