openssl

testing/openssl

SHA256

Fork 0

forked from pool/openssl

Commit Graph

Author	SHA256	Message	Date
Stephan Kulow	94fbf434c7	Accepting request 232889 from Base:System - 0005-libssl-Hide-library-private-symbols.patch Update to hide more symbols that are not part of the public API - openssl-gcc-attributes.patch BUF_memdup also needs attribute alloc_size as it returns memory of size of the second parameter. - openssl-ocloexec.patch Update, accept() also needs O_CLOEXEC. - 0009-Fix-double-frees.patch, 0017-Double-free-in-i2o_ECPublicKey.patch fix various double frees (from upstream) - 012-Fix-eckey_priv_encode.patch eckey_priv_encode should return an error inmediately on failure of i2d_ECPrivateKey (from upstream) - 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch From libressl, modified to work on linux systems that do not have funopen() but fopencookie() instead. Once upon a time, OS didn't have snprintf, which caused openssl to bundle a *printf implementation. We know better nowadays, the glibc implementation has buffer overflow checking, has sane failure modes deal properly with threads, signals..etc.. - build with -fno-common as well. (forwarded request 232752 from elvigia) OBS-URL: https://build.opensuse.org/request/show/232889 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=116	2014-05-09 04:57:35 +00:00
Stephan Kulow	d5a92c035d	Accepting request 229370 from Base:System - update to 1.0.1g: * fix for critical TLS heartbeat read overrun (CVE-2014-0160) (bnc#872299) * Fix for Recovering OpenSSL ECDSA Nonces (CVE-2014-0076) (bnc#869945) * Workaround for the "TLS hang bug" (see FAQ and PR#2771) - remove CVE-2014-0076.patch - openssl.keyring: upstream changed to: pub 4096R/FA40E9E2 2005-03-19 Dr Stephen N Henson <steve@openssl.org> uid Dr Stephen Henson <shenson@drh-consultancy.co.uk> uid Dr Stephen Henson <shenson@opensslfoundation.com> OBS-URL: https://build.opensuse.org/request/show/229370 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=110	2014-04-09 16:17:23 +00:00
Stephan Kulow	11127842fa	Accepting request 185827 from Base:System - 0005-libssl-Hide-library-private-symbols.patch: hide private symbols, this only applies to libssl where it is straightforward to do so as applications should not be using any of the symbols declared/defined in headers that the library does not install. A separate patch MAY be provided in the future for libcrypto where things are much more complicated and threfore requires careful testing. (forwarded request 185819 from elvigia) OBS-URL: https://build.opensuse.org/request/show/185827 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=93	2013-08-04 14:59:21 +00:00

Author

SHA256

Message

Date

Stephan Kulow

94fbf434c7

Accepting request 232889 from Base:System

-  0005-libssl-Hide-library-private-symbols.patch
   Update to hide more symbols that are not part of
   the public API
- openssl-gcc-attributes.patch BUF_memdup also
  needs attribute alloc_size as it returns memory
  of size of the second parameter.
- openssl-ocloexec.patch Update, accept()
  also needs O_CLOEXEC.
- 0009-Fix-double-frees.patch, 0017-Double-free-in-i2o_ECPublicKey.patch
  fix various double frees (from upstream)
- 012-Fix-eckey_priv_encode.patch eckey_priv_encode should 
  return an error inmediately on failure of i2d_ECPrivateKey (from upstream)
- 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch 
  From libressl, modified to work on linux systems that do not have
  funopen() but fopencookie() instead.
  Once upon a time, OS didn't have snprintf, which caused openssl to
  bundle a *printf implementation. We know better nowadays, the glibc
  implementation has buffer overflow checking, has sane failure modes
  deal properly with threads, signals..etc..
 
- build with -fno-common as well. (forwarded request 232752 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/232889
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=116

2014-05-09 04:57:35 +00:00

Stephan Kulow

d5a92c035d

Accepting request 229370 from Base:System

- update to 1.0.1g:
  * fix for critical TLS heartbeat read overrun (CVE-2014-0160) (bnc#872299)
  * Fix for Recovering OpenSSL ECDSA Nonces (CVE-2014-0076) (bnc#869945)
  * Workaround for the "TLS hang bug" (see FAQ and PR#2771)
- remove CVE-2014-0076.patch
- openssl.keyring: upstream changed to:
  pub  4096R/FA40E9E2 2005-03-19 Dr Stephen N Henson <steve@openssl.org>
  uid                            Dr Stephen Henson <shenson@drh-consultancy.co.uk>
  uid                            Dr Stephen Henson <shenson@opensslfoundation.com>

OBS-URL: https://build.opensuse.org/request/show/229370
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=110

2014-04-09 16:17:23 +00:00

Stephan Kulow

11127842fa

Accepting request 185827 from Base:System

- 0005-libssl-Hide-library-private-symbols.patch: hide 
  private symbols, this *only* applies to libssl where
  it is straightforward to do so as applications should
  not be using any of the symbols declared/defined in headers
  that the library does not install.
  A separate patch MAY be provided in the future for libcrypto
  where things are much more complicated and threfore requires
  careful testing. (forwarded request 185819 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/185827
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=93

2013-08-04 14:59:21 +00:00

3 Commits