1.0.2f release. CVE-2016-0701, CVE-2015-3197 fixes
authorElan Ruusamäe <glen@delfi.ee>
Thu, 28 Jan 2016 18:04:08 +0000 (20:04 +0200)
committerElan Ruusamäe <glen@delfi.ee>
Thu, 28 Jan 2016 18:05:06 +0000 (20:05 +0200)
- DH small subgroups (CVE-2016-0701)
- SSLv2 doesn't block disabled ciphers (CVE-2015-3197)

https://www.openssl.org/news/openssl-1.0.2-notes.html

openssl.spec

index 3b03d0937ab03ffe2f7f6d2a218dff8800eb5c39..21e1a12b9b4072c876b4f1d775e947f16b038515 100644 (file)
@@ -25,15 +25,15 @@ Name:               openssl
 # Version 1.0.2 will be supported until 2019-12-31.
 # https://www.openssl.org/about/releasestrat.html
 Version:       1.0.2f
-Release:       0.1
+Release:       1
 License:       Apache-like
 Group:         Libraries
 %if %{without snap}
 Source0:       ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
+# Source0-md5: b3bf73f507172be9292ea2a8c28b659d
 %else
 Source1:       https://github.com/openssl/openssl/archive/OpenSSL_1_0_2-stable.tar.gz
 %endif
-# Source0-md5: 5262bfa25b60ed9de9f28d5d52d77fc5
 Source2:       %{name}.1.pl
 Source3:       %{name}-ssl-certificate.sh
 Source4:       %{name}-c_rehash.sh
This page took 0.058931 seconds and 4 git commands to generate.