SHA256
1
0
forked from pool/openssl-1_1
openssl-1_1/openssl-1.1.0-no-html.patch
Pedro Monreal Gonzalez 0d52304a01 Accepting request 730187 from home:vitezslav_cizek:branches:security:tls
- Update to 1.1.1d (bsc#1133925, jsc#SLE-6430)
  * Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
    number generator (RNG). This was intended to include protection in the
    event of a fork() system call in order to ensure that the parent and child
    processes did not share the same RNG state. However this protection was not
    being used in the default case.
    (bsc#1150247, CVE-2019-1549)
  * Compute ECC cofactors if not provided during EC_GROUP construction. Before
    this change, EC_GROUP_set_generator would accept order and/or cofactor as
    NULL. After this change, only the cofactor parameter can be NULL.
    (bsc#1150003, CVE-2019-1547)
  * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
    (bsc#1150250, CVE-2019-1563)
  * For built-in EC curves, ensure an EC_GROUP built from the curve name is
    used even when parsing explicit parameters, when loading a serialized key
    or calling EC_GROUP_new_from_ecpkparameters()/EC_GROUP_new_from_ecparameters().
  * Early start up entropy quality from the DEVRANDOM seed source has been
    improved for older Linux systems.
  * Changed DH_check to accept parameters with order q and 2q subgroups.
    With order 2q subgroups the bit 0 of the private key is not secret
    but DH_generate_key works around that by clearing bit 0 of the
    private key for those. This avoids leaking bit 0 of the private key.
  * Significantly reduce secure memory usage by the randomness pools.
  * Revert the DEVRANDOM_WAIT feature for Linux systems
- drop 0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch (upstream)
- refresh patches
  * openssl-1.1.0-no-html.patch
  * openssl-jsc-SLE-8789-backport_KDF.patch

OBS-URL: https://build.opensuse.org/request/show/730187
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=43
2019-09-11 15:31:50 +00:00

14 lines
607 B
Diff

Index: openssl-1.1.1d/Configurations/unix-Makefile.tmpl
===================================================================
--- openssl-1.1.1d.orig/Configurations/unix-Makefile.tmpl 2019-09-11 15:38:17.788265421 +0200
+++ openssl-1.1.1d/Configurations/unix-Makefile.tmpl 2019-09-11 15:38:35.640368636 +0200
@@ -544,7 +544,7 @@ install_sw: install_dev install_engines
uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
-install_docs: install_man_docs install_html_docs
+install_docs: install_man_docs
uninstall_docs: uninstall_man_docs uninstall_html_docs
$(RM) -r $(DESTDIR)$(DOCDIR)