Commit Graph

85 Commits

Author SHA1 Message Date
Dmitry Belyavskiy
194ef7464a Rebase to upstream version 3.0.8
Resolves: CVE-2022-4203
Resolves: CVE-2022-4304
Resolves: CVE-2022-4450
Resolves: CVE-2023-0215
Resolves: CVE-2023-0216
Resolves: CVE-2023-0217
Resolves: CVE-2023-0286
Resolves: CVE-2023-0401
2023-02-09 17:57:19 +01:00
Dmitry Belyavskiy
106fe8964c - Rebase to upstream version 3.0.7
Rebased to openssl-3.0.7 with corresponding minor bugfixes
- C99 compatibility in downstream-only 0032-Force-fips.patch
  Resolves: rhbz#2152504
- Adjusting include for the FIPS_mode macro
  Resolves: rhbz#2083876
2022-12-23 11:53:21 +01:00
Clemens Lang
32908974c2 Rebase to upstream version 3.0.5
Also fixes CVE-2022-2097, which only affects i686.

Related: rhbz#2099972
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-07-07 12:36:41 +02:00
Dmitry Belyavskiy
8a03afa13c Rebasing to OpenSSL 3.0.3
Resolves: rhbz#2091987
2022-06-01 17:29:35 +02:00
Dmitry Belyavskiy
a0bd929a42 Update to openssl 3.0.2
Related: rhbz#2064453
2022-03-18 10:41:13 +01:00
Sahana Prasad
347681c6b2 Rebase to upstream version 3.0.0
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-09-09 17:27:21 +02:00
Sahana Prasad
0f5f931f9a update to version 1.1.1k
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-03-26 07:37:03 +01:00
Sahana Prasad
b023ffe39f Upgrade to version 1.1.1.j
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-03-03 15:08:11 +01:00
Tomas Mraz
a07706cf0e Update to the 1.1.1i release fixing CVE-2020-1971 2020-12-09 10:49:38 +01:00
Sahana Prasad
3413ff9700 Upgrade to version 1.1.1h
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2020-11-09 10:41:15 +01:00
Tomas Mraz
5888d1863e update to the 1.1.1g release 2020-04-23 13:47:52 +02:00
Tomas Mraz
5004ccfb25 update to the 1.1.1f release 2020-04-07 16:50:53 +02:00
Tomas Mraz
c11b71fd2f update to the 1.1.1e release
add selftest of the RAND_DRBG implementation
fix incorrect error return value from FIPS_selftest_dsa
2020-03-19 17:44:25 +01:00
Tomas Mraz
f6a62c4c2c update to the 1.1.1d release 2019-09-13 17:25:44 +02:00
Tomas Mraz
31d61b19d5 update to the 1.1.1c release 2019-05-29 17:23:31 +02:00
Tomas Mraz
5cda1ca091 update to the 1.1.1b release
EVP_KDF API backport from master
SSH KDF implementation for EVP_KDF API backport from master
2019-02-28 17:01:40 +01:00
Tomas Mraz
301c642c7f update to the 1.1.1a release 2019-01-15 15:07:49 +01:00
Tomas Mraz
d2c08bab45 Upload the 1.1.1 sources 2018-09-13 09:45:00 +02:00
Tomas Mraz
62ec0f1fa9 update to the latest 1.1.1 beta version 2018-08-22 12:41:26 +02:00
Tomas Mraz
9189f03055 update to the latest 1.1.1 beta version 2018-07-25 18:15:19 +02:00
Tomas Mraz
6eb8f62027 update to upstream version 1.1.0h
Add Recommends for openssl-pkcs11
2018-03-29 15:44:09 +02:00
Tomas Mraz
8e2fdfb52a Uploaded 1.1.0g sources. 2017-11-03 17:07:20 +01:00
Tomas Mraz
1ff978b22e update to upstream version 1.1.0f
SRP and GOST is now allowed, note that GOST support requires
  adding GOST engine which is not part of openssl anymore
2017-06-02 15:32:15 +02:00
Tomas Mraz
c676ac32d5 update to upstream version 1.1.0e
add documentation of the PROFILE=SYSTEM special cipher string (#1420232)
2017-02-16 16:59:27 +01:00
Tomas Mraz
c144665042 update to upstream version 1.1.0d 2017-01-26 16:24:24 +01:00
Tomas Mraz
e443a79334 Add back EC NIST P-224 and revert SSL_read() change
- revert SSL_read() behavior change - patch from upstream (#1394677)
- EC curve NIST P-224 is now allowed, still kept disabled in TLS due
  to less than optimal security
2016-11-22 10:39:55 +01:00
Tomas Mraz
be56ae067b update to upstream version 1.1.0c 2016-11-11 14:47:36 +01:00
Tomas Mraz
510bcc2e3a update to upstream version 1.1.0b 2016-10-11 10:31:54 +02:00
Tomas Mraz
e8261d1b72 minor upstream release 1.0.2j fixing regression from previous release 2016-09-26 12:56:04 +02:00
Tomas Mraz
6e67274c62 minor upstream release 1.0.2i fixing security issues
- move man pages for perl based scripts to perl subpackage (#1377617)
2016-09-22 14:16:05 +02:00
Tomas Mraz
eeb6ac1a65 minor upstream release 1.0.2h fixing security issues 2016-05-03 18:23:18 +02:00
Tom Callaway
589d3ee15b enable RC5 with permission from Legal 2016-03-07 21:56:55 -06:00
Tomas Mraz
e7a0ff581f minor upstream release 1.0.2g fixing security issues 2016-03-01 17:22:06 +01:00
Tomas Mraz
1004dabcc6 minor upstream release 1.0.2f fixing security issues
- add support for MIPS secondary architecture
2016-01-28 17:12:09 +01:00
Tomas Mraz
4240ecaa1b minor upstream release 1.0.2e fixing moderate severity security issues
- enable fast assembler implementation for NIST P-256 and P-521
  elliptic curves (#1164210)
- filter out unwanted link options from the .pc files (#1257836)
2015-12-04 14:13:59 +01:00
Tomas Mraz
5675d07a14 minor upstream release 1.0.2d fixing a high severity security issue 2015-07-09 17:25:58 +02:00
Tomas Mraz
837dd04882 minor upstream release 1.0.2c fixing multiple security issues 2015-06-15 18:23:46 +02:00
Tomas Mraz
a1fb602a95 rebase to 1.0.2 branch 2015-04-23 13:57:26 +02:00
Tomas Mraz
7e7e3f299f new upstream release fixing multiple security issues 2015-01-09 10:54:51 +01:00
Tomas Mraz
0a961bb5e3 new upstream release fixing multiple security issues 2014-10-16 14:02:00 +02:00
Tomas Mraz
a78828f786 new upstream release fixing multiple moderate security issues
- for now disable only SSLv2 by default
2014-08-07 16:00:47 +02:00
Tomas Mraz
360a4bb67c new upstream release 1.0.1h 2014-06-05 15:05:17 +02:00
Tomas Mraz
0376d8368c new upstream release 1.0.1g
- do not include ECC ciphersuites in SSLv2 client hello (#1090952)
- fail on hmac integrity check if the .hmac file is empty
2014-05-07 11:42:32 +02:00
Tomas Mraz
b3551463ca only ECC NIST Suite B curves support
- drop -fips subpackage
2013-10-16 14:37:51 +02:00
Tom Callaway
1f19ac14f9 resolve bugzilla 319901 (phew! only took 6 years & 9 days) 2013-10-15 02:08:35 +01:00
Tomas Mraz
dc696fdac4 new upstream version 2013-02-19 13:57:39 +01:00
Tomas Mraz
651215c12b new upstream version 2012-05-15 19:37:55 +02:00
Tomas Mraz
5eb4589d83 new upstream version 2012-04-26 18:10:52 +02:00
Tomas Mraz
e8c18345a4 new upstream version fixing CVE-2012-2110 2012-04-20 12:24:39 +02:00
Tomas Mraz
0f0ab24176 new upstream release 2012-03-14 21:38:58 +01:00