]>
git.pld-linux.org Git - packages/openssl.git/log
Elan Ruusamäe [Fri, 4 Mar 2016 22:33:13 +0000 (00:33 +0200)]
qt4 QtNetwork rebuild
Elan Ruusamäe [Fri, 4 Mar 2016 08:15:45 +0000 (10:15 +0200)]
python3 rebuild
Elan Ruusamäe [Fri, 4 Mar 2016 08:12:19 +0000 (10:12 +0200)]
python2 rebuild
Elan Ruusamäe [Thu, 3 Mar 2016 15:54:20 +0000 (17:54 +0200)]
- release 5 (by relup.sh)
Elan Ruusamäe [Thu, 3 Mar 2016 12:09:30 +0000 (14:09 +0200)]
curl rebuild
configure:29155: checking for curl_easy_perform in -lcurl
configure:29180: ccache gcc -o conftest -O2 -fwrapv -pipe -Wformat -Werror=format-security -gdwarf-4 -fno-debug-types-section -fvar-tracking-assignments -g2 -Wp,-D_FORTIFY_SOURCE=2
/usr/lib/gcc/i686-pld-linux/5.3.0/../../../libcurl.so: undefined reference to `SSLv2_client_method'
collect2: error: ld returned 1 exit status
altho this dependency is compile time, it's easier to mark it here than
all rebuilt programs that link with curl (php55-openssl, php56-openssl, ...)
Elan Ruusamäe [Thu, 3 Mar 2016 12:01:42 +0000 (14:01 +0200)]
php 5.4 rebuild needed
Elan Ruusamäe [Thu, 3 Mar 2016 11:59:26 +0000 (13:59 +0200)]
fix php versions
Elan Ruusamäe [Thu, 3 Mar 2016 11:57:12 +0000 (13:57 +0200)]
php 5.2 rebuild needed
$ php52 -m
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php52/openssl.so' - /usr/lib/php52/openssl.so: undefined symbol: SSLv2_server_method in Unknown on line 0
Elan Ruusamäe [Thu, 3 Mar 2016 11:54:15 +0000 (13:54 +0200)]
php 5.6 rebuild needed
oot@jenkins httpd/modules#
$ php56 -m
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php56/openssl.so' - /usr/lib/php56/openssl.so: undefined symbol: SSLv2_client_method in Unknown on line 0
Elan Ruusamäe [Thu, 3 Mar 2016 11:51:19 +0000 (13:51 +0200)]
php rebuild
$ php55 -m
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php55/openssl.so' - /usr/lib/php55/openssl.so: undefined symbol: SSLv2_server_method in Unknown on line 0
Elan Ruusamäe [Thu, 3 Mar 2016 11:47:52 +0000 (13:47 +0200)]
php 5.3 rebuild needed
$ php -m
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php53/openssl.so' - /usr/lib/php53/openssl.so: undefined symbol: SSLv2_server_method in Unknown on line 0
Elan Ruusamäe [Wed, 2 Mar 2016 14:25:38 +0000 (16:25 +0200)]
mod_ssl epoch
Elan Ruusamäe [Wed, 2 Mar 2016 14:22:51 +0000 (16:22 +0200)]
apache 2.2 bump
https://github.com/pld-linux/apache/commit/
0bc39fbc11debf1f75be420bf6886097f802bf32
Elan Ruusamäe [Wed, 2 Mar 2016 13:21:10 +0000 (15:21 +0200)]
require rebuilt ruby
/usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require': /usr/lib64/ruby/2.0/openssl.so: undefined symbol: SSLv2_method - /usr/lib64/ruby/2.0/openssl.so (LoadError)
from /usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/share/ruby/2.0/openssl.rb:17:in `<top (required)>'
from /usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /usr/share/ruby/2.0/net/https.rb:22:in `<top (required)>'
from /usr/share/ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in `require'
Elan Ruusamäe [Wed, 2 Mar 2016 10:46:00 +0000 (12:46 +0200)]
up to 1.0.2g, "DROWN" CVE-2016-0800 and "Cachebleed"
Merge branch '1.0.2g'
Elan Ruusamäe [Thu, 25 Feb 2016 19:43:13 +0000 (21:43 +0200)]
up to 1.0.2g snapshot
x32 patch is probably outdated
Elan Ruusamäe [Thu, 4 Feb 2016 21:26:18 +0000 (23:26 +0200)]
Merge branch 'mrcage-patch-1'
Nicolas Perrenoud [Thu, 4 Feb 2016 18:18:24 +0000 (19:18 +0100)]
Added support for *.cer *.crt *.crl to c_rehash
This is aimed to keep the functionality in sync with OpenSSL 1.0.2
See https://www.openssl.org/docs/man1.0.2/apps/c_rehash.html
Elan Ruusamäe [Thu, 28 Jan 2016 18:10:50 +0000 (20:10 +0200)]
Merge branch 'private-perms'
Elan Ruusamäe [Thu, 28 Jan 2016 18:09:26 +0000 (20:09 +0200)]
Merge branch 'dev-1.0.2f'
Elan Ruusamäe [Thu, 28 Jan 2016 18:04:08 +0000 (20:04 +0200)]
1.0.2f release. CVE-2016-0701, CVE-2015-3197 fixes
- DH small subgroups (CVE-2016-0701)
- SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
https://www.openssl.org/news/openssl-1.0.2-notes.html
Elan Ruusamäe [Mon, 25 Jan 2016 22:08:52 +0000 (00:08 +0200)]
test build upcoming 1.0.2f
the release is to be made somewhere in:
php -r 'echo strftime("%x %X%z\n", strtotime("28 jan 2016 1:00 pm utc"));'
Elan Ruusamäe [Thu, 21 Jan 2016 11:11:56 +0000 (13:11 +0200)]
update ca-certificates dep, recovered from
9afa51db
Elan Ruusamäe [Thu, 3 Dec 2015 20:10:13 +0000 (22:10 +0200)]
doc files were removed on purpose
https://github.com/openssl/openssl/issues/491#issuecomment-
161755535
Elan Ruusamäe [Thu, 3 Dec 2015 20:07:39 +0000 (22:07 +0200)]
third error was from pld specific man-namespace patch
https://github.com/openssl/openssl/issues/491#issuecomment-
161766747
dropping that chunk, as rpm build macros convert symlinks to man links
in post process anyway
Elan Ruusamäe [Thu, 3 Dec 2015 19:38:10 +0000 (21:38 +0200)]
repackaged tarball fixed two issues, but not the third one
https://github.com/openssl/openssl/issues/491
Elan Ruusamäe [Thu, 3 Dec 2015 18:36:17 +0000 (20:36 +0200)]
fix for missing bctest
https://github.com/openssl/openssl/issues/493
Elan Ruusamäe [Thu, 3 Dec 2015 18:21:04 +0000 (20:21 +0200)]
doc/openssl_button.gif doc/openssl_button.html are missing as well
damn buggy release it is
but not sure if intentional, so commenting them out for now.
Elan Ruusamäe [Thu, 3 Dec 2015 18:20:37 +0000 (20:20 +0200)]
hack for pod2man test
https://github.com/openssl/openssl/issues/490
Elan Ruusamäe [Thu, 3 Dec 2015 18:09:28 +0000 (20:09 +0200)]
pod2man tool missing
https://github.com/openssl/openssl/issues/490
Elan Ruusamäe [Thu, 3 Dec 2015 18:04:53 +0000 (20:04 +0200)]
hack a fix for packaging error
https://github.com/openssl/openssl/issues/491
however build still fails for :
make[1]: *** No rule to make target 'bctest', needed by 'test_bn'. Stop.
and then:
/bin/sh: ./pod2mantest: not found
Elan Ruusamäe [Thu, 3 Dec 2015 17:44:15 +0000 (19:44 +0200)]
up to 1.0.2e, fails to build on carme jpaketest.c
Elan Ruusamäe [Fri, 4 Sep 2015 11:17:38 +0000 (14:17 +0300)]
- release 5 (by relup.sh)
Elan Ruusamäe [Fri, 4 Sep 2015 11:16:48 +0000 (14:16 +0300)]
update conflict for neon on ac
Elan Ruusamäe [Fri, 28 Aug 2015 09:04:16 +0000 (12:04 +0300)]
add ntpd conflict
see
https://github.com/pld-linux/ntp/commit/
6a22ef3dfdfc575e06af5df4eaef25a4c546f257
Elan Ruusamäe [Mon, 17 Aug 2015 12:14:16 +0000 (15:14 +0300)]
add missing openssh-clients dependency update
Elan Ruusamäe [Mon, 17 Aug 2015 08:13:10 +0000 (11:13 +0300)]
update openssh conflict for ac
Elan Ruusamäe [Sun, 9 Aug 2015 11:00:53 +0000 (14:00 +0300)]
add LTS note
Arkadiusz Miśkiewicz [Thu, 9 Jul 2015 13:59:00 +0000 (15:59 +0200)]
- up to 1.0.2d; fixes CVE-2015-1793/high
Arkadiusz Miśkiewicz [Sat, 13 Jun 2015 07:28:24 +0000 (09:28 +0200)]
- up to 1.0.2c
Jakub Bogusz [Fri, 12 Jun 2015 17:22:26 +0000 (19:22 +0200)]
- updated optflags patch
Elan Ruusamäe [Thu, 11 Jun 2015 19:38:39 +0000 (22:38 +0300)]
Elan Ruusamäe [Thu, 11 Jun 2015 19:34:51 +0000 (22:34 +0300)]
drop obsolete cpuid.patch
Elan Ruusamäe [Thu, 11 Jun 2015 15:24:29 +0000 (18:24 +0300)]
up to 1.0.2b; fixes for CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791
Adam Osuchowski [Fri, 20 Mar 2015 13:58:57 +0000 (14:58 +0100)]
- up to 1.0.2a
Elan Ruusamäe [Fri, 20 Mar 2015 12:09:46 +0000 (14:09 +0200)]
stddef.patch applied upstream (order is irrelevant)
Jan Rękorajski [Fri, 27 Feb 2015 20:18:33 +0000 (21:18 +0100)]
- elevated x32 patch to hackery
- rel 3
Jan Rękorajski [Tue, 24 Feb 2015 21:18:37 +0000 (22:18 +0100)]
- x32 rebuild
- release 2 (by relup.sh)
Adam Osuchowski [Sat, 31 Jan 2015 02:32:36 +0000 (03:32 +0100)]
- up to 1.0.2
- removed unnecessary patches and renumbered remaining
Elan Ruusamäe [Thu, 15 Jan 2015 20:26:13 +0000 (22:26 +0200)]
up to 1.0.1l
Build fixes for the Windows and OpenVMS platforms
Elan Ruusamäe [Fri, 9 Jan 2015 09:35:56 +0000 (11:35 +0200)]
up to 1.0.1k, fixes for CVE-2014-3571 CVE-2015-0206 CVE-2014-3569 CVE-2014-3572 CVE-2015-0204 CVE-2015-0205 CVE-2014-8275 CVE-2014-3570
Elan Ruusamäe [Thu, 1 Jan 2015 21:02:56 +0000 (23:02 +0200)]
fix gcc -E not dumping output with .s ext, works with .S
Elan Ruusamäe [Wed, 31 Dec 2014 12:28:04 +0000 (14:28 +0200)]
3a24c9cc conflicts don't apply for ac
Jan Rękorajski [Mon, 22 Dec 2014 20:38:18 +0000 (20:38 +0000)]
- add x32 support
Arkadiusz Miśkiewicz [Tue, 21 Oct 2014 12:49:10 +0000 (14:49 +0200)]
- rel 3 then
Adam Osuchowski [Tue, 21 Oct 2014 12:46:56 +0000 (14:46 +0200)]
- zlib, sslv2 and sslv3 enabled by default
Arkadiusz Miśkiewicz [Tue, 21 Oct 2014 12:27:08 +0000 (14:27 +0200)]
- fix bconds
Arkadiusz Miśkiewicz [Tue, 21 Oct 2014 12:19:48 +0000 (14:19 +0200)]
sslv2/sslv3/zlib bconds; discussion about their default state in progress on devel lists
Arkadiusz Miśkiewicz [Mon, 20 Oct 2014 17:45:36 +0000 (19:45 +0200)]
- rel 2; disable unsecure protocols
(zlib: CRIME attack; SSLv2: uses md5; SSLv3: POODLE)
- enable enable-ec_nistp_64_gcc_128 on x86_64
Jakub Bogusz [Fri, 17 Oct 2014 16:11:22 +0000 (18:11 +0200)]
- handle unpackaged man files
Elan Ruusamäe [Wed, 15 Oct 2014 19:56:21 +0000 (22:56 +0300)]
report unpackaged files
Elan Ruusamäe [Wed, 15 Oct 2014 19:42:51 +0000 (22:42 +0300)]
up to OpenSSL 1.0.1j [15 Oct 2014]:
- Fix for CVE-2014-3513
- Fix for CVE-2014-3567
- Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
- Fix for CVE-2014-3568
Arkadiusz Miśkiewicz [Wed, 15 Oct 2014 04:49:05 +0000 (06:49 +0200)]
- rel 2; add support for TLS_FALLBACK_SCSV which should help mitigate latest SSLv3 SECURITY issue (CVE-2014-3566)
Elan Ruusamäe [Thu, 7 Aug 2014 07:17:56 +0000 (10:17 +0300)]
- up to 1.0.1i
- fixes for CVE-2014-3512 CVE-2014-3511 CVE-2014-3510 CVE-2014-3507
CVE-2014-3506 CVE-2014-3505 CVE-2014-3509 CVE-2014-5139 CVE-2014-3508
Arkadiusz Miśkiewicz [Thu, 5 Jun 2014 16:20:47 +0000 (18:20 +0200)]
- up to 1.0.1h; fixes:
* SSL/TLS MITM vulnerability (CVE-2014-0224)
* DTLS recursion flaw (CVE-2014-0221)
* DTLS invalid fragment vulnerability (CVE-2014-0195)
* SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
* SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
* Anonymous ECDH denial of service (CVE-2014-3470)
Andrzej Zawadzki [Mon, 28 Apr 2014 12:07:27 +0000 (14:07 +0200)]
- wrong patch...
Andrzej Zawadzki [Mon, 28 Apr 2014 11:24:52 +0000 (13:24 +0200)]
- wrrr rel up...
Andrzej Zawadzki [Mon, 28 Apr 2014 11:19:42 +0000 (13:19 +0200)]
- add patch from upstream
https://rt.openssl.org/Ticket/Display.html?id=3265
and fix:
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=
94d1f4b0f3d262edf1cf7023a01d5404945035d5
Arkadiusz Miśkiewicz [Mon, 7 Apr 2014 20:33:47 +0000 (22:33 +0200)]
- up to 1.0.1g; fixes CVE-2014-0160, CVE-2014-0076
Arkadiusz Miśkiewicz [Sun, 19 Jan 2014 00:20:56 +0000 (01:20 +0100)]
- up to 1.0.1f; fixes CVE-2013-4353, CVE-2013-6449, CVE-2013-6450
Elan Ruusamäe [Wed, 25 Sep 2013 10:25:08 +0000 (13:25 +0300)]
keep /etc/openssl/private dir private
Elan Ruusamäe [Thu, 30 May 2013 09:06:06 +0000 (12:06 +0300)]
conflict on packages not having strict openssl dependency
Arkadiusz Miśkiewicz [Fri, 17 May 2013 07:10:45 +0000 (09:10 +0200)]
- rel 2; add debian fixes
Marcin Krol [Tue, 23 Apr 2013 11:01:18 +0000 (11:01 +0000)]
- cleanup (drop Titanium stuff)
Jakub Bogusz [Tue, 12 Feb 2013 16:55:10 +0000 (17:55 +0100)]
- -j1 also for make install
Jakub Bogusz [Tue, 12 Feb 2013 16:30:18 +0000 (17:30 +0100)]
- updated to 1.0.0e (fixes CVE-2012-2686 CVE-2013-0166 CVE-2013-0169)
Jakub Bogusz [Mon, 14 Jan 2013 19:53:10 +0000 (20:53 +0100)]
- fixed and updated optflags patch
- running perlpath.pl and passing PERL to Configure is enough, no need to replace /usr/local/bin/perl manually
Arkadiusz Miśkiewicz [Sun, 13 Jan 2013 14:49:27 +0000 (15:49 +0100)]
- up to 1.0.1c
Elan Ruusamäe [Sun, 2 Sep 2012 10:05:03 +0000 (13:05 +0300)]
/var/lib/openssl -> /etc/openssl trigger improvements from AC-branch
Jan Rękorajski [Fri, 11 May 2012 09:18:53 +0000 (09:18 +0000)]
- up to 1.0.0j, fixes CVE-2012-2333
Changed files:
openssl.spec -> 1.241
Kacper Kornet [Thu, 19 Apr 2012 15:35:47 +0000 (15:35 +0000)]
- up to 1.0.0i; fixes CVE-2012-2110
Changed files:
openssl.spec -> 1.240
Jakub Bogusz [Thu, 15 Mar 2012 17:10:26 +0000 (17:10 +0000)]
- updated to 1.0.0h (fixes CVE-2012-0884 CVE-2011-4619)
Changed files:
openssl.spec -> 1.239
Jakub Bogusz [Fri, 20 Jan 2012 21:06:08 +0000 (21:06 +0000)]
- updated to 1.0.0g
Changed files:
openssl.spec -> 1.238
Arkadiusz Miśkiewicz [Tue, 10 Jan 2012 07:59:33 +0000 (07:59 +0000)]
- release 2
Changed files:
openssl.spec -> 1.237
Adam Gołębiowski [Fri, 6 Jan 2012 14:49:58 +0000 (14:49 +0000)]
- updated to 1.0.0f
- solves CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577,
CVE-2011-4619, CVE-2012-0027)
Changed files:
openssl.spec -> 1.236
Arkadiusz Miśkiewicz [Tue, 6 Sep 2011 17:00:02 +0000 (17:00 +0000)]
- up to 1.0.0e (fixes CVE-2011-3207, CVE-2011-3210, EC timming attacs)
Changed files:
openssl.spec -> 1.235
Elan Ruusamäe [Sat, 27 Aug 2011 12:22:49 +0000 (12:22 +0000)]
- tsget is perl script
Changed files:
openssl.spec -> 1.234
Arkadiusz Miśkiewicz [Wed, 6 Jul 2011 15:52:54 +0000 (15:52 +0000)]
- rel 2; enable zlib/camelia
Changed files:
openssl.spec -> 1.233
pawelz [Wed, 9 Feb 2011 00:56:50 +0000 (00:56 +0000)]
- up to 1.0.0d
- fixes CVE-2011-0014
Changed files:
openssl.spec -> 1.232
Arkadiusz Miśkiewicz [Fri, 3 Dec 2010 18:45:25 +0000 (18:45 +0000)]
- up to 1.0.0c (fixes CVE-2010-4180, CVE-2010-4252, corrects fix for CVE-2010-3864)
Changed files:
openssl-tls.patch -> 1.2
openssl.spec -> 1.231
hawk [Fri, 19 Nov 2010 10:55:26 +0000 (10:55 +0000)]
- added CVE reference in last changelog entry
Changed files:
openssl.spec -> 1.230
Arkadiusz Miśkiewicz [Wed, 17 Nov 2010 18:14:54 +0000 (18:14 +0000)]
- up to 1.0.0b + fix that makes test suite pass
Changed files:
openssl-tls.patch -> 1.1
openssl.spec -> 1.229
Elan Ruusamäe [Thu, 8 Jul 2010 14:06:42 +0000 (14:06 +0000)]
- hardcode openssl path (make which dependency optional)
Changed files:
openssl-c_rehash.sh -> 1.7
Elan Ruusamäe [Thu, 8 Jul 2010 14:05:59 +0000 (14:05 +0000)]
- export variable not value
Changed files:
openssl-c_rehash.sh -> 1.6
tommat [Wed, 23 Jun 2010 13:26:08 +0000 (13:26 +0000)]
- initial arm support
Changed files:
openssl.spec -> 1.228
Arkadiusz Miśkiewicz [Wed, 2 Jun 2010 04:33:13 +0000 (04:33 +0000)]
- up to 1.0.0a
Changed files:
openssl.spec -> 1.227
Tomasz Pala [Wed, 26 May 2010 13:19:29 +0000 (13:19 +0000)]
- already at 1.0.0
Changed files:
TODO -> 1.2
Jakub Bogusz [Wed, 26 May 2010 07:21:09 +0000 (07:21 +0000)]
- pl for -engines
Changed files:
openssl.spec -> 1.226
Tomasz Pala [Tue, 25 May 2010 23:37:11 +0000 (23:37 +0000)]
- separated engines subpackage; makes it possible to install openssl 1.0.0
next to 0.9.8n for transition as engines are not versioned and not so
commonly used anyway (most of the apps requires libs only) - %desc from ALTLinux
Changed files:
openssl.spec -> 1.225
Jan Rękorajski [Wed, 5 May 2010 13:45:30 +0000 (13:45 +0000)]
- rel 7
- fixed my breakage in c_rehash.sh
Changed files:
openssl.spec -> 1.224
This page took 0.208703 seconds and 4 git commands to generate.