/[smeserver]/rpms/openssl/sme8/openssl.spec
ViewVC logotype

Diff of /rpms/openssl/sme8/openssl.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.5 by vip-ire, Sat Oct 18 10:06:56 2014 UTC Revision 1.8 by vip-ire, Wed Apr 15 14:21:07 2015 UTC
# Line 21  Line 21 
21  Summary: The OpenSSL toolkit  Summary: The OpenSSL toolkit
22  Name: openssl  Name: openssl
23  Version: 0.9.8e  Version: 0.9.8e
24  Release: 31.1%{?dist}  Release: 33.1%{?dist}
25  # The tarball is based on the openssl-fips-1.2.0-test.tar.gz tarball  # The tarball is based on the openssl-fips-1.2.0-test.tar.gz tarball
26  Source: openssl-fips-%{version}-usa.tar.bz2  Source: openssl-fips-%{version}-usa.tar.bz2
27  Source1: hobble-openssl  Source1: hobble-openssl
# Line 101  Patch111: openssl-fips-0.9.8e-cve-2014-3 Line 101  Patch111: openssl-fips-0.9.8e-cve-2014-3
101  Patch112: openssl-fips-0.9.8e-cve-2014-3508.patch  Patch112: openssl-fips-0.9.8e-cve-2014-3508.patch
102  Patch113: openssl-fips-0.9.8e-cve-2014-3510.patch  Patch113: openssl-fips-0.9.8e-cve-2014-3510.patch
103  Patch114: openssl-fips-0.9.8e-fallback-scsv.patch  Patch114: openssl-fips-0.9.8e-fallback-scsv.patch
104    Patch115: openssl-fips-0.9.8e-x509-store-lock.patch
105    # This patch includes the CVE-2015-0286 fix
106    Patch116: openssl-fips-0.9.8e-cve-2014-8275.patch
107    Patch117: openssl-fips-0.9.8e-cve-2015-0204.patch
108    Patch118: openssl-fips-0.9.8e-cve-2015-0287.patch
109    Patch119: openssl-fips-0.9.8e-cve-2015-0288.patch
110    Patch120: openssl-fips-0.9.8e-cve-2015-0289.patch
111    Patch121: openssl-fips-0.9.8e-cve-2015-0292.patch
112    Patch122: openssl-fips-0.9.8e-cve-2015-0293.patch
113    
114  License: BSDish  License: BSDish
115  Group: System Environment/Libraries  Group: System Environment/Libraries
# Line 209  from other formats to the formats used b Line 218  from other formats to the formats used b
218  %patch112 -p1 -b .oid-handling  %patch112 -p1 -b .oid-handling
219  %patch113 -p1 -b .adh-dos  %patch113 -p1 -b .adh-dos
220  %patch114 -p1 -b .fallback-scsv  %patch114 -p1 -b .fallback-scsv
221    %patch115 -p1 -b .lock
222    %patch116 -p1 -b .cert-fingerprint
223    %patch117 -p1 -b .rsa-ephemeral
224    %patch118 -p1 -b .item-reuse
225    %patch119 -p1 -b .req-null-deref
226    %patch120 -p1 -b .pkcs7-null-deref
227    %patch121 -p1 -b .b64-underflow
228    %patch122 -p1 -b .ssl2-assert
229    
230  # Modify the various perl scripts to reference perl in the right location.  # Modify the various perl scripts to reference perl in the right location.
231  perl util/perlpath.pl `dirname %{__perl}`  perl util/perlpath.pl `dirname %{__perl}`
# Line 462  rm -rf $RPM_BUILD_ROOT/%{_bindir}/openss Line 479  rm -rf $RPM_BUILD_ROOT/%{_bindir}/openss
479  %postun -p /sbin/ldconfig  %postun -p /sbin/ldconfig
480    
481  %changelog  %changelog
482  * Sat Oct 18 2014 Daniel Berteaud <daniel@firewall-services.com> 0.9.8e-31.1.el5.sme  * Wed Apr 15 2015 Daniel Berteaud <daniel@firewall-services.com 0.9.8e-33.1.sme
483  - update with ca-bundle.crt from SME 9 [SME: 8208]  - update with ca-bundle.crt from SME 9 [SME: 8909]
484    
485    * Thu Apr  2 2015 Tomas Mraz <tmraz@redhat.com> 0.9.8e-33
486    - fix CVE-2014-8275 (without introduction of CVE-2015-0286) - various
487      certificate fingerprint issues
488    - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export
489      ciphersuites and on server
490    - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
491    - fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference
492    - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
493    - fix CVE-2015-0292 - integer underflow in base64 decoder
494    - fix CVE-2015-0293 - triggerable assert in SSLv2 server
495    
496    * Wed Dec 17 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-32
497    - properly lock X509_STORE accesses (#1168938)
498    
499  * Wed Oct 15 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-31  * Wed Oct 15 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-31
500  - add support for fallback SCSV to partially mitigate CVE-2014-3566  - add support for fallback SCSV to partially mitigate CVE-2014-3566
501    (padding attack on SSL3)    (padding attack on SSL3)
502    
503  * Fri Aug  8 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27.4  * Fri Aug  8 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-30
504  - fix CVE-2014-0221 - recursion in DTLS code leading to DoS  - fix CVE-2014-0221 - recursion in DTLS code leading to DoS
505  - fix CVE-2014-3505 - doublefree in DTLS packet processing  - fix CVE-2014-3505 - doublefree in DTLS packet processing
506  - fix CVE-2014-3506 - avoid memory exhaustion in DTLS  - fix CVE-2014-3506 - avoid memory exhaustion in DTLS
507  - fix CVE-2014-3508 - fix OID handling to avoid information leak  - fix CVE-2014-3508 - fix OID handling to avoid information leak
508  - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS  - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS
509    
510  * Tue Jun  3 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27.3  * Mon Jun  2 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-29
511  - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability  - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability
512    
513  * Tue Jan 28 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27.1  * Tue Jan 28 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-28
514  - replace expired GlobalSign Root CA certificate in ca-bundle.crt  - replace expired GlobalSign Root CA certificate in ca-bundle.crt
515    
516  * Mon Feb 25 2013 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27  * Mon Feb 25 2013 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed