commit libopenssl0_9_8 for openSUSE:Factory
Hello community,
here is the log from the commit of package libopenssl0_9_8 for openSUSE:Factory
checked in at Thu Apr 15 10:21:47 CEST 2010.
--------
New Changes file:
--- /dev/null 2009-09-30 08:50:26.000000000 +0200
+++ /mounts/work_src_done/STABLE/libopenssl0_9_8/libopenssl0_9_8.changes 2010-04-12 10:19:19.000000000 +0200
@@ -0,0 +1,1107 @@
+-------------------------------------------------------------------
+Mon Apr 12 10:19:05 CEST 2010 - meissner@suse.de
+
+- renamed to libopenssl0_9_8 to provide compatibility
+
+-------------------------------------------------------------------
+Thu Mar 25 02:18:22 UTC 2010 - gjhe@novell.com
+
+- fix security bug [bnc#590833]
+ CVE-2010-0740
+
+-------------------------------------------------------------------
+Mon Mar 22 06:29:14 UTC 2010 - gjhe@novell.com
+
+- update to version 0.9.8m
+ Merge the following patches from 0.9.8k:
+ bswap.diff
+ non-exec-stack.diff
+ openssl-0.9.6g-alpha.diff
+ openssl-0.9.7f-ppc64.diff
+ openssl-0.9.8-flags-priority.dif
+ openssl-0.9.8-sparc.dif
+ openssl-allow-arch.diff
+ openssl-hppa-config.diff
+
+-------------------------------------------------------------------
+Fri Feb 5 01:24:55 UTC 2010 - jengelh@medozas.de
+
+- build openssl for sparc64
+
+-------------------------------------------------------------------
+Mon Dec 14 16:11:11 CET 2009 - jengelh@medozas.de
+
+- add baselibs.conf as a source
+- package documentation as noarch
+
+-------------------------------------------------------------------
+Tue Nov 3 19:09:35 UTC 2009 - coolo@novell.com
+
+- updated patches to apply with fuzz=0
+
+-------------------------------------------------------------------
+Tue Sep 1 10:21:16 CEST 2009 - gjhe@novell.com
+
+- fix Bug [bnc#526319]
+
+-------------------------------------------------------------------
+Wed Aug 26 11:24:16 CEST 2009 - coolo@novell.com
+
+- use %patch0 for Patch0
+
+-------------------------------------------------------------------
+Fri Jul 3 11:53:48 CEST 2009 - gjhe@novell.com
+
+- update to version 0.9.8k
+- patches merged upstream:
+ openssl-CVE-2008-5077.patch
+ openssl-CVE-2009-0590.patch
+ openssl-CVE-2009-0591.patch
+ openssl-CVE-2009-0789.patch
+ openssl-CVE-2009-1377.patch
+ openssl-CVE-2009-1378.patch
+ openssl-CVE-2009-1379.patch
+ openssl-CVE-2009-1386.patch
+ openssl-CVE-2009-1387.patch
+
+-------------------------------------------------------------------
+Tue Jun 30 05:17:26 CEST 2009 - gjhe@novell.com
+
+- fix security bug [bnc#509031]
+ CVE-2009-1386
+ CVE-2009-1387
+
+-------------------------------------------------------------------
+Tue Jun 30 05:16:39 CEST 2009 - gjhe@novell.com
+
+- fix security bug [bnc#504687]
+ CVE-2009-1377
+ CVE-2009-1378
+ CVE-2009-1379
+
+-------------------------------------------------------------------
+Wed Apr 15 12:28:29 CEST 2009 - gjhe@suse.de
+
+- fix security bug [bnc#489641]
+ CVE-2009-0590
+ CVE-2009-0591
+ CVE-2009-0789
+
+-------------------------------------------------------------------
+Wed Jan 7 12:34:56 CET 2009 - olh@suse.de
+
+- obsolete old -XXbit packages (bnc#437293)
+
+-------------------------------------------------------------------
+Thu Dec 18 08:15:12 CET 2008 - jshi@suse.de
+
+- fix security bug [bnc#459468]
+ CVE-2008-5077
+
+-------------------------------------------------------------------
+Tue Dec 9 11:32:50 CET 2008 - xwhu@suse.de
+
+- Disable optimization for s390x
+
+-------------------------------------------------------------------
+Mon Dec 8 12:12:14 CET 2008 - xwhu@suse.de
+
+- Disable optimization of md4
+
+-------------------------------------------------------------------
+Mon Nov 10 10:22:04 CET 2008 - xwhu@suse.de
+
+- Disable optimization of ripemd [bnc#442740]
+
+-------------------------------------------------------------------
+Tue Oct 14 09:08:47 CEST 2008 - xwhu@suse.de
+
+- Passing string as struct cause openssl segment-fault [bnc#430141]
+
+-------------------------------------------------------------------
+Wed Jul 16 12:02:37 CEST 2008 - mkoenig@suse.de
+
+- do not require openssl-certs, but rather recommend it
+ to avoid dependency cycle [bnc#408865]
+
+-------------------------------------------------------------------
+Wed Jul 9 12:53:27 CEST 2008 - mkoenig@suse.de
+
+- remove the certs subpackage from the openssl package
+ and move the CA root certificates into a package of its own
+
+-------------------------------------------------------------------
+Tue Jun 24 09:09:04 CEST 2008 - mkoenig@suse.de
+
+- update to version 0.9.8h
+- openssl does not ship CA root certificates anymore
+ keep certificates that SuSE is already shipping
+- resolves bad array index (function has been removed) [bnc#356549]
+- removed patches
+ openssl-0.9.8g-fix_dh_for_certain_moduli.patch
+ openssl-CVE-2008-0891.patch
+ openssl-CVE-2008-1672.patch
+
+-------------------------------------------------------------------
+Wed May 28 15:04:08 CEST 2008 - mkoenig@suse.de
+
+- fix OpenSSL Server Name extension crash (CVE-2008-0891)
+ and OpenSSL Omit Server Key Exchange message crash (CVE-2008-1672)
+ [bnc#394317]
+
+-------------------------------------------------------------------
+Wed May 21 20:48:39 CEST 2008 - cthiel@suse.de
+
+- fix baselibs.conf
+
+-------------------------------------------------------------------
+Tue Apr 22 14:39:35 CEST 2008 - mkoenig@suse.de
+
+- add -DMD32_REG_T=int for x86_64 and ia64 [bnc#381844]
+
+-------------------------------------------------------------------
+Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de
+
+- added baselibs.conf file to build xxbit packages
+ for multilib support
+
+-------------------------------------------------------------------
+Mon Nov 5 14:27:06 CET 2007 - mkoenig@suse.de
+
+- fix Diffie-Hellman failure with certain prime lengths
+
+-------------------------------------------------------------------
+Mon Oct 22 15:00:21 CEST 2007 - mkoenig@suse.de
+
+- update to version 0.9.8g:
+ * fix some bugs introduced with 0.9.8f
+
+-------------------------------------------------------------------
+Mon Oct 15 11:17:14 CEST 2007 - mkoenig@suse.de
+
+- update to version 0.9.8f:
+ * fixes CVE-2007-3108, CVE-2007-5135, CVE-2007-4995
+- patches merged upstream:
+ openssl-0.9.8-key_length.patch
+ openssl-CVE-2007-3108-bug296511
+ openssl-CVE-2007-5135.patch
+ openssl-gcc42.patch
+ openssl-gcc42_b.patch
+ openssl-s390-config.diff
+
+-------------------------------------------------------------------
+Mon Oct 1 11:29:55 CEST 2007 - mkoenig@suse.de
+
+- fix buffer overflow CVE-2007-5135 [#329208]
+
+-------------------------------------------------------------------
++++ 910 more lines (skipped)
++++ between /dev/null
++++ and /mounts/work_src_done/STABLE/libopenssl0_9_8/libopenssl0_9_8.changes
calling whatdependson for head-i586
New:
----
README.SuSE
baselibs.conf
libopenssl0_9_8.changes
libopenssl0_9_8.spec
merge_from_0_9_8k.patch
openssl-0.9.8m.tar.bz2
openssl-CVE-2010-0740.patch
openssl.test
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libopenssl0_9_8.spec ++++++
#
# spec file for package libopenssl0_9_8 (Version 0.9.8m)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: libopenssl0_9_8
BuildRequires: bc ed zlib-devel
%define ssletcdir %{_sysconfdir}/ssl
%define num_version %(echo "%{version}" | sed -e "s+[a-zA-Z]++g; s+_.*++g")
License: BSD3c(or similar)
Group: Productivity/Networking/Security
AutoReqProv: on
#
Version: 0.9.8m
Release: 2
Summary: Secure Sockets and Transport Layer Security
Url: http://www.openssl.org/
Source: http://www.openssl.org/source/openssl-%{version}.tar.bz2
Source2: baselibs.conf
Source10: README.SuSE
Patch0: merge_from_0_9_8k.patch
Patch1: openssl-CVE-2010-0740.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Recommends: openssl-certs
%description
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, full-featured, and open source toolkit implementing
the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) protocols with full-strength cryptography. The project is managed
by a worldwide community of volunteers that use the Internet to
communicate, plan, and develop the OpenSSL toolkit and its related
documentation.
Derivation and License
OpenSSL is based on the excellent SSLeay library developed by Eric A.
Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
Apache-style license, which basically means that you are free to get it
and to use it for commercial and noncommercial purposes.
%prep
%setup -q -n openssl-%{version}
%patch0 -p1
%patch1 -p1
cp -p %{S:10} .
echo "adding/overwriting some entries in the 'table' hash in Configure"
# $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags
export DSO_SCHEME='dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):'
cat <
participants (1)
-
root@Hilbert.suse.de