diff --git a/openssl-1.0.2j.tar.gz b/openssl-1.0.2j.tar.gz deleted file mode 100644 index c57e541..0000000 --- a/openssl-1.0.2j.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431 -size 5307912 diff --git a/openssl-1.0.2j.tar.gz.asc b/openssl-1.0.2j.tar.gz.asc deleted file mode 100644 index f04cb84..0000000 --- a/openssl-1.0.2j.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iQEcBAABAgAGBQJX6O9BAAoJENnE0m0OYESRhC4H/0feEYv4JBbtk3cFyIt39ph6 -A700qbm8pnOukXOg5Q2HrYz6TxE1C/p7MO4+iYnttvtC7WMz9oK0fEQ/k2PEjoU7 -I65vM/LlrQjY6pJe+pORk+UL9uHamcDpeyYCa+Ro61o/l4Vd9iHQMN77LDfkKzDK -qq8q/DMlHVhPv1U8+kDCT9r4nEOqb0tkvJEIns3wFlkw1Wp+VwnhAS5s3J1Xwetj -MK6TFOtI1UOULXiYjSRs4Sy8nyxG5V6VVofAL+aQNOFqAzF45RE5R/6AjL5I8J9y -yoyIzj1a/h8M/PJGzADgpxZAdE2cpZAlQAhZdQutst0GRma6i36HGzq4IUDwbCc= -=puH/ ------END PGP SIGNATURE----- diff --git a/openssl-1.0.2k.tar.gz b/openssl-1.0.2k.tar.gz new file mode 100644 index 0000000..ce3054a --- /dev/null +++ b/openssl-1.0.2k.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0 +size 5309236 diff --git a/openssl-1.0.2k.tar.gz.asc b/openssl-1.0.2k.tar.gz.asc new file mode 100644 index 0000000..5a03441 --- /dev/null +++ b/openssl-1.0.2k.tar.gz.asc @@ -0,0 +1,10 @@ +-----BEGIN PGP SIGNATURE----- + +iQEcBAABCAAGBQJYifggAAoJENnE0m0OYESRTAIH/RsiR+7jvmA8AZJppQZOpVgX +8N5CZNBEaRTuKcRNmQX1oHk5Ms2g4MM4TmNDOFF7+ZtByoeyv2NWnLWJmBsSxuQU +ZEbeXFIgkBnvD5qOBdi84udw0/HOP5P3GcxAOC8QE1Av7pTwAdKToheqixuE5D8+ +9zzw4VgXCa5L18JDf3XdkTDUUUQitz1o2ck8BVIGyhxgIUDJXEF8t29yTGYWF/YV +b45G1igbJlZtoR4IA1pSR3hrDjJaNQtCpkxK+DKoLTm+Z9RMTe40Q8W7dBn1iwUm +N/m9CUovBoqIv1nrSJeFNXuIuuHYt/1gflJBiem7QC9fNtdZuGlKXBq5bcL1qV8= +=uQ9m +-----END PGP SIGNATURE----- diff --git a/openssl-fips-dont-fall-back-to-default-digest.patch b/openssl-fips-dont-fall-back-to-default-digest.patch index fc76963..c530934 100644 --- a/openssl-fips-dont-fall-back-to-default-digest.patch +++ b/openssl-fips-dont-fall-back-to-default-digest.patch @@ -114,9 +114,9 @@ Index: openssl-1.0.2i/apps/enc.c + if (non_fips_allow) + FIPS_mode_set(0); + - #ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); - #endif + e = setup_engine(bio_err, engine, 0); + + if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { @@ -338,7 +342,7 @@ int MAIN(int argc, char **argv) goto end; } diff --git a/openssl.changes b/openssl.changes index 17b762d..b39f0ff 100644 --- a/openssl.changes +++ b/openssl.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Fri Jan 27 10:21:42 UTC 2017 - meissner@suse.com + +- Updated to openssl 1.0.2k + - bsc#1009528 / CVE-2016-7055: openssl: Montgomery multiplication may produce incorrect results + - bsc#1019334 / CVE-2016-7056: openssl: ECSDA P-256 timing attack key recovery + - bsc#1022085 / CVE-2017-3731: openssl: Truncated packet could crash via OOB read + - bsc#1022086 / CVE-2017-3732: openssl: BN_mod_exp may produce incorrect results on x86_64 + ------------------------------------------------------------------- Fri Sep 30 10:53:56 UTC 2016 - vcizek@suse.com diff --git a/openssl.spec b/openssl.spec index 11f562f..cfff21d 100644 --- a/openssl.spec +++ b/openssl.spec @@ -1,7 +1,7 @@ # # spec file for package openssl # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,7 +29,7 @@ Provides: ssl %ifarch ppc64 Obsoletes: openssl-64bit %endif -Version: 1.0.2j +Version: 1.0.2k Release: 0 Summary: Secure Sockets and Transport Layer Security License: OpenSSL