Accepting request 151305 from Base:System

- update to version 1.0.1d, fixing security issues o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. o Include the fips configuration module. o Fix OCSP bad key DoS attack CVE-2013-0166 o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 bnc#802184 o Fix for TLS AESNI record handling flaw CVE-2012-2686 OBS-URL: https://build.opensuse.org/request/show/151305 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=84
2013-02-07 09:44:00 +00:00 · 2013-02-07 09:44:00 +00:00 · e77612338e
commit e77612338e
parent f64483c532
5 changed files with 28 additions and 6 deletions
--- a/openssl-1.0.1c.tar.gz
+++ b/openssl-1.0.1c.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2a9eb3cd4e8b114eb9179c0d3884d61658e7d8e8bf4984798a5f5bd48e325ebe
-size 4457113
--- a/openssl-1.0.1d.tar.gz
+++ b/openssl-1.0.1d.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:88a423f9b08a994054583691b968815875580e12df754e881d7cfe9f1bd1f49d
+size 4459791
--- a/openssl-1.0.1d.tar.gz.asc
+++ b/openssl-1.0.1d.tar.gz.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQEVAwUAURDz9qLSm3vylcdZAQKqkggAv4350IUv8kUR0EFl1RMZdal5aie5vFCB
+qBDdF8CAWRPoZy1QN+yLtTzobthGaLFbbibILo2dAwUm2VFpt0GbOe3NkX8EUpZj
+neTT9fSMm0uVCt0qwoap+GtvVypmuRR3fR8TMW2injL/M8nkZDNkuJeVvpOXdSZZ
+h/hyZCzDy/QC1yZDR6xczGkVdszTEo7C5k34RvKZOuN5u2Bs290HGEqPNo7UsgCq
+MiJBHKMmWB48CefctVhySYhr8ftANctZW6dDGOsj/0Jc4s5IptNFM0LwjJLh4671
+IqtAKCSk0ShH/ehnpbpmndrSfhLJwNnBA/a4FWyEdZ1AzkXKZsed9g==
+=AVm4
+-----END PGP SIGNATURE-----
--- a/openssl.changes
+++ b/openssl.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Tue Feb  5 16:00:17 UTC 2013 - meissner@suse.com
+
+- update to version 1.0.1d, fixing security issues
+  o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
+  o Include the fips configuration module.
+  o Fix OCSP bad key DoS attack CVE-2013-0166
+  o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+    bnc#802184
+  o Fix for TLS AESNI record handling flaw CVE-2012-2686
+
 -------------------------------------------------------------------
 Mon Nov 12 08:39:31 UTC 2012 - gjhe@suse.com

--- a/openssl.spec
+++ b/openssl.spec
@ -1,7 +1,7 @@
 #
 # spec file for package openssl
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -16,7 +16,6 @@
 #


-
 Name:           openssl
 BuildRequires:  bc
 BuildRequires:  ed
@ -30,13 +29,14 @@ Provides:       ssl
 %ifarch ppc64
 Obsoletes:      openssl-64bit
 %endif
-Version:        1.0.1c
+Version:        1.0.1d
 Release:        0
 Summary:        Secure Sockets and Transport Layer Security
 License:        OpenSSL
 Group:          Productivity/Networking/Security
 Url:            http://www.openssl.org/
 Source:         http://www.%{name}.org/source/%{name}-%{version}.tar.gz
+Source42:       http://www.%{name}.org/source/%{name}-%{version}.tar.gz.asc
 # to get mtime of file:
 Source1:        openssl.changes
 Source2:        baselibs.conf