/[smeserver]/rpms/openssl/sme8/openssl.spec

Diff of /rpms/openssl/sme8/openssl.spec

Parent Directory | Revision Log | View Revision Graph Revision Graph | View Patch Patch

-Revision 1.7 by vip-ire,
Thu Jan 15 08:49:13 2015 UTC
+Revision 1.8 by vip-ire,
Wed Apr 15 14:21:07 2015 UTC
 Line 21
  Summary: The OpenSSL toolkit
  Name: openssl
  Version: 0.9.8e
- Release: 32.1%{?dist}
+ Release: 33.1%{?dist}
  # The tarball is based on the openssl-fips-1.2.0-test.tar.gz tarball
  Source: openssl-fips-%{version}-usa.tar.bz2
  Source1: hobble-openssl
 Line 102 
 Patch112: openssl-fips-0.9.8e-cve-2014-3
  Patch113: openssl-fips-0.9.8e-cve-2014-3510.patch
  Patch114: openssl-fips-0.9.8e-fallback-scsv.patch
  Patch115: openssl-fips-0.9.8e-x509-store-lock.patch
+ # This patch includes the CVE-2015-0286 fix
+ Patch116: openssl-fips-0.9.8e-cve-2014-8275.patch
+ Patch117: openssl-fips-0.9.8e-cve-2015-0204.patch
+ Patch118: openssl-fips-0.9.8e-cve-2015-0287.patch
+ Patch119: openssl-fips-0.9.8e-cve-2015-0288.patch
+ Patch120: openssl-fips-0.9.8e-cve-2015-0289.patch
+ Patch121: openssl-fips-0.9.8e-cve-2015-0292.patch
+ Patch122: openssl-fips-0.9.8e-cve-2015-0293.patch
  License: BSDish
  Group: System Environment/Libraries
-Line 211 
 from other formats to the formats used b
+Line 219 
 from other formats to the formats used b
  %patch113 -p1 -b .adh-dos
  %patch114 -p1 -b .fallback-scsv
  %patch115 -p1 -b .lock
+ %patch116 -p1 -b .cert-fingerprint
+ %patch117 -p1 -b .rsa-ephemeral
+ %patch118 -p1 -b .item-reuse
+ %patch119 -p1 -b .req-null-deref
+ %patch120 -p1 -b .pkcs7-null-deref
+ %patch121 -p1 -b .b64-underflow
+ %patch122 -p1 -b .ssl2-assert
  # Modify the various perl scripts to reference perl in the right location.
  perl util/perlpath.pl `dirname %{__perl}`
-Line 464 
 rm -rf $RPM_BUILD_ROOT/%{_bindir}/openss
+Line 479 
 rm -rf $RPM_BUILD_ROOT/%{_bindir}/openss
  %postun -p /sbin/ldconfig
  %changelog
- * Thu Jan 15 2015 Daniel Berteaud <daniel@firewall-services.com 0.9.8e-32.1.sme
+ * Wed Apr 15 2015 Daniel Berteaud <daniel@firewall-services.com 0.9.8e-33.1.sme
- - update with ca-bundle.crt from SME 9 [SME: 8799]
+ - update with ca-bundle.crt from SME 9 [SME: 8909]
+ * Thu Apr  2 2015 Tomas Mraz <tmraz@redhat.com> 0.9.8e-33
+ - fix CVE-2014-8275 (without introduction of CVE-2015-0286) - various
+   certificate fingerprint issues
+ - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export
+   ciphersuites and on server
+ - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
+ - fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference
+ - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
+ - fix CVE-2015-0292 - integer underflow in base64 decoder
+ - fix CVE-2015-0293 - triggerable assert in SSLv2 server
  * Wed Dec 17 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-32
  - properly lock X509_STORE accesses (#1168938)

 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
-Removed lines/characters
+Added lines/characters

admin@koozali.org	ViewVC Help
Powered by ViewVC 1.2.1