packages/openssl.git
2 years agoup to OpenSSL 1.0.2h [3 May 2016] auto/ac/openssl-1.0.2h-1 auto/th/openssl-1.0.2h-1
Elan Ruusamäe [Tue, 3 May 2016 17:11:33 +0000 (20:11 +0300)]
up to OpenSSL 1.0.2h [3 May 2016]

- Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
- Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
- Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
- Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
- EBCDIC overread (CVE-2016-2176)
- Modify behavior of ALPN to invoke callback after SNI/servername callback, such that updates to the SSL_CTX affect ALPN.
- Remove LOW from the DEFAULT cipher list. This removes singles DES from the default.
- Only remove the SSLv2 methods with the no-ssl2-method option.

Merge branch 'dev-1.0.2h'

2 years agoup to 1.0.2h snap
Elan Ruusamäe [Thu, 28 Apr 2016 15:48:25 +0000 (18:48 +0300)]
up to 1.0.2h snap

The release will be made available on 3rd May 2016 between approximately
1200-1500 UTC. It will fix several security defects with maximum
severity "high".

2 years agodrop conflicts auto/th/openssl-1.0.2g-8
Elan Ruusamäe [Sat, 5 Mar 2016 22:21:23 +0000 (00:21 +0200)]
drop conflicts

sslv2 restored

2 years ago- rebuild with sslv2 support auto/ac/openssl-1.0.2g-7 auto/th/openssl-1.0.2g-7
Elan Ruusamäe [Sat, 5 Mar 2016 19:42:01 +0000 (21:42 +0200)]
- rebuild with sslv2 support
- release 7 (by relup.sh)

2 years agobconds were fixed in 2a82d45
Elan Ruusamäe [Sat, 5 Mar 2016 13:14:27 +0000 (15:14 +0200)]
bconds were fixed in 2a82d45

2 years ago- fixed bcond ssl2/ssl3 to force build with SSLv2/SSLv3 support
Adam Osuchowski [Sat, 5 Mar 2016 13:02:23 +0000 (14:02 +0100)]
- fixed bcond ssl2/ssl3 to force build with SSLv2/SSLv3 support

2 years agosslv2 bcond likely doesn't work after 1.0.2g
Elan Ruusamäe [Fri, 4 Mar 2016 22:33:35 +0000 (00:33 +0200)]
sslv2 bcond likely doesn't work after 1.0.2g

2 years agoqt4 QtNetwork rebuild
Elan Ruusamäe [Fri, 4 Mar 2016 22:33:13 +0000 (00:33 +0200)]
qt4 QtNetwork rebuild

2 years agopython3 rebuild auto/th/openssl-1.0.2g-6
Elan Ruusamäe [Fri, 4 Mar 2016 08:15:45 +0000 (10:15 +0200)]
python3 rebuild

2 years agopython2 rebuild
Elan Ruusamäe [Fri, 4 Mar 2016 08:12:19 +0000 (10:12 +0200)]
python2 rebuild

2 years ago- release 5 (by relup.sh) auto/th/openssl-1.0.2g-5
Elan Ruusamäe [Thu, 3 Mar 2016 15:54:20 +0000 (17:54 +0200)]
- release 5 (by relup.sh)

2 years agocurl rebuild
Elan Ruusamäe [Thu, 3 Mar 2016 12:09:30 +0000 (14:09 +0200)]
curl rebuild

configure:29155: checking for curl_easy_perform in -lcurl
configure:29180: ccache gcc -o conftest -O2 -fwrapv -pipe -Wformat -Werror=format-security -gdwarf-4 -fno-debug-types-section -fvar-tracking-assignments -g2 -Wp,-D_FORTIFY_SOURCE=2
/usr/lib/gcc/i686-pld-linux/5.3.0/../../../libcurl.so: undefined reference to `SSLv2_client_method'
collect2: error: ld returned 1 exit status

altho this dependency is compile time, it's easier to mark it here than
all rebuilt programs that link with curl (php55-openssl, php56-openssl, ...)

2 years agophp 5.4 rebuild needed
Elan Ruusamäe [Thu, 3 Mar 2016 12:01:42 +0000 (14:01 +0200)]
php 5.4 rebuild needed

2 years agofix php versions
Elan Ruusamäe [Thu, 3 Mar 2016 11:59:26 +0000 (13:59 +0200)]
fix php versions

2 years agophp 5.2 rebuild needed
Elan Ruusamäe [Thu, 3 Mar 2016 11:57:12 +0000 (13:57 +0200)]
php 5.2 rebuild needed

$ php52 -m
PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php52/openssl.so' - /usr/lib/php52/openssl.so: undefined symbol: SSLv2_server_method in Unknown on line 0

2 years agophp 5.6 rebuild needed
Elan Ruusamäe [Thu, 3 Mar 2016 11:54:15 +0000 (13:54 +0200)]
php 5.6 rebuild needed

oot@jenkins httpd/modules#
$ php56 -m
PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php56/openssl.so' - /usr/lib/php56/openssl.so: undefined symbol: SSLv2_client_method in Unknown on line 0

2 years agophp rebuild
Elan Ruusamäe [Thu, 3 Mar 2016 11:51:19 +0000 (13:51 +0200)]
php rebuild

$ php55 -m
PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php55/openssl.so' - /usr/lib/php55/openssl.so: undefined symbol: SSLv2_server_method in Unknown on line 0

2 years agophp 5.3 rebuild needed
Elan Ruusamäe [Thu, 3 Mar 2016 11:47:52 +0000 (13:47 +0200)]
php 5.3 rebuild needed

$ php -m
PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php53/openssl.so' - /usr/lib/php53/openssl.so: undefined symbol: SSLv2_server_method in Unknown on line 0

2 years agomod_ssl epoch auto/th/openssl-1.0.2g-4
Elan Ruusamäe [Wed, 2 Mar 2016 14:25:38 +0000 (16:25 +0200)]
mod_ssl epoch

2 years agoapache 2.2 bump auto/th/openssl-1.0.2g-3
Elan Ruusamäe [Wed, 2 Mar 2016 14:22:51 +0000 (16:22 +0200)]
apache 2.2 bump

https://github.com/pld-linux/apache/commit/0bc39fbc11debf1f75be420bf6886097f802bf32

2 years agorequire rebuilt ruby auto/th/openssl-1.0.2g-2
Elan Ruusamäe [Wed, 2 Mar 2016 13:21:10 +0000 (15:21 +0200)]
require rebuilt ruby

/usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require': /usr/lib64/ruby/2.0/openssl.so: undefined symbol: SSLv2_method - /usr/lib64/ruby/2.0/openssl.so (LoadError)
        from /usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require'
        from /usr/share/ruby/2.0/openssl.rb:17:in `<top (required)>'
        from /usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require'
        from /usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require'
        from /usr/share/ruby/2.0/net/https.rb:22:in `<top (required)>'
        from /usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require'

2 years agoup to 1.0.2g, "DROWN" CVE-2016-0800 and "Cachebleed" auto/ac/openssl-1.0.2g-1 auto/th/openssl-1.0.2g-1
Elan Ruusamäe [Wed, 2 Mar 2016 10:46:00 +0000 (12:46 +0200)]
up to 1.0.2g, "DROWN" CVE-2016-0800 and "Cachebleed"

Merge branch '1.0.2g'

2 years agoup to 1.0.2g snapshot
Elan Ruusamäe [Thu, 25 Feb 2016 19:43:13 +0000 (21:43 +0200)]
up to 1.0.2g snapshot

x32 patch is probably outdated

2 years agoMerge branch 'mrcage-patch-1' auto/th/openssl-1.0.2f-2
Elan Ruusamäe [Thu, 4 Feb 2016 21:26:18 +0000 (23:26 +0200)]
Merge branch 'mrcage-patch-1'

2 years agoAdded support for *.cer *.crt *.crl to c_rehash
Nicolas Perrenoud [Thu, 4 Feb 2016 18:18:24 +0000 (19:18 +0100)]
Added support for *.cer *.crt *.crl to c_rehash

This is aimed to keep the functionality in sync with OpenSSL 1.0.2

See https://www.openssl.org/docs/man1.0.2/apps/c_rehash.html

2 years agoMerge branch 'private-perms' auto/ac/openssl-1.0.2f-1 auto/th/openssl-1.0.2f-1
Elan Ruusamäe [Thu, 28 Jan 2016 18:10:50 +0000 (20:10 +0200)]
Merge branch 'private-perms'

2 years agoMerge branch 'dev-1.0.2f'
Elan Ruusamäe [Thu, 28 Jan 2016 18:09:26 +0000 (20:09 +0200)]
Merge branch 'dev-1.0.2f'

2 years ago1.0.2f release. CVE-2016-0701, CVE-2015-3197 fixes
Elan Ruusamäe [Thu, 28 Jan 2016 18:04:08 +0000 (20:04 +0200)]
1.0.2f release. CVE-2016-0701, CVE-2015-3197 fixes

- DH small subgroups (CVE-2016-0701)
- SSLv2 doesn't block disabled ciphers (CVE-2015-3197)

https://www.openssl.org/news/openssl-1.0.2-notes.html

2 years agotest build upcoming 1.0.2f
Elan Ruusamäe [Mon, 25 Jan 2016 22:08:52 +0000 (00:08 +0200)]
test build upcoming 1.0.2f

the release is to be made somewhere in:
php -r 'echo strftime("%x %X%z\n", strtotime("28 jan 2016 1:00 pm utc"));'

2 years agoupdate ca-certificates dep, recovered from 9afa51db
Elan Ruusamäe [Thu, 21 Jan 2016 11:11:56 +0000 (13:11 +0200)]
update ca-certificates dep, recovered from 9afa51db

3 years agodoc files were removed on purpose auto/ac/openssl-1.0.2e-1
Elan Ruusamäe [Thu, 3 Dec 2015 20:10:13 +0000 (22:10 +0200)]
doc files were removed on purpose

https://github.com/openssl/openssl/issues/491#issuecomment-161755535

3 years agothird error was from pld specific man-namespace patch
Elan Ruusamäe [Thu, 3 Dec 2015 20:07:39 +0000 (22:07 +0200)]
third error was from pld specific man-namespace patch

https://github.com/openssl/openssl/issues/491#issuecomment-161766747

dropping that chunk, as rpm build macros convert symlinks to man links
in post process anyway

3 years agorepackaged tarball fixed two issues, but not the third one
Elan Ruusamäe [Thu, 3 Dec 2015 19:38:10 +0000 (21:38 +0200)]
repackaged tarball fixed two issues, but not the third one

https://github.com/openssl/openssl/issues/491

3 years agofix for missing bctest auto/th/openssl-1.0.2e-1
Elan Ruusamäe [Thu, 3 Dec 2015 18:36:17 +0000 (20:36 +0200)]
fix for missing bctest

https://github.com/openssl/openssl/issues/493

3 years agodoc/openssl_button.gif doc/openssl_button.html are missing as well
Elan Ruusamäe [Thu, 3 Dec 2015 18:21:04 +0000 (20:21 +0200)]
doc/openssl_button.gif doc/openssl_button.html are missing as well

damn buggy release it is

but not sure if intentional, so commenting them out for now.

3 years agohack for pod2man test
Elan Ruusamäe [Thu, 3 Dec 2015 18:20:37 +0000 (20:20 +0200)]
hack for pod2man test

https://github.com/openssl/openssl/issues/490

3 years agopod2man tool missing
Elan Ruusamäe [Thu, 3 Dec 2015 18:09:28 +0000 (20:09 +0200)]
pod2man tool missing

https://github.com/openssl/openssl/issues/490

3 years agohack a fix for packaging error
Elan Ruusamäe [Thu, 3 Dec 2015 18:04:53 +0000 (20:04 +0200)]
hack a fix for packaging error

https://github.com/openssl/openssl/issues/491

however build still fails for :

make[1]: *** No rule to make target 'bctest', needed by 'test_bn'.  Stop.

and then:

/bin/sh: ./pod2mantest: not found

3 years agoup to 1.0.2e, fails to build on carme jpaketest.c
Elan Ruusamäe [Thu, 3 Dec 2015 17:44:15 +0000 (19:44 +0200)]
up to 1.0.2e, fails to build on carme jpaketest.c

3 years ago- release 5 (by relup.sh) auto/th/openssl-1.0.2d-5
Elan Ruusamäe [Fri, 4 Sep 2015 11:17:38 +0000 (14:17 +0300)]
- release 5 (by relup.sh)

3 years agoupdate conflict for neon on ac
Elan Ruusamäe [Fri, 4 Sep 2015 11:16:48 +0000 (14:16 +0300)]
update conflict for neon on ac

3 years agoadd ntpd conflict
Elan Ruusamäe [Fri, 28 Aug 2015 09:04:16 +0000 (12:04 +0300)]
add ntpd conflict

see
https://github.com/pld-linux/ntp/commit/6a22ef3dfdfc575e06af5df4eaef25a4c546f257

3 years agoadd missing openssh-clients dependency update auto/ac/openssl-1.0.2d-3
Elan Ruusamäe [Mon, 17 Aug 2015 12:14:16 +0000 (15:14 +0300)]
add missing openssh-clients dependency update

3 years agoupdate openssh conflict for ac auto/ac/openssl-1.0.2d-2
Elan Ruusamäe [Mon, 17 Aug 2015 08:13:10 +0000 (11:13 +0300)]
update openssh conflict for ac

3 years agoadd LTS note auto/ac/openssl-1.0.2d-1
Elan Ruusamäe [Sun, 9 Aug 2015 11:00:53 +0000 (14:00 +0300)]
add LTS note

3 years ago- up to 1.0.2d; fixes CVE-2015-1793/high auto/th/openssl-1.0.2d-1
Arkadiusz Miśkiewicz [Thu, 9 Jul 2015 13:59:00 +0000 (15:59 +0200)]
- up to 1.0.2d; fixes CVE-2015-1793/high

3 years ago- up to 1.0.2c auto/th/openssl-1.0.2c-1
Arkadiusz Miśkiewicz [Sat, 13 Jun 2015 07:28:24 +0000 (09:28 +0200)]
- up to 1.0.2c

3 years ago- updated optflags patch
Jakub Bogusz [Fri, 12 Jun 2015 17:22:26 +0000 (19:22 +0200)]
- updated optflags patch

3 years agoadd comment what optflags does
Elan Ruusamäe [Thu, 11 Jun 2015 19:38:39 +0000 (22:38 +0300)]
add comment what optflags does

from fc48a532a33e2694f46765f137c584f9fbde718f

3 years agodrop obsolete cpuid.patch
Elan Ruusamäe [Thu, 11 Jun 2015 19:34:51 +0000 (22:34 +0300)]
drop obsolete cpuid.patch

3 years agoup to 1.0.2b; fixes for CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792...
Elan Ruusamäe [Thu, 11 Jun 2015 15:24:29 +0000 (18:24 +0300)]
up to 1.0.2b; fixes for CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791

3 years ago- up to 1.0.2a auto/th/openssl-1.0.2a-1
Adam Osuchowski [Fri, 20 Mar 2015 13:58:57 +0000 (14:58 +0100)]
- up to 1.0.2a

3 years agostddef.patch applied upstream (order is irrelevant)
Elan Ruusamäe [Fri, 20 Mar 2015 12:09:46 +0000 (14:09 +0200)]
stddef.patch applied upstream (order is irrelevant)

3 years ago- elevated x32 patch to hackery auto/th/openssl-1.0.2-3
Jan Rękorajski [Fri, 27 Feb 2015 20:18:33 +0000 (21:18 +0100)]
- elevated x32 patch to hackery
- rel 3

3 years ago- x32 rebuild auto/th/openssl-1.0.2-2
Jan Rękorajski [Tue, 24 Feb 2015 21:18:37 +0000 (22:18 +0100)]
- x32 rebuild
- release 2 (by relup.sh)

3 years ago- up to 1.0.2
Adam Osuchowski [Sat, 31 Jan 2015 02:32:36 +0000 (03:32 +0100)]
- up to 1.0.2
- removed unnecessary patches and renumbered remaining

3 years agoup to 1.0.1l
Elan Ruusamäe [Thu, 15 Jan 2015 20:26:13 +0000 (22:26 +0200)]
up to 1.0.1l

Build fixes for the Windows and OpenVMS platforms

3 years agoup to 1.0.1k, fixes for CVE-2014-3571 CVE-2015-0206 CVE-2014-3569 CVE-2014-3572 CVE... auto/ac/openssl-1.0.1k-1 auto/th/openssl-1.0.1k-1
Elan Ruusamäe [Fri, 9 Jan 2015 09:35:56 +0000 (11:35 +0200)]
up to 1.0.1k, fixes for CVE-2014-3571 CVE-2015-0206 CVE-2014-3569 CVE-2014-3572 CVE-2015-0204 CVE-2015-0205 CVE-2014-8275 CVE-2014-3570

3 years agofix gcc -E not dumping output with .s ext, works with .S auto/ac/openssl-1.0.1j-3
Elan Ruusamäe [Thu, 1 Jan 2015 21:02:56 +0000 (23:02 +0200)]
fix gcc -E not dumping output with .s ext, works with .S

3 years ago3a24c9cc conflicts don't apply for ac
Elan Ruusamäe [Wed, 31 Dec 2014 12:28:04 +0000 (14:28 +0200)]
3a24c9cc conflicts don't apply for ac

3 years ago- add x32 support
Jan Rękorajski [Mon, 22 Dec 2014 20:38:18 +0000 (20:38 +0000)]
- add x32 support

4 years ago- rel 3 then auto/th/openssl-1.0.1j-3
Arkadiusz Miśkiewicz [Tue, 21 Oct 2014 12:49:10 +0000 (14:49 +0200)]
- rel 3 then

4 years ago- zlib, sslv2 and sslv3 enabled by default
Adam Osuchowski [Tue, 21 Oct 2014 12:46:56 +0000 (14:46 +0200)]
- zlib, sslv2 and sslv3 enabled by default

4 years ago- fix bconds
Arkadiusz Miśkiewicz [Tue, 21 Oct 2014 12:27:08 +0000 (14:27 +0200)]
- fix bconds

4 years agosslv2/sslv3/zlib bconds; discussion about their default state in progress on devel...
Arkadiusz Miśkiewicz [Tue, 21 Oct 2014 12:19:48 +0000 (14:19 +0200)]
sslv2/sslv3/zlib bconds; discussion about their default state in progress on devel lists

4 years ago- rel 2; disable unsecure protocols auto/th/openssl-1.0.1j-2
Arkadiusz Miśkiewicz [Mon, 20 Oct 2014 17:45:36 +0000 (19:45 +0200)]
- rel 2; disable unsecure protocols
(zlib: CRIME attack; SSLv2: uses md5; SSLv3: POODLE)
- enable enable-ec_nistp_64_gcc_128 on x86_64

4 years ago- handle unpackaged man files
Jakub Bogusz [Fri, 17 Oct 2014 16:11:22 +0000 (18:11 +0200)]
- handle unpackaged man files

4 years agoreport unpackaged files
Elan Ruusamäe [Wed, 15 Oct 2014 19:56:21 +0000 (22:56 +0300)]
report unpackaged files

4 years agoup to OpenSSL 1.0.1j [15 Oct 2014]: auto/th/openssl-1.0.1j-1
Elan Ruusamäe [Wed, 15 Oct 2014 19:42:51 +0000 (22:42 +0300)]
up to OpenSSL 1.0.1j [15 Oct 2014]:
- Fix for CVE-2014-3513
- Fix for CVE-2014-3567
- Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
- Fix for CVE-2014-3568

4 years ago- rel 2; add support for TLS_FALLBACK_SCSV which should help mitigate latest SSLv3... auto/th/openssl-1.0.1i-2
Arkadiusz Miśkiewicz [Wed, 15 Oct 2014 04:49:05 +0000 (06:49 +0200)]
- rel 2; add support for TLS_FALLBACK_SCSV which should help mitigate latest SSLv3 SECURITY issue (CVE-2014-3566)

4 years ago- up to 1.0.1i auto/th/openssl-1.0.1i-1
Elan Ruusamäe [Thu, 7 Aug 2014 07:17:56 +0000 (10:17 +0300)]
- up to 1.0.1i
- fixes for CVE-2014-3512 CVE-2014-3511 CVE-2014-3510 CVE-2014-3507
  CVE-2014-3506 CVE-2014-3505 CVE-2014-3509 CVE-2014-5139 CVE-2014-3508

4 years ago- up to 1.0.1h; fixes: auto/th/openssl-1.0.1h-1
Arkadiusz Miśkiewicz [Thu, 5 Jun 2014 16:20:47 +0000 (18:20 +0200)]
- up to 1.0.1h; fixes:
 * SSL/TLS MITM vulnerability (CVE-2014-0224)
 * DTLS recursion flaw (CVE-2014-0221)
 * DTLS invalid fragment vulnerability (CVE-2014-0195)
 * SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
 * SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
 * Anonymous ECDH denial of service (CVE-2014-3470)

4 years ago- wrong patch...
Andrzej Zawadzki [Mon, 28 Apr 2014 12:07:27 +0000 (14:07 +0200)]
- wrong patch...

4 years ago- wrrr rel up...
Andrzej Zawadzki [Mon, 28 Apr 2014 11:24:52 +0000 (13:24 +0200)]
- wrrr rel up...

4 years ago- add patch from upstream
Andrzej Zawadzki [Mon, 28 Apr 2014 11:19:42 +0000 (13:19 +0200)]
- add patch from upstream
https://rt.openssl.org/Ticket/Display.html?id=3265
and fix:
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d1f4b0f3d262edf1cf7023a01d5404945035d5

4 years ago- up to 1.0.1g; fixes CVE-2014-0160, CVE-2014-0076 auto/th/openssl-1.0.1g-1
Arkadiusz Miśkiewicz [Mon, 7 Apr 2014 20:33:47 +0000 (22:33 +0200)]
- up to 1.0.1g; fixes CVE-2014-0160, CVE-2014-0076

4 years ago- up to 1.0.1f; fixes CVE-2013-4353, CVE-2013-6449, CVE-2013-6450 auto/th/openssl-1.0.1f-1
Arkadiusz Miśkiewicz [Sun, 19 Jan 2014 00:20:56 +0000 (01:20 +0100)]
- up to 1.0.1f; fixes CVE-2013-4353, CVE-2013-6449, CVE-2013-6450

5 years agokeep /etc/openssl/private dir private
Elan Ruusamäe [Wed, 25 Sep 2013 10:25:08 +0000 (13:25 +0300)]
keep /etc/openssl/private dir private

5 years agoconflict on packages not having strict openssl dependency auto/th/openssl-1.0.1e-3
Elan Ruusamäe [Thu, 30 May 2013 09:06:06 +0000 (12:06 +0300)]
conflict on packages not having strict openssl dependency

5 years ago- rel 2; add debian fixes auto/th/openssl-1.0.1e-2
Arkadiusz Miśkiewicz [Fri, 17 May 2013 07:10:45 +0000 (09:10 +0200)]
- rel 2; add debian fixes

5 years ago- cleanup (drop Titanium stuff)
Marcin Krol [Tue, 23 Apr 2013 11:01:18 +0000 (11:01 +0000)]
- cleanup (drop Titanium stuff)

5 years ago- -j1 also for make install
Jakub Bogusz [Tue, 12 Feb 2013 16:55:10 +0000 (17:55 +0100)]
- -j1 also for make install

5 years ago- updated to 1.0.0e (fixes CVE-2012-2686 CVE-2013-0166 CVE-2013-0169) auto/th/openssl-1.0.1e-1
Jakub Bogusz [Tue, 12 Feb 2013 16:30:18 +0000 (17:30 +0100)]
- updated to 1.0.0e (fixes CVE-2012-2686 CVE-2013-0166 CVE-2013-0169)

5 years ago- fixed and updated optflags patch
Jakub Bogusz [Mon, 14 Jan 2013 19:53:10 +0000 (20:53 +0100)]
- fixed and updated optflags patch
- running perlpath.pl and passing PERL to Configure is enough, no need to replace /usr/local/bin/perl manually

5 years ago- up to 1.0.1c
Arkadiusz Miśkiewicz [Sun, 13 Jan 2013 14:49:27 +0000 (15:49 +0100)]
- up to 1.0.1c

6 years ago/var/lib/openssl -> /etc/openssl trigger improvements from AC-branch
Elan Ruusamäe [Sun, 2 Sep 2012 10:05:03 +0000 (13:05 +0300)]
/var/lib/openssl -> /etc/openssl trigger improvements from AC-branch

6 years ago- up to 1.0.0j, fixes CVE-2012-2333 auto/th/openssl-1_0_0j-1 auto/ti/openssl-1.0.0j-1
Jan Rękorajski [Fri, 11 May 2012 09:18:53 +0000 (09:18 +0000)]
- up to 1.0.0j, fixes CVE-2012-2333

Changed files:
    openssl.spec -> 1.241

6 years ago- up to 1.0.0i; fixes CVE-2012-2110 auto/th/openssl-1_0_0i-1
Kacper Kornet [Thu, 19 Apr 2012 15:35:47 +0000 (15:35 +0000)]
- up to 1.0.0i; fixes CVE-2012-2110

Changed files:
    openssl.spec -> 1.240

6 years ago- updated to 1.0.0h (fixes CVE-2012-0884 CVE-2011-4619) auto/th/openssl-1_0_0h-1
Jakub Bogusz [Thu, 15 Mar 2012 17:10:26 +0000 (17:10 +0000)]
- updated to 1.0.0h (fixes CVE-2012-0884 CVE-2011-4619)

Changed files:
    openssl.spec -> 1.239

6 years ago- updated to 1.0.0g auto/th/openssl-1_0_0g-1
Jakub Bogusz [Fri, 20 Jan 2012 21:06:08 +0000 (21:06 +0000)]
- updated to 1.0.0g

Changed files:
    openssl.spec -> 1.238

6 years ago- release 2 auto/th/openssl-1_0_0f-2
Arkadiusz Miśkiewicz [Tue, 10 Jan 2012 07:59:33 +0000 (07:59 +0000)]
- release 2

Changed files:
    openssl.spec -> 1.237

6 years ago- updated to 1.0.0f auto/th/openssl-1_0_0f-1
Adam Gołębiowski [Fri, 6 Jan 2012 14:49:58 +0000 (14:49 +0000)]
- updated to 1.0.0f
- solves CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577,
  CVE-2011-4619, CVE-2012-0027)

Changed files:
    openssl.spec -> 1.236

6 years ago- up to 1.0.0e (fixes CVE-2011-3207, CVE-2011-3210, EC timming attacs) auto/th/openssl-1_0_0e-1 auto/ti/openssl-1_0_0e-1
Arkadiusz Miśkiewicz [Tue, 6 Sep 2011 17:00:02 +0000 (17:00 +0000)]
- up to 1.0.0e (fixes CVE-2011-3207, CVE-2011-3210, EC timming attacs)

Changed files:
    openssl.spec -> 1.235

6 years ago- tsget is perl script auto/th/openssl-1_0_0d-3
Elan Ruusamäe [Sat, 27 Aug 2011 12:22:49 +0000 (12:22 +0000)]
- tsget is perl script

Changed files:
    openssl.spec -> 1.234

6 years ago- rel 2; enable zlib/camelia auto/th/openssl-1_0_0d-2
Arkadiusz Miśkiewicz [Wed, 6 Jul 2011 15:52:54 +0000 (15:52 +0000)]
- rel 2; enable zlib/camelia

Changed files:
    openssl.spec -> 1.233

6 years ago- up to 1.0.0d auto/th/openssl-1_0_0d-1 auto/ti/openssl-1_0_0d-1
pawelz [Wed, 9 Feb 2011 00:56:50 +0000 (00:56 +0000)]
- up to 1.0.0d
- fixes CVE-2011-0014

Changed files:
    openssl.spec -> 1.232

6 years ago- up to 1.0.0c (fixes CVE-2010-4180, CVE-2010-4252, corrects fix for CVE-2010-3864) auto/th/openssl-1_0_0c-1 auto/ti/openssl-1_0_0c-1
Arkadiusz Miśkiewicz [Fri, 3 Dec 2010 18:45:25 +0000 (18:45 +0000)]
- up to 1.0.0c (fixes CVE-2010-4180, CVE-2010-4252, corrects fix for CVE-2010-3864)

Changed files:
    openssl-tls.patch -> 1.2
    openssl.spec -> 1.231

6 years ago- added CVE reference in last changelog entry
hawk [Fri, 19 Nov 2010 10:55:26 +0000 (10:55 +0000)]
- added CVE reference in last changelog entry

Changed files:
    openssl.spec -> 1.230

6 years ago- up to 1.0.0b + fix that makes test suite pass auto/th/openssl-1_0_0b-1 auto/ti/openssl-1_0_0b-1
Arkadiusz Miśkiewicz [Wed, 17 Nov 2010 18:14:54 +0000 (18:14 +0000)]
- up to 1.0.0b + fix that makes test suite pass

Changed files:
    openssl-tls.patch -> 1.1
    openssl.spec -> 1.229

6 years ago- hardcode openssl path (make which dependency optional) auto/ti/openssl-1_0_0a-1
Elan Ruusamäe [Thu, 8 Jul 2010 14:06:42 +0000 (14:06 +0000)]
- hardcode openssl path (make which dependency optional)

Changed files:
    openssl-c_rehash.sh -> 1.7

This page took 0.615668 seconds and 4 git commands to generate.