testing/openssl
SHA256
3
0
Fork 0
forked from pool/openssl
Code Pull Requests Activity
109 Commits 2 Branches 0 Tags 2.5 MiB
66d6e48709
Commit Graph

4 Commits

Author SHA256 Message Date
Stephan Kulow
66d6e48709 Accepting request 236989 from Base:System 
NOTE: 

I submitted perl-Net-SSLeay 1.64 update to devel:languages:perl which
fixes its regression.



- updated openssl to 1.0.1h (bnc#880891):
  - CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
    handshake can force the use of weak keying material in OpenSSL
    SSL/TLS clients and servers.
  - CVE-2014-0221: Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
    OpenSSL DTLS client the code can be made to recurse eventually crashing
    in a DoS attack.
  - CVE-2014-0195: Fix DTLS invalid fragment vulnerability. A buffer
    overrun attack can be triggered by sending invalid DTLS fragments to
    an OpenSSL DTLS client or server. This is potentially exploitable to
    run arbitrary code on a vulnerable client or server.
  - CVE-2014-3470: Fix bug in TLS code where clients enable anonymous
    ECDH ciphersuites are subject to a denial of service attack.
- openssl-buffreelistbug-aka-CVE-2010-5298.patch: removed, upstream
- CVE-2014-0198.patch: removed, upstream
- 0009-Fix-double-frees.patch: removed, upstream
- 0012-Fix-eckey_priv_encode.patch: removed, upstream
- 0017-Double-free-in-i2o_ECPublicKey.patch: removed, upstream
- 0018-fix-coverity-issues-966593-966596.patch: removed, upstream
- 0020-Initialize-num-properly.patch: removed, upstream
- 0022-bignum-allow-concurrent-BN_MONT_CTX_set_locked.patch: removed, upstream
- 0023-evp-prevent-underflow-in-base64-decoding.patch: removed, upstream
- 0024-Fixed-NULL-pointer-dereference-in-PKCS7_dataDecode-r.patch: removed, upstream
- 0025-fix-coverity-issue-966597-error-line-is-not-always-i.patch: removed, upstream
- 0001-libcrypto-Hide-library-private-symbols.patch: disabled heartbeat testcase
- openssl-1.0.1c-ipv6-apps.patch: refreshed
- openssl-fix-pod-syntax.diff: some stuff merged upstream, refreshed

- Added new SUSE default cipher suite
  openssl-1.0.1e-add-suse-default-cipher.patch

OBS-URL: https://build.opensuse.org/request/show/236989
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=118
 2014-06-18 05:47:41 +00:00
Stephan Kulow
d5a92c035d Accepting request 229370 from Base:System 
- update to 1.0.1g:
  * fix for critical TLS heartbeat read overrun (CVE-2014-0160) (bnc#872299)
  * Fix for Recovering OpenSSL ECDSA Nonces (CVE-2014-0076) (bnc#869945)
  * Workaround for the "TLS hang bug" (see FAQ and PR#2771)
- remove CVE-2014-0076.patch
- openssl.keyring: upstream changed to:
  pub  4096R/FA40E9E2 2005-03-19 Dr Stephen N Henson <steve@openssl.org>
  uid                            Dr Stephen Henson <shenson@drh-consultancy.co.uk>
  uid                            Dr Stephen Henson <shenson@opensslfoundation.com>

OBS-URL: https://build.opensuse.org/request/show/229370
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=110
 2014-04-09 16:17:23 +00:00
Stephan Kulow
bcd15fd76a Accepting request 213629 from Base:System 
Remove GCC option -O3 for compiliation issue of ARM version; Modify: openssl.spec (forwarded request 213627 from shawn2012)

OBS-URL: https://build.opensuse.org/request/show/213629
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=107
 2014-01-17 10:05:16 +00:00
Stephan Kulow
24a6c5b091 Accepting request 180215 from Base:System 
- pick openssl-fix-pod-syntax.diff out of the upstream RT to fix
  build with perl 5.18 (forwarded request 180092 from coolo)

OBS-URL: https://build.opensuse.org/request/show/180215
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=89
 2013-06-25 05:43:23 +00:00