- Read/write after SSL object in error state (CVE-2017-3737)
- rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
https://www.openssl.org/news/openssl-1.0.2-notes.html
+--- openssl-1.0.2m/util/perlpath.pl~ 2017-10-26 23:34:32.000000000 +0300
++++ openssl-1.0.2m/util/perlpath.pl 2017-11-01 13:08:24.963877348 +0200
+@@ -4,7 +4,7 @@
+ # line in all scripts that rely on perl.
+ #
+
+-require "find.pl";
++require "./find.pl";
+
+ $#ARGV == 0 || print STDERR "usage: perlpath newpath (eg /usr/bin)\n";
+ &find(".");
# 1.0.2 will be LTS release
# Version 1.0.2 will be supported until 2019-12-31.
# https://www.openssl.org/about/releasestrat.html
# 1.0.2 will be LTS release
# Version 1.0.2 will be supported until 2019-12-31.
# https://www.openssl.org/about/releasestrat.html
Release: 1
License: Apache-like
Group: Libraries
%if %{without snap}
Source0: https://www.openssl.org/source/%{name}-%{version}.tar.gz
Release: 1
License: Apache-like
Group: Libraries
%if %{without snap}
Source0: https://www.openssl.org/source/%{name}-%{version}.tar.gz
-# Source0-md5: 10e9e37f492094b9ef296f68f24a7666
+# Source0-md5: 13bdc1b1d1ff39b6fd42a255e74676a4
%else
Source1: https://github.com/openssl/openssl/archive/OpenSSL_1_0_2-stable/%{name}-%{version}-dev.tar.gz
# Source1-md5: 6b846f8a4f55f5ddfa1e0d335241840a
%else
Source1: https://github.com/openssl/openssl/archive/OpenSSL_1_0_2-stable/%{name}-%{version}-dev.tar.gz
# Source1-md5: 6b846f8a4f55f5ddfa1e0d335241840a
-PERL5LIB=$(pwd) %{__perl} util/perlpath.pl %{__perl}
+%{__perl} util/perlpath.pl %{__perl}
OPTFLAGS="%{rpmcflags} %{rpmcppflags} %{?with_purify:-DPURIFY}" \
PERL="%{__perl}" \
OPTFLAGS="%{rpmcflags} %{rpmcppflags} %{?with_purify:-DPURIFY}" \
PERL="%{__perl}" \