Accepting request 245642 from Base:System

- openssl.keyring: the 1.0.1i release was done by Matt Caswell <matt@openssl.org> UK 0E604491 - rename README.SuSE (old spelling) to README.SUSE (bnc#889013) - update to 1.0.1i * Fix SRP buffer overrun vulnerability. Invalid parameters passed to the SRP code can be overrun an internal buffer. Add sanity check that g, A, B < N to SRP code. (CVE-2014-3512) * A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate TLS 1.0 instead of higher protocol versions when the ClientHello message is badly fragmented. This allows a man-in-the-middle attacker to force a downgrade to TLS 1.0 even if both the server and the client support a higher protocol version, by modifying the client's TLS records. (CVE-2014-3511) * OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages. (CVE-2014-3510) * By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack. (CVE-2014-3507) * An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. This can be exploited through a Denial of Service attack. (CVE-2014-3506) * An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This OBS-URL: https://build.opensuse.org/request/show/245642 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=121
2014-08-25 09:03:07 +00:00 · 2014-08-25 09:03:07 +00:00 · 0985bc43b2
commit 0985bc43b2
parent 0dd078bb95
10 changed files with 253 additions and 144 deletions
--- a/0005-libssl-Hide-library-private-symbols.patch
+++ b/0005-libssl-Hide-library-private-symbols.patch
@ -16,8 +16,10 @@ API/ABI when GCC 4 or later is used.
 ssl/t1_lib.c   | 6 ++----
 8 files changed, 23 insertions(+), 12 deletions(-)

--- openssl-1.0.1g.orig/ssl/d1_lib.c
-+++ openssl-1.0.1g/ssl/d1_lib.c
+Index: openssl-1.0.1i/ssl/d1_lib.c
+===================================================================
+--- openssl-1.0.1i.orig/ssl/d1_lib.c
+++ openssl-1.0.1i/ssl/d1_lib.c
@@ -67,8 +67,7 @@
 #endif
 
@ -28,7 +30,7 @@ API/ABI when GCC 4 or later is used.
 
 SSL3_ENC_METHOD DTLSv1_enc_data={
     dtls1_enc,
-@@ -468,7 +467,7 @@ static void get_current_time(struct time
+@@ -471,7 +470,7 @@ static void get_current_time(struct time
 #endif
 }
 
@ -37,8 +39,10 @@ API/ABI when GCC 4 or later is used.
 	{
 	int ret;
 
--- openssl-1.0.1g.orig/ssl/kssl_lcl.h
-+++ openssl-1.0.1g/ssl/kssl_lcl.h
+Index: openssl-1.0.1i/ssl/kssl_lcl.h
+===================================================================
+--- openssl-1.0.1i.orig/ssl/kssl_lcl.h
+++ openssl-1.0.1i/ssl/kssl_lcl.h
@@ -61,6 +61,10 @@
 
 #include <openssl/kssl.h>
@ -60,8 +64,10 @@ API/ABI when GCC 4 or later is used.
 +#endif
 +
 #endif	/* KSSL_LCL_H 	*/
--- openssl-1.0.1g.orig/ssl/s23_srvr.c
-+++ openssl-1.0.1g/ssl/s23_srvr.c
+Index: openssl-1.0.1i/ssl/s23_srvr.c
+===================================================================
+--- openssl-1.0.1i.orig/ssl/s23_srvr.c
+++ openssl-1.0.1i/ssl/s23_srvr.c
@@ -120,7 +120,7 @@
 #endif
 
@ -80,8 +86,10 @@ API/ABI when GCC 4 or later is used.
 	{
 	char buf_space[11]; /* Request this many bytes in initial read.
 	                     * We can detect SSL 3.0/TLS 1.0 Client Hellos
--- openssl-1.0.1g.orig/ssl/s2_lib.c
-+++ openssl-1.0.1g/ssl/s2_lib.c
+Index: openssl-1.0.1i/ssl/s2_lib.c
+===================================================================
+--- openssl-1.0.1i.orig/ssl/s2_lib.c
+++ openssl-1.0.1i/ssl/s2_lib.c
@@ -116,7 +116,6 @@
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@ -90,8 +98,10 @@ API/ABI when GCC 4 or later is used.
 
 #define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
 
--- openssl-1.0.1g.orig/ssl/s3_lib.c
-+++ openssl-1.0.1g/ssl/s3_lib.c
+Index: openssl-1.0.1i/ssl/s3_lib.c
+===================================================================
+--- openssl-1.0.1i.orig/ssl/s3_lib.c
+++ openssl-1.0.1i/ssl/s3_lib.c
@@ -162,7 +162,6 @@
 #include <openssl/dh.h>
 #endif
@ -100,8 +110,10 @@ API/ABI when GCC 4 or later is used.
 
 #define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
 
--- openssl-1.0.1g.orig/ssl/ssl_lib.c
-+++ openssl-1.0.1g/ssl/ssl_lib.c
+Index: openssl-1.0.1i/ssl/ssl_lib.c
+===================================================================
+--- openssl-1.0.1i.orig/ssl/ssl_lib.c
+++ openssl-1.0.1i/ssl/ssl_lib.c
@@ -160,7 +160,6 @@
 #include <openssl/engine.h>
 #endif
@ -110,8 +122,10 @@ API/ABI when GCC 4 or later is used.
 
 SSL3_ENC_METHOD ssl3_undef_enc_method={
 	/* evil casts, but these functions are only called if there's a library bug */
--- openssl-1.0.1g.orig/ssl/ssl_locl.h
-+++ openssl-1.0.1g/ssl/ssl_locl.h
+Index: openssl-1.0.1i/ssl/ssl_locl.h
+===================================================================
+--- openssl-1.0.1i.orig/ssl/ssl_locl.h
+++ openssl-1.0.1i/ssl/ssl_locl.h
@@ -165,6 +165,10 @@
 #include <openssl/ssl.h>
 #include <openssl/symhacks.h>
@ -123,21 +137,25 @@ API/ABI when GCC 4 or later is used.
 #ifdef OPENSSL_BUILD_SHLIBSSL
 # undef OPENSSL_EXTERN
 # define OPENSSL_EXTERN OPENSSL_EXPORT
-@@ -1174,4 +1178,12 @@ void tls_fips_digest_extra(
- 	const EVP_CIPHER_CTX *cipher_ctx, EVP_MD_CTX *mac_ctx,
- 	const unsigned char *data, size_t data_len, size_t orig_len);
+@@ -1194,5 +1198,14 @@ int srp_verify_server_param(SSL *s, int
+ #define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat
+ #define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat
 
 +int private_tls1_PRF(long digest_mask, const void *seed1, int seed1_len, const void *seed2, int seed2_len,
 +                    const void *seed3, int seed3_len, const void *seed4, int seed4_len, const void *seed5, int seed5_len,
 +                    const unsigned char *sec, int slen, unsigned char *out1, unsigned char *out2, int olen);
+
+ #endif
 +
 +#if defined(__GNUC__) && __GNUC__ >= 4
 +#pragma GCC visibility pop
 +#endif
 +
 #endif
--- openssl-1.0.1g.orig/ssl/t1_lib.c
-+++ openssl-1.0.1g/ssl/t1_lib.c
+Index: openssl-1.0.1i/ssl/t1_lib.c
+===================================================================
+--- openssl-1.0.1i.orig/ssl/t1_lib.c
+++ openssl-1.0.1i/ssl/t1_lib.c
@@ -117,7 +117,6 @@
 #include <openssl/rand.h>
 #include "ssl_locl.h"
--- a/README.SUSE
+++ b/README.SUSE
--- a/openssl-1.0.1e-new-fips-reqs.patch
+++ b/openssl-1.0.1e-new-fips-reqs.patch
@ -1,7 +1,7 @@
-Index: openssl-1.0.1g/crypto/bn/bn_rand.c
+Index: openssl-1.0.1i/crypto/bn/bn_rand.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/bn/bn_rand.c
-+++ openssl-1.0.1g/crypto/bn/bn_rand.c
+--- openssl-1.0.1i.orig/crypto/bn/bn_rand.c	2014-08-07 16:22:48.583087630 +0200
+++ openssl-1.0.1i/crypto/bn/bn_rand.c	2014-08-07 16:22:49.458098281 +0200
@@ -138,9 +138,12 @@ static int bnrand(int pseudorand, BIGNUM
 		goto err;
 		}
@ -18,10 +18,10 @@ Index: openssl-1.0.1g/crypto/bn/bn_rand.c
 
 	if (pseudorand)
 		{
-Index: openssl-1.0.1g/crypto/dh/dh_gen.c
+Index: openssl-1.0.1i/crypto/dh/dh_gen.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/dh/dh_gen.c
-+++ openssl-1.0.1g/crypto/dh/dh_gen.c
+--- openssl-1.0.1i.orig/crypto/dh/dh_gen.c	2014-08-07 16:22:48.583087630 +0200
+++ openssl-1.0.1i/crypto/dh/dh_gen.c	2014-08-07 16:22:49.458098281 +0200
@@ -125,7 +125,7 @@ static int dh_builtin_genparams(DH *ret,
 		return 0;
 		}
@ -31,10 +31,10 @@ Index: openssl-1.0.1g/crypto/dh/dh_gen.c
 		{
 		DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL);
 		goto err;
-Index: openssl-1.0.1g/crypto/dh/dh.h
+Index: openssl-1.0.1i/crypto/dh/dh.h
 ===================================================================
--- openssl-1.0.1g.orig/crypto/dh/dh.h
-+++ openssl-1.0.1g/crypto/dh/dh.h
+--- openssl-1.0.1i.orig/crypto/dh/dh.h	2014-08-07 16:22:48.583087630 +0200
+++ openssl-1.0.1i/crypto/dh/dh.h	2014-08-07 16:22:49.458098281 +0200
@@ -78,6 +78,7 @@
 #endif
 
@ -43,10 +43,10 @@ Index: openssl-1.0.1g/crypto/dh/dh.h
 
 #define DH_FLAG_CACHE_MONT_P     0x01
 #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
-Index: openssl-1.0.1g/crypto/dh/dh_check.c
+Index: openssl-1.0.1i/crypto/dh/dh_check.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/dh/dh_check.c
-+++ openssl-1.0.1g/crypto/dh/dh_check.c
+--- openssl-1.0.1i.orig/crypto/dh/dh_check.c	2014-08-07 16:22:48.584087643 +0200
+++ openssl-1.0.1i/crypto/dh/dh_check.c	2014-08-07 16:22:49.458098281 +0200
@@ -134,7 +134,33 @@ int DH_check_pub_key(const DH *dh, const
 	BN_sub_word(q,1);
 	if (BN_cmp(pub_key,q)>=0)
@ -81,10 +81,10 @@ Index: openssl-1.0.1g/crypto/dh/dh_check.c
 	ok = 1;
 err:
 	if (q != NULL) BN_free(q);
-Index: openssl-1.0.1g/crypto/dsa/dsa_gen.c
+Index: openssl-1.0.1i/crypto/dsa/dsa_gen.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/dsa/dsa_gen.c
-+++ openssl-1.0.1g/crypto/dsa/dsa_gen.c
+--- openssl-1.0.1i.orig/crypto/dsa/dsa_gen.c	2014-08-07 16:22:48.584087643 +0200
+++ openssl-1.0.1i/crypto/dsa/dsa_gen.c	2014-08-07 16:22:49.458098281 +0200
@@ -159,7 +159,6 @@ int dsa_builtin_paramgen(DSA *ret, size_
 	    }
 
@ -93,10 +93,10 @@ Index: openssl-1.0.1g/crypto/dsa/dsa_gen.c
 	    (bits != 2048 || qbits != 224) &&
 	    (bits != 2048 || qbits != 256) &&
 	    (bits != 3072 || qbits != 256))
-Index: openssl-1.0.1g/crypto/dsa/dsa.h
+Index: openssl-1.0.1i/crypto/dsa/dsa.h
 ===================================================================
--- openssl-1.0.1g.orig/crypto/dsa/dsa.h
-+++ openssl-1.0.1g/crypto/dsa/dsa.h
+--- openssl-1.0.1i.orig/crypto/dsa/dsa.h	2014-08-07 16:22:48.584087643 +0200
+++ openssl-1.0.1i/crypto/dsa/dsa.h	2014-08-07 16:22:49.458098281 +0200
@@ -89,6 +89,7 @@
 #endif
 
@ -118,10 +118,10 @@ Index: openssl-1.0.1g/crypto/dsa/dsa.h
 #define DSA_is_prime(n, callback, cb_arg) \
 	BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
 
-Index: openssl-1.0.1g/crypto/dsa/dsa_key.c
+Index: openssl-1.0.1i/crypto/dsa/dsa_key.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/dsa/dsa_key.c
-+++ openssl-1.0.1g/crypto/dsa/dsa_key.c
+--- openssl-1.0.1i.orig/crypto/dsa/dsa_key.c	2014-08-07 16:22:48.584087643 +0200
+++ openssl-1.0.1i/crypto/dsa/dsa_key.c	2014-08-07 16:22:49.458098281 +0200
@@ -122,7 +122,7 @@ static int dsa_builtin_keygen(DSA *dsa)
 
 #ifdef OPENSSL_FIPS
@ -131,10 +131,10 @@ Index: openssl-1.0.1g/crypto/dsa/dsa_key.c
 		{
 		DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL);
 		goto err;
-Index: openssl-1.0.1g/crypto/fips/fips_dh_selftest.c
+Index: openssl-1.0.1i/crypto/fips/fips_dh_selftest.c
 ===================================================================
--- /dev/null
-+++ openssl-1.0.1g/crypto/fips/fips_dh_selftest.c
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.0.1i/crypto/fips/fips_dh_selftest.c	2014-08-07 16:22:49.458098281 +0200
@@ -0,0 +1,162 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@ -298,10 +298,10 @@ Index: openssl-1.0.1g/crypto/fips/fips_dh_selftest.c
 +	return ret;
 +	}
 +#endif
-Index: openssl-1.0.1g/crypto/fips/fips_drbg_rand.c
+Index: openssl-1.0.1i/crypto/fips/fips_drbg_rand.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/fips/fips_drbg_rand.c
-+++ openssl-1.0.1g/crypto/fips/fips_drbg_rand.c
+--- openssl-1.0.1i.orig/crypto/fips/fips_drbg_rand.c	2014-08-07 16:22:48.584087643 +0200
+++ openssl-1.0.1i/crypto/fips/fips_drbg_rand.c	2014-08-07 16:22:49.458098281 +0200
@@ -77,7 +77,8 @@ static int fips_drbg_bytes(unsigned char
 	int rv = 0;
 	unsigned char *adin = NULL;
@ -382,10 +382,10 @@ Index: openssl-1.0.1g/crypto/fips/fips_drbg_rand.c
 	}
 
 static const RAND_METHOD rand_drbg_meth =
-Index: openssl-1.0.1g/crypto/fips/fips.h
+Index: openssl-1.0.1i/crypto/fips/fips.h
 ===================================================================
--- openssl-1.0.1g.orig/crypto/fips/fips.h
-+++ openssl-1.0.1g/crypto/fips/fips.h
+--- openssl-1.0.1i.orig/crypto/fips/fips.h	2014-08-07 16:22:48.584087643 +0200
+++ openssl-1.0.1i/crypto/fips/fips.h	2014-08-07 16:22:49.459098294 +0200
@@ -96,6 +96,7 @@ void FIPS_corrupt_dsa_keygen(void);
 int FIPS_selftest_dsa(void);
 int FIPS_selftest_ecdsa(void);
@ -394,10 +394,10 @@ Index: openssl-1.0.1g/crypto/fips/fips.h
 void FIPS_corrupt_rng(void);
 void FIPS_rng_stick(void);
 void FIPS_x931_stick(int onoff);
-Index: openssl-1.0.1g/crypto/fips/fips_post.c
+Index: openssl-1.0.1i/crypto/fips/fips_post.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/fips/fips_post.c
-+++ openssl-1.0.1g/crypto/fips/fips_post.c
+--- openssl-1.0.1i.orig/crypto/fips/fips_post.c	2014-08-07 16:22:48.584087643 +0200
+++ openssl-1.0.1i/crypto/fips/fips_post.c	2014-08-07 16:22:49.459098294 +0200
@@ -99,6 +99,8 @@ int FIPS_selftest(void)
 		rv = 0;
 	if (!FIPS_selftest_dsa())
@ -407,10 +407,10 @@ Index: openssl-1.0.1g/crypto/fips/fips_post.c
 	if (!FIPS_selftest_ecdh())
 		rv = 0;
 	return rv;
-Index: openssl-1.0.1g/crypto/fips/fips_rsa_selftest.c
+Index: openssl-1.0.1i/crypto/fips/fips_rsa_selftest.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/fips/fips_rsa_selftest.c
-+++ openssl-1.0.1g/crypto/fips/fips_rsa_selftest.c
+--- openssl-1.0.1i.orig/crypto/fips/fips_rsa_selftest.c	2014-08-07 16:22:48.585087655 +0200
+++ openssl-1.0.1i/crypto/fips/fips_rsa_selftest.c	2014-08-07 16:22:49.459098294 +0200
@@ -340,6 +340,42 @@ static const unsigned char kat_RSA_X931_
   0x60, 0x83, 0x18, 0x88, 0xA3, 0xF5, 0x59, 0xC3
 };
@ -480,10 +480,10 @@ Index: openssl-1.0.1g/crypto/fips/fips_rsa_selftest.c
 		RSA_free(key);
 	return ret;
 	}
-Index: openssl-1.0.1g/crypto/fips/Makefile
+Index: openssl-1.0.1i/crypto/fips/Makefile
 ===================================================================
--- openssl-1.0.1g.orig/crypto/fips/Makefile
-+++ openssl-1.0.1g/crypto/fips/Makefile
+--- openssl-1.0.1i.orig/crypto/fips/Makefile	2014-08-07 16:22:48.585087655 +0200
+++ openssl-1.0.1i/crypto/fips/Makefile	2014-08-07 16:22:49.459098294 +0200
@@ -24,13 +24,15 @@ LIBSRC=fips_aes_selftest.c fips_des_self
     fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c  fips_rand.c \
     fips_rsa_x931g.c fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
@ -502,10 +502,10 @@ Index: openssl-1.0.1g/crypto/fips/Makefile
 
 LIBCRYPTO=-L.. -lcrypto
 
-Index: openssl-1.0.1g/crypto/modes/gcm128.c
+Index: openssl-1.0.1i/crypto/modes/gcm128.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/modes/gcm128.c
-+++ openssl-1.0.1g/crypto/modes/gcm128.c
+--- openssl-1.0.1i.orig/crypto/modes/gcm128.c	2014-08-07 16:22:48.585087655 +0200
+++ openssl-1.0.1i/crypto/modes/gcm128.c	2014-08-07 16:22:49.459098294 +0200
@@ -906,6 +906,10 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT
 # endif
 #endif
@ -528,10 +528,10 @@ Index: openssl-1.0.1g/crypto/modes/gcm128.c
 	mlen += len;
 	if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
 		return -1;
-Index: openssl-1.0.1g/crypto/modes/modes_lcl.h
+Index: openssl-1.0.1i/crypto/modes/modes_lcl.h
 ===================================================================
--- openssl-1.0.1g.orig/crypto/modes/modes_lcl.h
-+++ openssl-1.0.1g/crypto/modes/modes_lcl.h
+--- openssl-1.0.1i.orig/crypto/modes/modes_lcl.h	2014-08-07 16:22:48.585087655 +0200
+++ openssl-1.0.1i/crypto/modes/modes_lcl.h	2014-08-07 16:22:49.459098294 +0200
@@ -114,6 +114,8 @@ struct gcm128_context {
 	unsigned int mres, ares;
 	block128_f block;
@ -541,10 +541,10 @@ Index: openssl-1.0.1g/crypto/modes/modes_lcl.h
 };
 
 struct xts128_context {
-Index: openssl-1.0.1g/crypto/rand/md_rand.c
+Index: openssl-1.0.1i/crypto/rand/md_rand.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/rand/md_rand.c
-+++ openssl-1.0.1g/crypto/rand/md_rand.c
+--- openssl-1.0.1i.orig/crypto/rand/md_rand.c	2014-08-07 16:22:44.906042872 +0200
+++ openssl-1.0.1i/crypto/rand/md_rand.c	2014-08-07 16:25:51.798310523 +0200
@@ -143,12 +143,6 @@ static long md_count[2]={0,0};
 static double entropy=0;
 static int initialized=0;
@ -558,7 +558,7 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 
 #ifdef PREDICT
 int rand_predictable=0;
-@@ -196,7 +190,7 @@ static void ssleay_rand_add(const void *
+@@ -195,7 +189,7 @@ static void ssleay_rand_add(const void *
 	long md_c[2];
 	unsigned char local_md[MD_DIGEST_LENGTH];
 	EVP_MD_CTX m;
@ -567,7 +567,7 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 
 	if (!num)
 		return;
-@@ -216,19 +210,8 @@ static void ssleay_rand_add(const void *
+@@ -215,19 +209,8 @@ static void ssleay_rand_add(const void *
          * hash function.
 	 */
 
@ -588,7 +588,7 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 	st_idx=state_index;
 
 	/* use our own copies of the counters so that even
-@@ -260,7 +243,8 @@ static void ssleay_rand_add(const void *
+@@ -259,7 +242,8 @@ static void ssleay_rand_add(const void *
 
 	md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
 
@ -598,7 +598,7 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 
 	EVP_MD_CTX_init(&m);
 	for (i=0; i<num; i+=MD_DIGEST_LENGTH)
-@@ -311,7 +295,7 @@ static void ssleay_rand_add(const void *
+@@ -310,7 +294,7 @@ static void ssleay_rand_add(const void *
 		}
 	EVP_MD_CTX_cleanup(&m);
 
@ -607,7 +607,7 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 	/* Don't just copy back local_md into md -- this could mean that
 	 * other thread's seeding remains without effect (except for
 	 * the incremented counter).  By XORing it we keep at least as
-@@ -322,7 +306,8 @@ static void ssleay_rand_add(const void *
+@@ -321,7 +305,8 @@ static void ssleay_rand_add(const void *
 		}
 	if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
 	    entropy += add;
@ -617,7 +617,7 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 	
 #if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
 	assert(md_c[1] == md_count[1]);
-@@ -347,6 +332,7 @@ static int ssleay_rand_bytes(unsigned ch
+@@ -346,6 +331,7 @@ int ssleay_rand_bytes(unsigned char *buf
 	pid_t curr_pid = getpid();
 #endif
 	int do_stir_pool = 0;
@ -625,12 +625,13 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 
 #ifdef PREDICT
 	if (rand_predictable)
-@@ -387,13 +373,8 @@ static int ssleay_rand_bytes(unsigned ch
- 	/* NB: in FIPS mode we are already under a lock */
- 	if (!FIPS_mode())
- #endif
+@@ -382,14 +368,7 @@ int ssleay_rand_bytes(unsigned char *buf
+ 	 * are fed into the hash function and the results are kept in the
+ 	 * global 'md'.
+ 	 */
+-	if (lock)
 -		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
- 
+-
 -	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
 -	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
 -	CRYPTO_THREADID_current(&locking_threadid);
@ -640,40 +641,36 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 
 	/* always poll for external entropy in FIPS mode, drbg provides the 
 	 * expansion
-@@ -467,12 +448,11 @@ static int ssleay_rand_bytes(unsigned ch
+@@ -463,10 +442,8 @@ int ssleay_rand_bytes(unsigned char *buf
 
 	md_count[0] += 1;
 
 -	/* before unlocking, we must clear 'crypto_lock_rand' */
 -	crypto_lock_rand = 0;
- #ifdef OPENSSL_FIPS
- 	if (!FIPS_mode())
- #endif
+-	if (lock)
 -		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +        if (locked)
 +                private_RAND_lock(0);
 
 	while (num > 0)
 		{
-@@ -527,13 +507,15 @@ static int ssleay_rand_bytes(unsigned ch
- #ifdef OPENSSL_FIPS
- 	if (!FIPS_mode())
- #endif
+@@ -518,12 +495,11 @@ int ssleay_rand_bytes(unsigned char *buf
+ 	MD_Init(&m);
+ 	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
+ 	MD_Update(&m,local_md,MD_DIGEST_LENGTH);
+-	if (lock)
 -		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 +        locked = private_RAND_lock(1);
 	MD_Update(&m,md,MD_DIGEST_LENGTH);
 	MD_Final(&m,md);
- #ifdef OPENSSL_FIPS
- 	if (!FIPS_mode())
- #endif
+-	if (lock)
 -		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-+
 +        if (locked)
 +                private_RAND_lock(0);
 
 	EVP_MD_CTX_cleanup(&m);
 	if (ok)
-@@ -563,32 +545,10 @@ static int ssleay_rand_pseudo_bytes(unsi
+@@ -553,32 +529,10 @@ static int ssleay_rand_pseudo_bytes(unsi
 
 static int ssleay_rand_status(void)
 	{
@ -708,7 +705,7 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 	
 	if (!initialized)
 		{
-@@ -598,13 +558,8 @@ static int ssleay_rand_status(void)
+@@ -588,13 +542,8 @@ static int ssleay_rand_status(void)
 
 	ret = entropy >= ENTROPY_NEEDED;
 
@ -724,10 +721,10 @@ Index: openssl-1.0.1g/crypto/rand/md_rand.c
 	
 	return ret;
 	}
-Index: openssl-1.0.1g/crypto/rand/rand.h
+Index: openssl-1.0.1i/crypto/rand/rand.h
 ===================================================================
--- openssl-1.0.1g.orig/crypto/rand/rand.h
-+++ openssl-1.0.1g/crypto/rand/rand.h
+--- openssl-1.0.1i.orig/crypto/rand/rand.h	2014-08-07 16:22:48.586087667 +0200
+++ openssl-1.0.1i/crypto/rand/rand.h	2014-08-07 16:22:49.459098294 +0200
@@ -124,6 +124,8 @@ void RAND_set_fips_drbg_type(int type, i
 int RAND_init_fips(void);
 #endif
@ -737,10 +734,10 @@ Index: openssl-1.0.1g/crypto/rand/rand.h
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
-Index: openssl-1.0.1g/crypto/rand/rand_lcl.h
+Index: openssl-1.0.1i/crypto/rand/rand_lcl.h
 ===================================================================
--- openssl-1.0.1g.orig/crypto/rand/rand_lcl.h
-+++ openssl-1.0.1g/crypto/rand/rand_lcl.h
+--- openssl-1.0.1i.orig/crypto/rand/rand_lcl.h	2014-08-07 16:22:48.586087667 +0200
+++ openssl-1.0.1i/crypto/rand/rand_lcl.h	2014-08-07 16:22:49.459098294 +0200
@@ -112,7 +112,7 @@
 #ifndef HEADER_RAND_LCL_H
 #define HEADER_RAND_LCL_H
@ -750,11 +747,11 @@ Index: openssl-1.0.1g/crypto/rand/rand_lcl.h
 
 
 #if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
-Index: openssl-1.0.1g/crypto/rand/rand_lib.c
+Index: openssl-1.0.1i/crypto/rand/rand_lib.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/rand/rand_lib.c
-+++ openssl-1.0.1g/crypto/rand/rand_lib.c
-@@ -181,6 +181,41 @@ int RAND_status(void)
+--- openssl-1.0.1i.orig/crypto/rand/rand_lib.c	2014-08-07 16:22:48.586087667 +0200
+++ openssl-1.0.1i/crypto/rand/rand_lib.c	2014-08-07 16:22:49.460098306 +0200
+@@ -182,6 +182,41 @@ int RAND_status(void)
 	return 0;
 	}
 
@ -796,7 +793,7 @@ Index: openssl-1.0.1g/crypto/rand/rand_lib.c
 #ifdef OPENSSL_FIPS
 
 /* FIPS DRBG initialisation code. This sets up the DRBG for use by the
-@@ -239,12 +274,16 @@ static int drbg_rand_add(DRBG_CTX *ctx,
+@@ -240,12 +275,16 @@ static int drbg_rand_add(DRBG_CTX *ctx,
 				double entropy)
 	{
 	RAND_SSLeay()->add(in, inlen, entropy);
@ -813,10 +810,10 @@ Index: openssl-1.0.1g/crypto/rand/rand_lib.c
 	return 1;
 	}
 
-Index: openssl-1.0.1g/crypto/rsa/rsa_gen.c
+Index: openssl-1.0.1i/crypto/rsa/rsa_gen.c
 ===================================================================
--- openssl-1.0.1g.orig/crypto/rsa/rsa_gen.c
-+++ openssl-1.0.1g/crypto/rsa/rsa_gen.c
+--- openssl-1.0.1i.orig/crypto/rsa/rsa_gen.c	2014-08-07 16:22:44.906042872 +0200
+++ openssl-1.0.1i/crypto/rsa/rsa_gen.c	2014-08-07 16:22:49.460098306 +0200
@@ -1,5 +1,6 @@
 /* crypto/rsa/rsa_gen.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@ -1084,10 +1081,10 @@ Index: openssl-1.0.1g/crypto/rsa/rsa_gen.c
 	ok=1;
 err:
 	if (ok == -1)
-Index: openssl-1.0.1g/ssl/t1_enc.c
+Index: openssl-1.0.1i/ssl/t1_enc.c
 ===================================================================
--- openssl-1.0.1g.orig/ssl/t1_enc.c
-+++ openssl-1.0.1g/ssl/t1_enc.c
+--- openssl-1.0.1i.orig/ssl/t1_enc.c	2014-08-07 16:22:48.587087679 +0200
+++ openssl-1.0.1i/ssl/t1_enc.c	2014-08-07 16:22:49.460098306 +0200
@@ -291,6 +291,27 @@ static int tls1_PRF(long digest_mask,
 err:
 	return ret;
--- a/openssl-1.0.1h.tar.gz
+++ b/openssl-1.0.1h.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9d1c8a9836aa63e2c6adb684186cbd4371c9e9dcc01d6e3bb447abf2d4d3d093
-size 4475692
--- a/openssl-1.0.1h.tar.gz.asc
+++ b/openssl-1.0.1h.tar.gz.asc
@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iQIcBAABCAAGBQJTkDweAAoJENNXdQf6QOnizlMQAJ/tw6A4s/TMQjiLTapBAJzJ
-b5W2/nOD87oa0HL2aKvTHb0R7RKuvqGR71kgWaPOPJUwyLEWG1SinTeYR0J+yl0K
-5y8TE8p4AwnAEp1JcMfbljl3tkyRXOVqS1idkvcBKBawurL68jfyWWkzZ1D2wZtE
-LEmVm0diQIDSACuisnonE2Q8YvtqV4/imuX4BEZlZ+iNNdL0+NEuLB+xIWSl84lb
-YqM0cXQ09SIZZL+nvO0t5PBNJcQM/6w9TPKDFReQxvhVkdqoWa/o2FfeSgRLNDIu
-gGPTe0cEGUpOYyeC/SbLUOppCsRNBbzWjdRotEOV1GO2dMihZaMZZedJDhAhh5q6
-Z1wctpZGxq/vMIQ669Wayj2OxAtluCjW8GwlaJRi7XfB/fCk1NDFezTL4hhWRhIh
-mvI4oKO7TC2/OhJ2YvNGqYeqNzsIJbszn7bipvbF5KNf0eNtrUoRWsNPia9nRlca
-2yzAxCCx2QtR0PV52/c5Xbfm/Ljxta9ZKgQgAjApz5+YMsap9LyQhklc+r7tETij
-yv3Vf3Xft6n4VtKxHsecebl9VZXsz/hCjHN3PmYI0SLZDZOFBdIYoju2ttspH1pH
-aBXTitvmBUsDIss2fjJJQLX22TgTpTS3FyPb9zlN+ecE/0HJcGIJUAi80i1gldzH
-DQhyf3Qf17vW5g28E7Iv
-=oxkH
-----END PGP SIGNATURE-----
--- a/openssl-1.0.1i.tar.gz
+++ b/openssl-1.0.1i.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7
+size 4422117
--- a/openssl-1.0.1i.tar.gz.asc
+++ b/openssl-1.0.1i.tar.gz.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iQEcBAABAgAGBQJT4pu4AAoJENnE0m0OYESRle0H/A6fmNlUkhJ5NS5/W6HbztKE
+j5xWzecv7HKElr01tleyGkefwg/whBhE1HN0QsFygOR29HFF4dhijjarYj7gh6tR
+rsTGpbi+i0j2355a/BJdisXx9IESQLHeXxIAcGYEyWJKAUPzIHnIq/de+/IU9Luz
+Ck5aNaB2epB8mAyqHD8tkyK52764ngATElsuz9/aSGBSgoNkLXa/3nDEink2ckaD
+fiBftKALEmJy+aaKp3E3PE3rQ02L0UK0hsO9DfOe0SZtFOd1nGF3Pb1DgGvum+R
+RYUXuroGc6D126lK/ThhqZxBOWn+TYmm9g+P15r9nWOUvqvP1Bn2no0AvRvZH30=
+=f6Uy
+-----END PGP SIGNATURE-----
--- a/openssl.changes
+++ b/openssl.changes
@ -1,3 +1,66 @@
+-------------------------------------------------------------------
+Thu Aug 21 15:05:43 UTC 2014 - meissner@suse.com
+
+- openssl.keyring: the 1.0.1i release was done by 
+  Matt Caswell <matt@openssl.org> UK 0E604491
+
+-------------------------------------------------------------------
+Thu Aug 14 10:27:07 UTC 2014 - vcizek@suse.com
+
+- rename README.SuSE (old spelling) to README.SUSE (bnc#889013)
+
+-------------------------------------------------------------------
+Wed Aug 13 17:43:21 UTC 2014 - vcizek@suse.com
+
+- update to 1.0.1i
+  * Fix SRP buffer overrun vulnerability. Invalid parameters passed to the
+    SRP code can be overrun an internal buffer. Add sanity check that
+    g, A, B < N to SRP code.
+    (CVE-2014-3512)
+  * A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate
+    TLS 1.0 instead of higher protocol versions when the ClientHello message
+    is badly fragmented. This allows a man-in-the-middle attacker to force a
+    downgrade to TLS 1.0 even if both the server and the client support a
+    higher protocol version, by modifying the client's TLS records.
+    (CVE-2014-3511)
+  * OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject
+    to a denial of service attack. A malicious server can crash the client
+    with a null pointer dereference (read) by specifying an anonymous (EC)DH
+    ciphersuite and sending carefully crafted handshake messages.
+    (CVE-2014-3510)
+  * By sending carefully crafted DTLS packets an attacker could cause openssl
+    to leak memory. This can be exploited through a Denial of Service attack.
+    (CVE-2014-3507)
+  * An attacker can force openssl to consume large amounts of memory whilst
+    processing DTLS handshake messages. This can be exploited through a
+    Denial of Service attack.
+    (CVE-2014-3506)
+  * An attacker can force an error condition which causes openssl to crash
+    whilst processing DTLS packets due to memory being freed twice. This
+    can be exploited through a Denial of Service attack.
+    (CVE-2014-3505)
+  * If a multithreaded client connects to a malicious server using a resumed
+    session and the server sends an ec point format extension it could write
+    up to 255 bytes to freed memory.
+    (CVE-2014-3509)
+  * A malicious server can crash an OpenSSL client with a null pointer
+    dereference (read) by specifying an SRP ciphersuite even though it was not
+    properly negotiated with the client. This can be exploited through a
+    Denial of Service attack.
+    (CVE-2014-5139)
+  * A flaw in OBJ_obj2txt may cause pretty printing functions such as
+    X509_name_oneline, X509_name_print_ex et al. to leak some information
+    from the stack. Applications may be affected if they echo pretty printing
+    output to the attacker.
+    (CVE-2014-3508)
+  * Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.)
+    for corner cases. (Certain input points at infinity could lead to
+    bogus results, with non-infinity inputs mapped to infinity too.)
+- refreshed patches:
+  * openssl-1.0.1e-new-fips-reqs.patch
+  * 0005-libssl-Hide-library-private-symbols.patch
+    (thanks to Marcus Meissner)
+
 -------------------------------------------------------------------
 Mon Jul 21 10:49:35 UTC 2014 - jengelh@inai.de

--- a/openssl.keyring
+++ b/openssl.keyring
@ -147,3 +147,40 @@ G/cu/anS1ekMIWkC/QyX6xbXi7IedakaL56y7nJRBRmPuETKACSAWkGJ5ojm6BxT
 TInCFx1evwVXM3s6
 =eP1B
 -----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2.0.19 (GNU/Linux)
+
+mQENBFGALsIBCADBkh6zfxbewW2KJjaMaishSrpxuiVaUyvWgpe6Moae7JNCW8ay
+hJbwAtsQ69SGA4gUkyrR6PBvDMVYEiYqZwXB/3IErStESjcu+gkbmsa0XcwHpkE3
+iN7I8aU66yMt710nGEmcrR5E4u4NuNoHtnOBKEh+RCLGp5mo6hwbUYUzG3eUI/zi
+2hLApPpaATXnD3ZkhgtHV3ln3Z16nUWQAdIVToxYhvVno2EQsqe8Q3ifl2Uf0Ypa
+N19BDBrxM3WPOAKbJk0Ab1bjgEadavrFBCOl9CrbThewRGmkOdxJWaVkERXMShlz
+UzjJvKOUEUGOxJCmnfQimPQoCdQyVFLgHfRFABEBAAG0IE1hdHQgQ2Fzd2VsbCA8
+ZnJvZG9AYmFnZ2lucy5vcmc+iQE4BBMBAgAiBQJRgC7CAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRDZxNJtDmBEkWP+B/0SsWSeLGo+viob8935Uirei4Fv
+nzGOUV1w/dgDLSzavmysVxb4q9psp1vj1KEtm18vzZO79AeARGwWTQYGmFmrNRWZ
+2DgbjGyJ4LS5kLBqQ9FaF7vUFtml6R04yx+RTgQTg601XsAjeU8uSarmeZgGVMAI
+nsdMrUc74lJeWKSnovr4IFOdgiU/env19tK355bsfTvb0ksE5Q7wnnoRXdLyNet0
+AWf4ednWDEnRb6cIVDF28URjxH6yIfqAVe7VnuDB4Sfuck4R4gYFS/xGfTgocPUD
+Z4rUz8wleGLwDIiU7GpilmtZTl1FTPkFa/mqbcJgdVTJqLZO5vISJkZvqE5UtB9N
+YXR0IENhc3dlbGwgPG1hdHRAb3BlbnNzbC5vcmc+iQE4BBMBAgAiBQJT3r68AhsD
+BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDZxNJtDmBEkaA9B/9ZRCV36+uq
+3b7JMjotM1NAEb1Fx425pmJGexE5HV4e1Wv045/NU96cJq9xeCHCxjSw8+BIOu8W
+6v0/K67BDzseZ1f5kZ1E/e1JrELi50dsCxm0QbtuBSjO6F9ykL4CHSVncRxybI6R
+glYhNZiBQEQM5Tfuqd7T250MwDY0cu4vz2FP54hnalXDIXJ2Ql+Re2B+sOrdGZmB
+95tUHkRJ1qn8bu3sh7CL3mzICkyP2zBvGeypS2YWvR8KxV0ADyEk+rH3NW5SifSD
+VAzPYiug0f7pZMO3tIZhy6o1qmLOT88l3qDZ7D1ybevcIgA2Ko+CjQyHTadUaBfa
+n29ZxPgzOq4GuQENBFGALsIBCADPZ1CQBKbFQWMCvdjz/TJaNf3rV6eiYASOvLDg
+icU8Mwa208yJXr1UF6lvc3Tgw+jmynIBjbhvhujcJ+eD+jHEaXdncaK/WAPsmiNM
+k+glZ4cbF48HP77kOLQQC+rX7jAF0VSHhFZNtnCpOByQevCJlwgkXckYvRyBOYk6
+2R7BwuLIwLIq4ZXNKPIVN4KpCodhIcGuvlPJczcdOoaBRGcSFUbXqM9Y8whyJhex
+F87RHAyGpjvLnJFSgLimyYBRpFN25LzYFpXPD4MeLUVDSRgtSxOJ2KmkhMHntUqQ
+P1XsIgzm4/ez6Mwkxc0QlAQp0r2gJU56QPdE5zgx+2q/i+WhABEBAAGJAR8EGAEC
+AAkFAlGALsICGwwACgkQ2cTSbQ5gRJELNgf/elwfYchaV/24buNWDa+50gOuXQ4v
+Xfj5DKry6aYnJBt1UeMV1ssMxCU8OltgzTMhTupjrXV1oDXYAxexymWLxwa+qcrb
+SwDD+wX1gb1O2GOfbiplEnOb5dDc7Gkm8eTw0kBJEiAiyPv4SMLhFzm+me4Dq1+x
+dbsvN05hxTjow9pi5eYrFMxYWi1ZNH2UmPpgoIN/4p28G/IN9fdWG5Ni315p3WhL
+HRMzC609IOsCIJsm8+lHVblT30jxpctFVlQBtbDTzgqQLiaTVevlca3VYgMd70D2
+8d186gxUtSEpZ3dKkv+0V8DLhQ6VR/wQ780HKIpFp6UWP5aDxpEoOEwe2g==
+=Q8X3
+-----END PGP PUBLIC KEY BLOCK-----
--- a/openssl.spec
+++ b/openssl.spec
@ -29,7 +29,7 @@ Provides:       ssl
 %ifarch ppc64
 Obsoletes:      openssl-64bit
 %endif
-Version:        1.0.1h
+Version:        1.0.1i
 Release:        0
 Summary:        Secure Sockets and Transport Layer Security
 License:        OpenSSL
@ -42,7 +42,7 @@ Source43:       http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA2D29B7BF295
 # to get mtime of file:
 Source1:        openssl.changes
 Source2:        baselibs.conf
-Source10:       README.SuSE
+Source10:       README.SUSE
 Source11:       README-FIPS.txt
 Patch0:         merge_from_0.9.8k.patch
 Patch1:         openssl-1.0.0-c_rehash-compat.diff
@ -467,7 +467,7 @@ if ! test -f /.buildenv; then rm -rf $RPM_BUILD_ROOT; fi
 %files -f filelist
 %defattr(-, root, root)
 %doc CHANGE* INSTAL* AVAILABLE_CIPHERS
-%doc LICENSE NEWS README README.SuSE README-FIPS.txt
+%doc LICENSE NEWS README README.SUSE README-FIPS.txt
 %dir %{ssletcdir}
 %config (noreplace) %{ssletcdir}/openssl.cnf
 %attr(700,root,root) %{ssletcdir}/private