forked from pool/openssl-3
f329bbc5a1
- Encapsulate the fips provider into a new package called libopenssl-3-fips-provider. - Added openssl-3-use-include-directive.patch so that the default /etc/ssl/openssl.cnf file will include any configuration files that other packages might place into /etc/ssl/engines3.d/ and /etc/ssl/engdef3.d/. Also create symbolic links /etc/ssl/engines.d/ and /etc/ssl/engdef.d/ to above versioned directories. - Updated spec file to create the two new necessary directores for the above patch and two symbolic links to above directories. [bsc#1194187, bsc#1207472, bsc#1218933] - Security fix: [bsc#1218810, CVE-2023-6237] * Limit the execution time of RSA public key check * Add openssl-CVE-2023-6237.patch - Rename openssl-Override-default-paths-for-the-CA-directory-tree.patch to openssl-crypto-policies-support.patch - Embed the FIPS hmac. Add openssl-FIPS-embed-hmac.patch - Load the FIPS provider and set FIPS properties implicitly. * Add openssl-Force-FIPS.patch [bsc#1217934] - Disable the fipsinstall command-line utility. * Add openssl-disable-fipsinstall.patch - Add instructions to load legacy provider in openssl.cnf. * openssl-load-legacy-provider.patch - Disable the default provider for the test suite. * openssl-Disable-default-provider-for-test-suite.patch OBS-URL: https://build.opensuse.org/request/show/1142584 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-3?expand=0&rev=19 |
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| baselibs.conf | ||
| openssl-3-use-include-directive.patch | ||
| openssl-3.1.4.tar.gz | ||
| openssl-3.1.4.tar.gz.asc | ||
| openssl-3.changes | ||
| openssl-3.spec | ||
| openssl-Add_support_for_Windows_CA_certificate_store.patch | ||
| openssl-Add-FIPS_mode-compatibility-macro.patch | ||
| openssl-Add-Kernel-FIPS-mode-flag-support.patch | ||
| openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch | ||
| openssl-crypto-policies-support.patch | ||
| openssl-CVE-2023-5678.patch | ||
| openssl-CVE-2023-6129.patch | ||
| openssl-CVE-2023-6237.patch | ||
| openssl-DEFAULT_SUSE_cipher.patch | ||
| openssl-Disable-default-provider-for-test-suite.patch | ||
| openssl-disable-fipsinstall.patch | ||
| openssl-ec-56-bit-Limb-Solinas-Strategy-for-secp384r1.patch | ||
| openssl-ec-powerpc64le-Add-asm-implementation-of-felem_-squa.patch | ||
| openssl-ec-Use-static-linkage-on-nistp521-felem_-square-mul-.patch | ||
| openssl-ecc-Remove-extraneous-parentheses-in-secp384r1.patch | ||
| openssl-Enable-BTI-feature-for-md5-on-aarch64.patch | ||
| openssl-FIPS-embed-hmac.patch | ||
| openssl-Force-FIPS.patch | ||
| openssl-Improve-performance-for-6x-unrolling-with-vpermxor-i.patch | ||
| openssl-load-legacy-provider.patch | ||
| openssl-no-date.patch | ||
| openssl-no-html-docs.patch | ||
| openssl-pkgconfig.patch | ||
| openssl-powerpc-ecc-Fix-stack-allocation-secp384r1-asm.patch | ||
| openssl-ppc64-config.patch | ||
| openssl-truststore.patch | ||
| openssl.keyring | ||
| showciphers.c | ||