/[smeserver]/rpms/openssl/sme8/openssl.spec
ViewVC logotype

Diff of /rpms/openssl/sme8/openssl.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.1 by wellsi, Tue Feb 18 03:03:10 2014 UTC Revision 1.8 by vip-ire, Wed Apr 15 14:21:07 2015 UTC
# Line 21  Line 21 
21  Summary: The OpenSSL toolkit  Summary: The OpenSSL toolkit
22  Name: openssl  Name: openssl
23  Version: 0.9.8e  Version: 0.9.8e
24  Release: 27%{?dist}.1  Release: 33.1%{?dist}
25  # The tarball is based on the openssl-fips-1.2.0-test.tar.gz tarball  # The tarball is based on the openssl-fips-1.2.0-test.tar.gz tarball
26  Source: openssl-fips-%{version}-usa.tar.bz2  Source: openssl-fips-%{version}-usa.tar.bz2
27  Source1: hobble-openssl  Source1: hobble-openssl
# Line 94  Patch104: openssl-fips-0.9.8e-cve-2012-2 Line 94  Patch104: openssl-fips-0.9.8e-cve-2012-2
94  Patch105: openssl-fips-0.9.8e-secure-getenv.patch  Patch105: openssl-fips-0.9.8e-secure-getenv.patch
95  Patch106: openssl-fips-0.9.8e-cve-2013-0166.patch  Patch106: openssl-fips-0.9.8e-cve-2013-0166.patch
96  Patch107: openssl-fips-0.9.8e-cve-2013-0169.patch  Patch107: openssl-fips-0.9.8e-cve-2013-0169.patch
97    Patch108: openssl-fips-0.9.8e-cve-2014-0224.patch
98    Patch109: openssl-fips-0.9.8e-cve-2014-0221.patch
99    Patch110: openssl-fips-0.9.8e-cve-2014-3505.patch
100    Patch111: openssl-fips-0.9.8e-cve-2014-3506.patch
101    Patch112: openssl-fips-0.9.8e-cve-2014-3508.patch
102    Patch113: openssl-fips-0.9.8e-cve-2014-3510.patch
103    Patch114: openssl-fips-0.9.8e-fallback-scsv.patch
104    Patch115: openssl-fips-0.9.8e-x509-store-lock.patch
105    # This patch includes the CVE-2015-0286 fix
106    Patch116: openssl-fips-0.9.8e-cve-2014-8275.patch
107    Patch117: openssl-fips-0.9.8e-cve-2015-0204.patch
108    Patch118: openssl-fips-0.9.8e-cve-2015-0287.patch
109    Patch119: openssl-fips-0.9.8e-cve-2015-0288.patch
110    Patch120: openssl-fips-0.9.8e-cve-2015-0289.patch
111    Patch121: openssl-fips-0.9.8e-cve-2015-0292.patch
112    Patch122: openssl-fips-0.9.8e-cve-2015-0293.patch
113    
114  License: BSDish  License: BSDish
115  Group: System Environment/Libraries  Group: System Environment/Libraries
# Line 195  from other formats to the formats used b Line 211  from other formats to the formats used b
211  %patch105 -p1 -b .secure-getenv  %patch105 -p1 -b .secure-getenv
212  %patch106 -p1 -b .ocsp-dos  %patch106 -p1 -b .ocsp-dos
213  %patch107 -p1 -b .lucky13  %patch107 -p1 -b .lucky13
214    %patch108 -p1 -b .keying-mitm
215    %patch109 -p1 -b .dtls-recursion
216    %patch110 -p1 -b .dtls-doublefree
217    %patch111 -p1 -b .dtls-sizechecks
218    %patch112 -p1 -b .oid-handling
219    %patch113 -p1 -b .adh-dos
220    %patch114 -p1 -b .fallback-scsv
221    %patch115 -p1 -b .lock
222    %patch116 -p1 -b .cert-fingerprint
223    %patch117 -p1 -b .rsa-ephemeral
224    %patch118 -p1 -b .item-reuse
225    %patch119 -p1 -b .req-null-deref
226    %patch120 -p1 -b .pkcs7-null-deref
227    %patch121 -p1 -b .b64-underflow
228    %patch122 -p1 -b .ssl2-assert
229    
230  # Modify the various perl scripts to reference perl in the right location.  # Modify the various perl scripts to reference perl in the right location.
231  perl util/perlpath.pl `dirname %{__perl}`  perl util/perlpath.pl `dirname %{__perl}`
# Line 448  rm -rf $RPM_BUILD_ROOT/%{_bindir}/openss Line 479  rm -rf $RPM_BUILD_ROOT/%{_bindir}/openss
479  %postun -p /sbin/ldconfig  %postun -p /sbin/ldconfig
480    
481  %changelog  %changelog
482  * Tue Jan 28 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27.1  * Wed Apr 15 2015 Daniel Berteaud <daniel@firewall-services.com 0.9.8e-33.1.sme
483    - update with ca-bundle.crt from SME 9 [SME: 8909]
484    
485    * Thu Apr  2 2015 Tomas Mraz <tmraz@redhat.com> 0.9.8e-33
486    - fix CVE-2014-8275 (without introduction of CVE-2015-0286) - various
487      certificate fingerprint issues
488    - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export
489      ciphersuites and on server
490    - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
491    - fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference
492    - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
493    - fix CVE-2015-0292 - integer underflow in base64 decoder
494    - fix CVE-2015-0293 - triggerable assert in SSLv2 server
495    
496    * Wed Dec 17 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-32
497    - properly lock X509_STORE accesses (#1168938)
498    
499    * Wed Oct 15 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-31
500    - add support for fallback SCSV to partially mitigate CVE-2014-3566
501      (padding attack on SSL3)
502    
503    * Fri Aug  8 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-30
504    - fix CVE-2014-0221 - recursion in DTLS code leading to DoS
505    - fix CVE-2014-3505 - doublefree in DTLS packet processing
506    - fix CVE-2014-3506 - avoid memory exhaustion in DTLS
507    - fix CVE-2014-3508 - fix OID handling to avoid information leak
508    - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS
509    
510    * Mon Jun  2 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-29
511    - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability
512    
513    * Tue Jan 28 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-28
514  - replace expired GlobalSign Root CA certificate in ca-bundle.crt  - replace expired GlobalSign Root CA certificate in ca-bundle.crt
515    
516  * Mon Feb 25 2013 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27  * Mon Feb 25 2013 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed