Group :: System/Base
RPM: openssl097
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
2 november 2006 Dmitry V. Levin <ldv at altlinux.org> 0.9.7g-alt6
- Updated upstream bss_conn.c fix.
- Renamed srpm: openssl -> openssl097.
- Renamed subpackage: libssl -> libssl4.
- Applied upstream fixes for DoS bugs in ASN1 parser
(CVE-2006-2937, CVE-2006-2940). - Applied fix for buffer overflow in SSL_get_shared_ciphers(),
discovery and patch from Tavis Ormandy and Will Drewry of the
Google Security Team (CVE-2006-3738). - Applied fix for possible DoS in the sslv2 client code,
discovery and patch from Tavis Ormandy and Will Drewry of the
Google Security Team (CVE-2006-4343). - Build this package without optimizations based on strict aliasing rules.
- Applied upstream patch to avoid RSA signature forgery (CVE-2006-4339).
- Applied upstream fix for potential SSL 2.0 rollback
during SSL handshake (CAN-2005-2969).
- Minor package cleanup.
- Removed those of RH patches which I do not like.
- Rediffed patches and renamed them accourding to the packaging policy.
- Relocated development manpages from libssl-devel subpackage to
openssl-doc subpackage.
- Added multilib support
- Incorporated patches from Fedora.
- Changed certs dir to be more useful.
- Added provides/requires for tsa (for future use).
- Updated to 0.9.7g.
- Made split build (with/without tsa patch).
- Test build with 0.9.7e.
- Added timestamping support patch.
- Updated to 0.9.7d.
- Reviewed patches.
- Applied RH's soname convention.
- Updated to 0.9.6m.
- Fixed null-pointer assignment during SSL handshake
(CAN-2004-0079).
- Updated to 0.9.6l.
- For non-i386 ix86 platforms, relaxed textrel check.
- Updated to 0.9.6k:
+ Fix various ASN1 parsing bugs.
+ SSL/TLS protocol fix for unrequested client certificates.
- Fixed linux-elf-arm architecture support (sbolshakov@, #2804).
- Shared /usr/bin/openssl-config between openssl and
libssl-devel subpackages (fixes #2806).
- Updated to 0.9.6j.
- Applied patch against Klima-Pokorny-Rosa attack.
- Applied blinding patch from OpenSSL team,
to defend against timing attack on RSA keys.
- Updated to 0.9.6i.
- Updated to 0.9.6h.
- Merged Owl changes:
* Fri Nov 15 2002 Solar Designer <solar@owl.openwall.com> - Dropped the patch removing -Wl,-Bsymbolic which is no longer needed with
0.9.6g and/or after dropping the explicit "make build-shared". - Dropped RSAref stuff.
- Fixed glibc/crypto compatibility patch.
- Fixed libssl linkage:
Don't do an explicit "make build-shared", it's not needed and
could only cause harm (link libssl against libcrypto statically). - FHS fixes (#0000915):
+ changed %openssldir from /usr/lib/ssl to /var/lib/ssl;
+ moved openssl.cnf from %openssldir/ to /etc/openssl/;
+ on upgrade, copy old %openssldir to new location;
+ added openssl-config script to provide current %openssldir location. - Renamed openssl-devel subpackage to libssl-devel.
- Renamed openssl-devel-static subpackage to libssl-devel-static.
- 0.9.6g; asn1_lib patch merged upstream.
- Updated to 0.9.6e, recent security patch merged upstream.
- Added two post-0.9.6e changes from the CVS which correct the recent ASN.1
parsing vulnerability fixes (Owl).
- Updated to 0.9.6e, dropping the shared-on-SPARC and the official
security patches (both are now included).
- Various security fixes (see CHANGES).
- Updated to 0.9.6d.
- Added a patch by Ben Laurie for "openssl dgst" to behave on read errors.
- Properly restrict the instruction set in assembly code when building for i386 (Owl).
- Fixed /usr/bin/openssl linkage.
- Relocate shared libs to /lib/.
- libssl: Conflicts: %name < %version-%release.
- 0.9.6c
- Relocated docs.
- 0.9.6b
- Changed two memcpy() calls to memmove() (nalin).
- Added a script for creating dummy certificates (nalin).
- 0.9.6a
- Keep standard soname scheme.
- Do not provide crypt symbol (solar).
- Use __libc_enable_secure variable (solar).
- Link /usr/bin/openssl dinamically with shared libraries from libssl subpackage (solar).
- Moved shared libraries to libssl subpackage.
- Moved static libraries to devel-static subpackage.
- 0.9.6
- 0.9.5a
- separate openssl-doc package
- 0.9.5
- Fandra adaptions
- [0.9.4-3]
- config file moved to /var/ssl due to problems when it stays in /etc
- [0.9.4-2]
- the source rpm was corrupt, so this is just a rerelase
- [0.9.4-1]
- [0.9.3a-1]
- several changes