Hello community, here is the log from the commit of package openssl for openSUSE:Factory checked in at Fri Sep 9 11:49:18 CEST 2011. -------- --- openssl/openssl.changes 2011-08-06 02:37:39.000000000 +0200 +++ /mounts/work_src_done/STABLE/openssl/openssl.changes 2011-09-07 16:32:25.000000000 +0200 @@ -1,0 +2,6 @@ +Wed Sep 7 14:29:41 UTC 2011 - crrodriguez@opensuse.org + +- Update to openssl 1.0.0e fixes CVE-2011-3207 and CVE-2011-3210 + see http://openssl.org/news/secadv_20110906.txt for details. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- ECDSA_signatures_timing_attack.patch openssl-1.0.0d.tar.bz2 New: ---- openssl-1.0.0e.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl.spec ++++++ --- /var/tmp/diff_new_pack.ThJV88/_old 2011-09-09 11:49:11.000000000 +0200 +++ /var/tmp/diff_new_pack.ThJV88/_new 2011-09-09 11:49:11.000000000 +0200 @@ -32,8 +32,8 @@ %endif # #Version: 1.0.0 -Version: 1.0.0d -Release: 31 +Version: 1.0.0e +Release: 1 Summary: Secure Sockets and Transport Layer Security Url: http://www.openssl.org/ Source: http://www.%{name}.org/source/%{name}-%{version}.tar.bz2 @@ -50,7 +50,6 @@ #Patch6: CVE-2010-3864.patch Patch7: openssl-1.0.0b-aesni.patch #Patch8: CVE-2011-0014.patch -Patch9: ECDSA_signatures_timing_attack.patch Patch10: openssl-call-engine-reg-comp.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -188,7 +187,6 @@ #%patch6 -p1 %patch7 -p1 #%patch8 -p1 -%patch9 -p1 %patch10 cp -p %{S:10} . echo "adding/overwriting some entries in the 'table' hash in Configure" ++++++ openssl-1.0.0d.tar.bz2 -> openssl-1.0.0e.tar.bz2 ++++++ ++++ 9639 lines of diff (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org