diff --git a/bswap.diff b/bswap.diff index c16d7f2..fd2e945 100644 --- a/bswap.diff +++ b/bswap.diff @@ -1,11 +1,13 @@ ---- crypto/camellia/cmll_locl.h +Index: crypto/camellia/cmll_locl.h +=================================================================== +--- crypto/camellia/cmll_locl.h.orig +++ crypto/camellia/cmll_locl.h -@@ -107,7 +107,7 @@ - (ct)[3] = (uint8_t)(st); } +@@ -97,7 +97,7 @@ extern "C" { + (ct)[2] = (u8)((st) >> 8); \ + (ct)[3] = (u8)(st); } - #ifdef L_ENDIAN --#if (defined (__GNUC__) && !defined(i386)) -+#if (defined (__GNUC__) && defined(i386)) +-#if (defined (__GNUC__) && (defined(__x86_64__) || defined(__x86_64))) ++#if (defined (__GNUC__) && (defined(__x86_64__) || defined(__x86_64) || defined(i386))) #define CAMELLIA_SWAP4(x) \ do{\ asm("bswap %1" : "+r" (x));\ diff --git a/openssl-0.9.8d-padlock-static.patch b/openssl-0.9.8d-padlock-static.patch deleted file mode 100644 index 1b421d5..0000000 --- a/openssl-0.9.8d-padlock-static.patch +++ /dev/null @@ -1,30 +0,0 @@ -# PadLock engine is never compiled as a shared object although -# OpenSSL sometimes thinks so. This patch fixes the -# initialization sequence so that it works with static PadLock -# again. -# Taken from Fedora Core 5 - -Index: openssl/crypto/engine/eng_all.c -=================================================================== ---- openssl.orig/crypto/engine/eng_all.c -+++ openssl/crypto/engine/eng_all.c -@@ -68,6 +68,9 @@ void ENGINE_load_builtin_engines(void) - #if 0 - ENGINE_load_openssl(); - #endif -+#if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) -+ ENGINE_load_padlock(); -+#endif - ENGINE_load_dynamic(); - #ifndef OPENSSL_NO_STATIC_ENGINE - #ifndef OPENSSL_NO_HW -@@ -95,9 +98,6 @@ void ENGINE_load_builtin_engines(void) - #ifndef OPENSSL_NO_HW_UBSEC - ENGINE_load_ubsec(); - #endif --#ifndef OPENSSL_NO_HW_PADLOCK -- ENGINE_load_padlock(); --#endif - #endif - #if defined(__OpenBSD__) || defined(__FreeBSD__) - ENGINE_load_cryptodev(); diff --git a/openssl-0.9.8d.tar.bz2 b/openssl-0.9.8d.tar.bz2 deleted file mode 100644 index cef2851..0000000 --- a/openssl-0.9.8d.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9c517f6d682b6fc0364738700b4691369580e04db65317a842fa779a1cda4cf8 -size 2655970 diff --git a/openssl-0.9.8e.tar.bz2 b/openssl-0.9.8e.tar.bz2 new file mode 100644 index 0000000..103b4c9 --- /dev/null +++ b/openssl-0.9.8e.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:32b684e086d72446d22b7801cf52a14f183412be3403f5038b3d61cfb619eb62 +size 2675965 diff --git a/openssl-CVE-2006-2940-fixup.patch b/openssl-CVE-2006-2940-fixup.patch deleted file mode 100644 index b6c6ec2..0000000 --- a/openssl-CVE-2006-2940-fixup.patch +++ /dev/null @@ -1,18 +0,0 @@ -Fix for the CVE-2006-2940 fix - -The newly introduced limit on DH modulus size could lead to a crash when -exerted. -This was fixed after the 0.9.8d release in the OpenSSL CVS: -http://cvs.openssl.org/chngview?cn=15607 - ---- crypto/dh/dh_key.c 2005-08-20 20:35:53.000000000 +0200 -+++ crypto/dh/dh_key.c 2006-10-04 13:25:02.000000000 +0200 -@@ -173,7 +173,7 @@ - - static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) - { -- BN_CTX *ctx; -+ BN_CTX *ctx=NULL; - BN_MONT_CTX *mont=NULL; - BIGNUM *tmp; - int ret= -1; diff --git a/openssl-s390-config.diff b/openssl-s390-config.diff index c71a14c..9a0ef5d 100644 --- a/openssl-s390-config.diff +++ b/openssl-s390-config.diff @@ -1,9 +1,9 @@ --- config +++ config 2006/01/16 10:33:01 @@ -591,7 +591,8 @@ - OUT="linux-generic32" ;; - arm*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;; - arm*l-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;; + sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;; + sh*-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;; + m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;; - s390*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN -DNO_ASM" ;; + s390-*-linux2) OUT="linux-s390"; options="$options -DB_ENDIAN -DNO_ASM" ;; + s390x-*-linux2) OUT="linux-s390x"; options="$options -DB_ENDIAN -DNO_ASM" ;; diff --git a/openssl.changes b/openssl.changes index 05bb37a..eb6ac67 100644 --- a/openssl.changes +++ b/openssl.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Tue Mar 6 10:38:10 CET 2007 - mkoenig@suse.de + +- update to version 0.9.8e: + * patches merged upstream: + openssl-CVE-2006-2940-fixup.patch + openssl-0.9.8d-padlock-static.patch + ------------------------------------------------------------------- Tue Jan 9 14:30:28 CET 2007 - mkoenig@suse.de diff --git a/openssl.spec b/openssl.spec index afad817..d9362be 100644 --- a/openssl.spec +++ b/openssl.spec @@ -1,5 +1,5 @@ # -# spec file for package openssl (Version 0.9.8d) +# spec file for package openssl (Version 0.9.8e) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -23,8 +23,8 @@ Provides: ssl Conflicts: ssleay Obsoletes: ssleay Autoreqprov: on -Version: 0.9.8d -Release: 22 +Version: 0.9.8e +Release: 1 Summary: Secure Sockets and Transport Layer Security URL: http://www.openssl.org/ Source: http://www.%{name}.org/source/%{name}-%{version}.tar.bz2 @@ -42,8 +42,6 @@ Patch9: openssl-0.9.6g-alpha.diff Patch11: openssl-s390-config.diff Patch20: openssl-0.9.8a.ca-app-segfault.bug128655.dif Patch21: bswap.diff -Patch22: openssl-CVE-2006-2940-fixup.patch -Patch23: openssl-0.9.8d-padlock-static.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -131,8 +129,6 @@ Authors: %patch11 %patch20 -p1 %patch21 -%patch22 -%patch23 -p1 cp -p %{S:10} . cp -p %{S:20} certs/ cp -p %{S:21} certs/ @@ -337,7 +333,12 @@ if ! test -f /.buildenv; then rm -rf $RPM_BUILD_ROOT; fi %{_libdir}/libcrypto.so.%{num_version} %{_libdir}/engines -%changelog -n openssl +%changelog +* Tue Mar 06 2007 - mkoenig@suse.de +- update to version 0.9.8e: + * patches merged upstream: + openssl-CVE-2006-2940-fixup.patch + openssl-0.9.8d-padlock-static.patch * Tue Jan 09 2007 - mkoenig@suse.de - fix PadLock support [#230823] * Thu Nov 30 2006 - mkoenig@suse.de