From 4be8b21426b79646311ddb30f49135f4bbc51d76 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Elan=20Ruusam=C3=A4e?= Date: Sat, 9 Dec 2017 13:40:29 +0200 Subject: [PATCH] up to 1.0.2n [7 Dec 2017]; CVE-2017-3737; CVE-2017-3738 - Read/write after SSL object in error state (CVE-2017-3737) - rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) https://www.openssl.org/news/openssl-1.0.2-notes.html --- openssl-find.patch | 11 +++++++++++ openssl.spec | 6 +++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/openssl-find.patch b/openssl-find.patch index 8ca7a55..30f6d8b 100644 --- a/openssl-find.patch +++ b/openssl-find.patch @@ -59,3 +59,14 @@ index 0000000..8e1b42c + +1; +--- openssl-1.0.2m/util/perlpath.pl~ 2017-10-26 23:34:32.000000000 +0300 ++++ openssl-1.0.2m/util/perlpath.pl 2017-11-01 13:08:24.963877348 +0200 +@@ -4,7 +4,7 @@ + # line in all scripts that rely on perl. + # + +-require "find.pl"; ++require "./find.pl"; + + $#ARGV == 0 || print STDERR "usage: perlpath newpath (eg /usr/bin)\n"; + &find("."); diff --git a/openssl.spec b/openssl.spec index dcaba4e..8e88d61 100644 --- a/openssl.spec +++ b/openssl.spec @@ -24,13 +24,13 @@ Name: openssl # 1.0.2 will be LTS release # Version 1.0.2 will be supported until 2019-12-31. # https://www.openssl.org/about/releasestrat.html -Version: 1.0.2m +Version: 1.0.2n Release: 1 License: Apache-like Group: Libraries %if %{without snap} Source0: https://www.openssl.org/source/%{name}-%{version}.tar.gz -# Source0-md5: 10e9e37f492094b9ef296f68f24a7666 +# Source0-md5: 13bdc1b1d1ff39b6fd42a255e74676a4 %else Source1: https://github.com/openssl/openssl/archive/OpenSSL_1_0_2-stable/%{name}-%{version}-dev.tar.gz # Source1-md5: 6b846f8a4f55f5ddfa1e0d335241840a @@ -286,7 +286,7 @@ sed -i -e 's|\$prefix/\$libdir/engines|/%{_lib}/engines|g' Configure %build touch Makefile.* -PERL5LIB=$(pwd) %{__perl} util/perlpath.pl %{__perl} +%{__perl} util/perlpath.pl %{__perl} OPTFLAGS="%{rpmcflags} %{rpmcppflags} %{?with_purify:-DPURIFY}" \ PERL="%{__perl}" \ -- 2.43.0