commit libressl for openSUSE:Factory
Hello community, here is the log from the commit of package libressl for openSUSE:Factory checked in at 2017-10-03 23:18:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libressl (Old) and /work/SRC/openSUSE:Factory/.libressl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libressl" Tue Oct 3 23:18:12 2017 rev:33 rq:530573 version:2.6.2 Changes: -------- --- /work/SRC/openSUSE:Factory/libressl/libressl.changes 2017-09-04 12:35:22.263540013 +0200 +++ /work/SRC/openSUSE:Factory/.libressl.new/libressl.changes 2017-10-03 23:18:22.425225305 +0200 @@ -1,0 +2,30 @@ +Mon Oct 2 21:20:42 UTC 2017 - jengelh@inai.de + +- Update to new upstream release 2.6.2 + * Provide a useful error with libtls if there are no OCSP URLs + in a peer certificate. + * Keep track of which keypair is in use by a TLS context, + fixing a bug where a TLS server with SNI would only return + the OCSP staple for the default keypair. +- Update to new upstream release 2.6.1 + * Added tls_config_set_ecdhecurves() to libtls, which allows + the names of the eliptical curves that may be used during + client and server key exchange to be specified. + * Removed support for DSS/DSA, since we removed the cipher + suites a while back. + * Removed NPN support. NPN was never standardised and the last + draft expired in October 2012. ALPN was standardised. + * Removed SSL_OP_CRYPTOPRO_TLSEXT_BUG workaround for old/broken + CryptoPro clients. + * Removed support for the TLS padding extension, which was + added as a workaround for an old bug in F5's TLS + termintation. + * Added ability to clamp notafter values in certificates for + systems with 32-bit time_t. This is necessary to conform to + RFC 5280 §4.1.2.5. + * Implemented the SSL_CTX_set_min_proto_version(3) API. + * Removed the original (pre-IETF) chacha20-poly1305 cipher + suites. + * Reclassified ECDHE-RSA-DES-CBC3-SHA from HIGH to MEDIUM. + +------------------------------------------------------------------- Old: ---- libressl-2.6.0.tar.gz libressl-2.6.0.tar.gz.asc New: ---- libressl-2.6.2.tar.gz libressl-2.6.2.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libressl.spec ++++++ --- /var/tmp/diff_new_pack.W8lAiO/_old 2017-10-03 23:18:23.185118363 +0200 +++ /var/tmp/diff_new_pack.W8lAiO/_new 2017-10-03 23:18:23.193117237 +0200 @@ -17,7 +17,7 @@ Name: libressl -Version: 2.6.0 +Version: 2.6.2 Release: 0 Summary: An SSL/TLS protocol implementation License: OpenSSL @@ -42,31 +42,31 @@ OpenSSL, with the aim of refactoring the OpenSSL code so as to provide a more secure implementation. -%package -n libcrypto41 +%package -n libcrypto42 Summary: An SSL/TLS protocol implementation Group: System/Libraries -%description -n libcrypto41 +%description -n libcrypto42 The "crypto" library implements a wide range of cryptographic algorithms used in various Internet standards. The services provided by this library are used by the LibreSSL implementations of SSL, TLS and S/MIME, and they have also been used to implement SSH, OpenPGP, and other cryptographic standards. -%package -n libssl43 +%package -n libssl44 Summary: An SSL/TLS protocol implementation Group: System/Libraries -%description -n libssl43 +%description -n libssl44 LibreSSL is an open-source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. It derives from OpenSSL and intends to provide a more secure implementation. -%package -n libtls15 +%package -n libtls16 Summary: A simplified interface for the OpenSSL/LibreSSL TLS protocol implementation Group: System/Libraries -%description -n libtls15 +%description -n libtls16 LibreSSL is an open-source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. It derives from OpenSSL and intends to provide a more secure implementation. @@ -77,9 +77,9 @@ %package devel Summary: Development files for LibreSSL, an SSL/TLS protocol implementation Group: Development/Libraries/C and C++ -Requires: libcrypto41 = %version -Requires: libssl43 = %version -Requires: libtls15 = %version +Requires: libcrypto42 = %version +Requires: libssl44 = %version +Requires: libtls16 = %version Conflicts: libopenssl-devel Conflicts: otherproviders(ssl-devel) @@ -135,12 +135,12 @@ exit 1 fi -%post -n libcrypto41 -p /sbin/ldconfig -%postun -n libcrypto41 -p /sbin/ldconfig -%post -n libssl43 -p /sbin/ldconfig -%postun -n libssl43 -p /sbin/ldconfig -%post -n libtls15 -p /sbin/ldconfig -%postun -n libtls15 -p /sbin/ldconfig +%post -n libcrypto42 -p /sbin/ldconfig +%postun -n libcrypto42 -p /sbin/ldconfig +%post -n libssl44 -p /sbin/ldconfig +%postun -n libssl44 -p /sbin/ldconfig +%post -n libtls16 -p /sbin/ldconfig +%postun -n libtls16 -p /sbin/ldconfig %files %defattr(-,root,root) @@ -150,17 +150,18 @@ %_bindir/ocspcheck %_bindir/openssl %_mandir/man1/*.1* +%_mandir/man5/*.5* %doc COPYING -%files -n libcrypto41 +%files -n libcrypto42 %defattr(-,root,root) %_libdir/libcrypto.so.* -%files -n libssl43 +%files -n libssl44 %defattr(-,root,root) %_libdir/libssl.so.* -%files -n libtls15 +%files -n libtls16 %defattr(-,root,root) %_libdir/libtls.so.* ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.W8lAiO/_old 2017-10-03 23:18:23.237111045 +0200 +++ /var/tmp/diff_new_pack.W8lAiO/_new 2017-10-03 23:18:23.237111045 +0200 @@ -1,9 +1,9 @@ -libcrypto41 -libssl43 -libtls15 +libcrypto42 +libssl44 +libtls16 libressl-devel requires -libressl-<targettype> - requires "libcrypto41-<targettype> = <version>" - requires "libssl43-<targettype> = <version>" - requires "libtls15-<targettype> = <version>" + requires "libcrypto42-<targettype> = <version>" + requires "libssl44-<targettype> = <version>" + requires "libtls16-<targettype> = <version>" conflicts "libopenssl-devel-<targettype>" ++++++ libressl-2.6.0.tar.gz -> libressl-2.6.2.tar.gz ++++++ ++++ 26435 lines of diff (skipped)
participants (1)
-
root@hilbert.suse.de