ID | 340839 |
Package Name | openssl |
Version | 3.2.2 |
Release | 7.fc41 |
Epoch | 1 |
Source | git+https://src.fedoraproject.org/rpms/openssl.git#0afb936577564e80b55a77552bb8f398561f4543 |
Summary |
Description |
Built by | davidlt |
State |
complete
|
Volume |
DEFAULT |
Started | Sat, 28 Sep 2024 15:13:25 UTC |
Completed | Sat, 28 Sep 2024 19:53:05 UTC |
Task | build (f41, /rpms/openssl.git:0afb936577564e80b55a77552bb8f398561f4543) |
Extra | {'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/openssl.git#0afb936577564e80b55a77552bb8f398561f4543'}} |
Tags |
|
RPMs |
|
Logs |
|
Changelog |
* Thu Sep 12 2024 Sahana Prasad <sahana@redhat.com> - 1:3.2.2-7
- Fix CVE-2024-5535: SSL_select_next_proto buffer overread
* Fri Sep 06 2024 Sahana Prasad <sahana@redhat.com> - 1:3.2.2-6
- Patch for CVE-2024-6119
* Thu Jul 18 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.2.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Tue Jul 09 2024 Sahana Prasad <sahana@redhat.com> - 1:3.2.2-4
- Assign IANA numbers for hybrid PQ KEX
- Porting the fix in https://github.com/openssl/openssl/pull/22803
* Mon Jul 01 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-3
- Moving engine-related files to a separate subpackage to be deprecated in future
Resolves: rhbz#2276420
* Thu Jun 27 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-2
- As upstream disables TLS 1.0/1.1 on any SECLEVEL > 0, there is no point
keeping the SHA1 permission at SECLEVEL=1 anymore.
* Thu Jun 06 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-1
- Rebase to 3.2.2
* Wed Jun 05 2024 Yaakov Selkowitz <yselkowi@redhat.com> - 1:3.2.1-10
- Do not require openssl-fips-provider on ELN
* Mon Jun 03 2024 Sahana Prasad <sahana@redhat.com> - 1:3.2.1-9
- Synchronize patches from CentOS 9 that had additional fixes required
for rebase to 3.2.1
* Tue May 28 2024 Alexander Sosedkin <asosedkin@redhat.com> - 1:3.2.1-8
- Instrument with USDT probes related to SHA-1 deprecation
* Tue May 14 2024 David Abdurachmanov <davidlt@rivosinc.com> - 1:3.2.1-7
- Add --libdir=lib64 for riscv64 (uses linux-generic64)
* Thu Apr 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.1-6
- Restoring missing part of 0044-
- Backporting CMS FIPS defaults from CentOS 9
* Mon Mar 25 2024 Sahana Prasad <sahana@redhat.com> - 1:3.2.1-5
- Add no-engine support. The previous commit was a mistake.
* Mon Mar 25 2024 Sahana Prasad <sahana@redhat.com> - 1:3.2.1-4
- Build OpenSSL with no-engine support
* Thu Mar 07 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.1-3
- Minimize skipping tests
- Allow ignoring unknown signature algorithms and groups (upstream #23050)
- Allow specifying provider algorithms in SignatureAlgorithms (upstream #22779)
* Fri Feb 09 2024 Sahana Prasad <sahana@redhat.com> - 1:3.2.1-2
- Fix version aliasing issue
- https://github.com/openssl/openssl/issues/23534
* Tue Feb 06 2024 Sahana Prasad <sahana@redhat.com> - 1:3.2.1-1
- Rebase to upstream version 3.2.1
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.1.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.1.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jan 10 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.1.4-2
- We don't want to ship openssl-pkcs11 in RHEL10/Centos 10
* Thu Oct 26 2023 Sahana Prasad <sahana@redhat.com> - 1:3.1.4-1
- Rebase to upstream version 3.1.4
* Thu Oct 19 2023 Sahana Prasad <sahana@redhat.com> - 1:3.1.3-1
- Rebase to upstream version 3.1.3
* Thu Aug 31 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.1.1-4
- Drop duplicated patch and do some contamination
* Tue Aug 22 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.1.1-3
- Integrate FIPS patches from CentOS
* Fri Aug 04 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.1.1-2
- migrated to SPDX license
* Thu Jul 27 2023 Sahana Prasad <sahana@redhat.com> - 1:3.1.1-1
- Rebase to upstream version 3.1.1
Resolves: CVE-2023-0464
Resolves: CVE-2023-0465
Resolves: CVE-2023-0466
Resolves: CVE-2023-1255
Resolves: CVE-2023-2650
* Thu Jul 27 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.8-4
- Forbid custom EC more completely
Resolves: rhbz#2223953
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.8-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Mar 21 2023 Sahana Prasad <sahana@redhat.com> - 1:3.0.8-2
- Upload new upstream sources without manually hobbling them.
- Remove the hobbling script as it is redundant. It is now allowed to ship
the sources of patented EC curves, however it is still made unavailable to use
by compiling with the 'no-ec2m' Configure option. The additional forbidden
curves such as P-160, P-192, wap-tls curves are manually removed by updating
0011-Remove-EC-curves.patch.
- Enable Brainpool curves.
- Apply the changes to ec_curve.c and ectest.c as a new patch
0010-Add-changes-to-ectest-and-eccurve.patch instead of replacing them.
- Modify 0011-Remove-EC-curves.patch to allow Brainpool curves.
- Modify 0011-Remove-EC-curves.patch to allow code under macro OPENSSL_NO_EC2M.
Resolves: rhbz#2130618, rhbz#2141672
* Thu Feb 09 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.8-1
- Rebase to upstream version 3.0.8
Resolves: CVE-2022-4203
Resolves: CVE-2022-4304
Resolves: CVE-2022-4450
Resolves: CVE-2023-0215
Resolves: CVE-2023-0216
Resolves: CVE-2023-0217
Resolves: CVE-2023-0286
Resolves: CVE-2023-0401
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.0.7-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jan 05 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-3
- Backport implicit rejection for RSA PKCS#1 v1.5 encryption
Resolves: rhbz#2153470
* Thu Jan 05 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-2
- Refactor embedded mac verification in FIPS module
Resolves: rhbz#2156045
* Fri Dec 23 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-1
- Rebase to upstream version 3.0.7
- C99 compatibility in downstream-only 0032-Force-fips.patch
Resolves: rhbz#2152504
- Adjusting include for the FIPS_mode macro
Resolves: rhbz#2083876
* Wed Nov 16 2022 Simo sorce <simo@redhat.com> - 1:3.0.5-7
- Backport patches to fix external providers compatibility issues
* Tue Nov 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.5-6
- CVE-2022-3602: X.509 Email Address Buffer Overflow
- CVE-2022-3786: X.509 Email Address Buffer Overflow
Resolves: CVE-2022-3602
Resolves: CVE-2022-3786
|