rpm/openssl
SHA256
1
0
Fork 0
forked from pool/openssl
Code Pull Requests Activity
116 Commits 1 Branch 0 Tags
Commit Graph

7 Commits

Author SHA256 Message Date
Dominique Leuenberger
9f18cdd3d8 Accepting request 280570 from Base:System 
- openssl 1.0.1k release
  bsc#912294 CVE-2014-3571: Fix DTLS segmentation fault in dtls1_get_record.
  bsc#912292 CVE-2015-0206: Fix DTLS memory leak in dtls1_buffer_record.
  bsc#911399 CVE-2014-3569: Fix issue where no-ssl3 configuration sets method to NULL.
  bsc#912015 CVE-2014-3572: Abort handshake if server key exchange
                            message is omitted for ephemeral ECDH ciphersuites.
  bsc#912014 CVE-2015-0204: Remove non-export ephemeral RSA code on client and server.
  bsc#912293 CVE-2015-0205: Fixed issue where DH client certificates are accepted without verification.
  bsc#912018 CVE-2014-8275: Fix various certificate fingerprint issues.
  bsc#912296 CVE-2014-3570: Correct Bignum squaring.
  and other bugfixes.
- openssl.keyring: use Matt Caswells current key. 
  pub  2048R/0E604491 2013-04-30
  uid                            Matt Caswell <frodo@baggins.org>
  uid                            Matt Caswell <matt@openssl.org>
  sub  2048R/E3C21B70 2013-04-30
- openssl-1.0.1e-fips.patch: rediffed
- openssl-1.0.1i-noec2m-fix.patch: removed (upstream)
- openssl-ocloexec.patch: rediffed

OBS-URL: https://build.opensuse.org/request/show/280570
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=124
 2015-01-20 20:53:46 +00:00
Dominique Leuenberger
984610bf7f Accepting request 264696 from Base:System 
I also submitted libcamgm that matches this submit


- suse_version 10.1 & 10.2 x86_64 can not enable-ec_nistp_64_gcc_128

- openssl-1.0.1i-noec2m-fix.patch: only report the Elliptic Curves
  we actually support (not the binary ones) (bnc#905037)

- openSUSE < 11.2 doesn't have accept4()

- openSSL 1.0.1j 
* Fix SRTP Memory Leak (CVE-2014-3513)
* Session Ticket Memory Leak (CVE-2014-3567)
* Add SSL 3.0 Fallback protection (TLS_FALLBACK_SCSV)
* Build option no-ssl3 is incomplete (CVE-2014-3568)

OBS-URL: https://build.opensuse.org/request/show/264696
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=123
 2014-12-17 18:18:04 +00:00
Stephan Kulow
d5a92c035d Accepting request 229370 from Base:System 
- update to 1.0.1g:
  * fix for critical TLS heartbeat read overrun (CVE-2014-0160) (bnc#872299)
  * Fix for Recovering OpenSSL ECDSA Nonces (CVE-2014-0076) (bnc#869945)
  * Workaround for the "TLS hang bug" (see FAQ and PR#2771)
- remove CVE-2014-0076.patch
- openssl.keyring: upstream changed to:
  pub  4096R/FA40E9E2 2005-03-19 Dr Stephen N Henson <steve@openssl.org>
  uid                            Dr Stephen Henson <shenson@drh-consultancy.co.uk>
  uid                            Dr Stephen Henson <shenson@opensslfoundation.com>

OBS-URL: https://build.opensuse.org/request/show/229370
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=110
 2014-04-09 16:17:23 +00:00
Stephan Kulow
bcd15fd76a Accepting request 213629 from Base:System 
Remove GCC option -O3 for compiliation issue of ARM version; Modify: openssl.spec (forwarded request 213627 from shawn2012)

OBS-URL: https://build.opensuse.org/request/show/213629
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=107
 2014-01-17 10:05:16 +00:00
Stephan Kulow
a4f9e5aa25 Accepting request 210985 from Base:System 
Adjust the installation path; Modify files: README-FIPS.txt openssl.spec (forwarded request 210984 from shawn2012)

OBS-URL: https://build.opensuse.org/request/show/210985
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=102
 2013-12-17 09:02:17 +00:00
Stephan Kulow
4ed020414f osc copypac from project:openSUSE:Factory package:openssl revision:99 
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=101
 2013-11-30 16:59:30 +00:00
Stephan Kulow
179c3b2765 Accepting request 208487 from Base:System 
Patches for OpenSSL FIPS-140-2/3 certification; Add patch files: openssl-1.0.1e-fips.patch, openssl-1.0.1e-fips-ec.patch,openssl-1.0.1e-fips-ctor.patch (forwarded request 208378 from shawn2012)

OBS-URL: https://build.opensuse.org/request/show/208487
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=100
 2013-11-29 06:03:09 +00:00