rpms
/
openssl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
560 Commits 35 Branches 198 Tags 8.3 MiB
Commit Graph

86 Commits

Author SHA1 Message Date
Sahana Prasad 7e5d9e45b1
- Upload new upstream sources without manually hobbling them. 
- Remove the hobbling script as it is redundant. It is now allowed to ship
    the sources of patented EC curves, however it is still made unavailable to use
    by compiling with the 'no-ec2m' Configure option. The additional forbidden
    curves such as P-160, P-192, wap-tls curves are manually removed by updating
    0011-Remove-EC-curves.patch.
  - Apply the changes to ec_curve.c and  ectest.c as a new patch
    0010-Add-changes-to-ectest-and-eccurve.patch instead of replacing them.
  - Modify 0011-Remove-EC-curves.patch to allow Brainpool curves.
  - Modify 0011-Remove-EC-curves.patch to allow code under macro OPENSSL_NO_EC2M.
┊   Resolves: rhbz#2130618, rhbz#2141672

Signed-off-by: Sahana Prasad <sahana@redhat.com>
 2023-03-23 07:41:44 +01:00
Dmitry Belyavskiy e994f999e2 Rebase to upstream version 3.0.8 
Resolves: CVE-2022-4203
Resolves: CVE-2022-4304
Resolves: CVE-2022-4450
Resolves: CVE-2023-0215
Resolves: CVE-2023-0216
Resolves: CVE-2023-0217
Resolves: CVE-2023-0286
Resolves: CVE-2023-0401
 2023-02-09 17:46:45 +01:00
Dmitry Belyavskiy 106fe8964c - Rebase to upstream version 3.0.7 
Rebased to openssl-3.0.7 with corresponding minor bugfixes
- C99 compatibility in downstream-only 0032-Force-fips.patch
  Resolves: rhbz#2152504
- Adjusting include for the FIPS_mode macro
  Resolves: rhbz#2083876
 2022-12-23 11:53:21 +01:00
Clemens Lang 32908974c2 Rebase to upstream version 3.0.5 
Also fixes CVE-2022-2097, which only affects i686.

Related: rhbz#2099972
Signed-off-by: Clemens Lang <cllang@redhat.com>
 2022-07-07 12:36:41 +02:00
Dmitry Belyavskiy 8a03afa13c Rebasing to OpenSSL 3.0.3 
Resolves: rhbz#2091987
 2022-06-01 17:29:35 +02:00
Dmitry Belyavskiy a0bd929a42 Update to openssl 3.0.2 
Related: rhbz#2064453
 2022-03-18 10:41:13 +01:00
Sahana Prasad 347681c6b2 Rebase to upstream version 3.0.0 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
 2021-09-09 17:27:21 +02:00
Sahana Prasad 0f5f931f9a update to version 1.1.1k 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
 2021-03-26 07:37:03 +01:00
Sahana Prasad b023ffe39f Upgrade to version 1.1.1.j 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
 2021-03-03 15:08:11 +01:00
Tomas Mraz a07706cf0e Update to the 1.1.1i release fixing CVE-2020-1971 2020-12-09 10:49:38 +01:00
Sahana Prasad 3413ff9700 Upgrade to version 1.1.1h 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
 2020-11-09 10:41:15 +01:00
Tomas Mraz 5888d1863e update to the 1.1.1g release 2020-04-23 13:47:52 +02:00
Tomas Mraz 5004ccfb25 update to the 1.1.1f release 2020-04-07 16:50:53 +02:00
Tomas Mraz c11b71fd2f update to the 1.1.1e release 
add selftest of the RAND_DRBG implementation
fix incorrect error return value from FIPS_selftest_dsa
 2020-03-19 17:44:25 +01:00
Tomas Mraz f6a62c4c2c update to the 1.1.1d release 2019-09-13 17:25:44 +02:00
Tomas Mraz 31d61b19d5 update to the 1.1.1c release 2019-05-29 17:23:31 +02:00
Tomas Mraz 5cda1ca091 update to the 1.1.1b release 
EVP_KDF API backport from master
SSH KDF implementation for EVP_KDF API backport from master
 2019-02-28 17:01:40 +01:00
Tomas Mraz 301c642c7f update to the 1.1.1a release 2019-01-15 15:07:49 +01:00
Tomas Mraz d2c08bab45 Upload the 1.1.1 sources 2018-09-13 09:45:00 +02:00
Tomas Mraz 62ec0f1fa9 update to the latest 1.1.1 beta version 2018-08-22 12:41:26 +02:00
Tomas Mraz 9189f03055 update to the latest 1.1.1 beta version 2018-07-25 18:15:19 +02:00
Tomas Mraz 6eb8f62027 update to upstream version 1.1.0h 
Add Recommends for openssl-pkcs11
 2018-03-29 15:44:09 +02:00
Tomas Mraz 8e2fdfb52a Uploaded 1.1.0g sources. 2017-11-03 17:07:20 +01:00
Tomas Mraz 1ff978b22e update to upstream version 1.1.0f 
SRP and GOST is now allowed, note that GOST support requires
  adding GOST engine which is not part of openssl anymore
 2017-06-02 15:32:15 +02:00
Tomas Mraz c676ac32d5 update to upstream version 1.1.0e 
add documentation of the PROFILE=SYSTEM special cipher string (#1420232)
 2017-02-16 16:59:27 +01:00
Tomas Mraz c144665042 update to upstream version 1.1.0d 2017-01-26 16:24:24 +01:00
Tomas Mraz e443a79334 Add back EC NIST P-224 and revert SSL_read() change 
- revert SSL_read() behavior change - patch from upstream (#1394677)
- EC curve NIST P-224 is now allowed, still kept disabled in TLS due
  to less than optimal security
 2016-11-22 10:39:55 +01:00
Tomas Mraz be56ae067b update to upstream version 1.1.0c 2016-11-11 14:47:36 +01:00
Tomas Mraz 510bcc2e3a update to upstream version 1.1.0b 2016-10-11 10:31:54 +02:00
Tomas Mraz e8261d1b72 minor upstream release 1.0.2j fixing regression from previous release 2016-09-26 12:56:04 +02:00
Tomas Mraz 6e67274c62 minor upstream release 1.0.2i fixing security issues 
- move man pages for perl based scripts to perl subpackage (#1377617)
 2016-09-22 14:16:05 +02:00
Tomas Mraz eeb6ac1a65 minor upstream release 1.0.2h fixing security issues 2016-05-03 18:23:18 +02:00
Tom Callaway 589d3ee15b enable RC5 with permission from Legal 2016-03-07 21:56:55 -06:00
Tomas Mraz e7a0ff581f minor upstream release 1.0.2g fixing security issues 2016-03-01 17:22:06 +01:00
Tomas Mraz 1004dabcc6 minor upstream release 1.0.2f fixing security issues 
- add support for MIPS secondary architecture
 2016-01-28 17:12:09 +01:00
Tomas Mraz 4240ecaa1b minor upstream release 1.0.2e fixing moderate severity security issues 
- enable fast assembler implementation for NIST P-256 and P-521
  elliptic curves (#1164210)
- filter out unwanted link options from the .pc files (#1257836)
 2015-12-04 14:13:59 +01:00
Tomas Mraz 5675d07a14 minor upstream release 1.0.2d fixing a high severity security issue 2015-07-09 17:25:58 +02:00
Tomas Mraz 837dd04882 minor upstream release 1.0.2c fixing multiple security issues 2015-06-15 18:23:46 +02:00
Tomas Mraz a1fb602a95 rebase to 1.0.2 branch 2015-04-23 13:57:26 +02:00
Tomas Mraz 7e7e3f299f new upstream release fixing multiple security issues 2015-01-09 10:54:51 +01:00
Tomas Mraz 0a961bb5e3 new upstream release fixing multiple security issues 2014-10-16 14:02:00 +02:00
Tomas Mraz a78828f786 new upstream release fixing multiple moderate security issues 
- for now disable only SSLv2 by default
 2014-08-07 16:00:47 +02:00
Tomas Mraz 360a4bb67c new upstream release 1.0.1h 2014-06-05 15:05:17 +02:00
Tomas Mraz 0376d8368c new upstream release 1.0.1g 
- do not include ECC ciphersuites in SSLv2 client hello (#1090952)
- fail on hmac integrity check if the .hmac file is empty
 2014-05-07 11:42:32 +02:00
Tomas Mraz b3551463ca only ECC NIST Suite B curves support 
- drop -fips subpackage
 2013-10-16 14:37:51 +02:00
Tom Callaway 1f19ac14f9 resolve bugzilla 319901 (phew! only took 6 years & 9 days) 2013-10-15 02:08:35 +01:00
Tomas Mraz dc696fdac4 new upstream version 2013-02-19 13:57:39 +01:00
Tomas Mraz 651215c12b new upstream version 2012-05-15 19:37:55 +02:00
Tomas Mraz 5eb4589d83 new upstream version 2012-04-26 18:10:52 +02:00
Tomas Mraz e8c18345a4 new upstream version fixing CVE-2012-2110 2012-04-20 12:24:39 +02:00