rpms/openssl
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
99 Commits 35 Branches 198 Tags 8.3 MiB
6427162702
Commit Graph

99 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jorton
6427162702 - update to new CA bundle from mozilla.org 2007-10-15 15:20:47 +00:00
Tomáš Mráz
873b8d554b - fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801) 
- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)
- add alpha sub-archs (#296031)
 2007-10-12 12:17:08 +00:00
Tomáš Mráz
65e6d90529 - fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801) 
- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)
- add alpha sub-archs (#296031)
 2007-10-12 12:16:00 +00:00
Tomáš Mráz
568fd16a03 - rebuild 2007-08-21 19:42:52 +00:00
Patrick Laughton
de79c32133 Test succeeded, apologies to Tomas for the noise. 2007-08-09 00:49:27 +00:00
Patrick Laughton
366d8b3e20 Testing Fedora SPARC ACL group permissions. 2007-08-09 00:47:13 +00:00
Tomáš Mráz
aa64c417f5 - use localhost in testsuite, hopefully fixes slow build in koji 
- CVE-2007-3108 - fix side channel attack on private keys (#250577)
- make ssl session cache id matching strict (#233599)
 2007-08-03 12:16:54 +00:00
Tomáš Mráz
b191bc7a11 - allow building on ARM architectures (#245417) 
- use reference timestamps to prevent multilib conflicts (#218064)
- -devel package must require pkgconfig (#241031)
 2007-07-25 13:37:15 +00:00
Tomáš Mráz
fba756feb1 - detect duplicates in add_dir properly (#206346) 2006-12-11 19:46:13 +00:00
Tomáš Mráz
4ca06fa547 - the previous change still didn't make X509_NAME_cmp transitive 2006-11-30 23:10:43 +00:00
Tomáš Mráz
f0fb64db28 - make X509_NAME_cmp transitive otherwise certificate lookup is broken 
(#216050)
- Resolves: rhbz#216050
 2006-11-23 20:38:24 +00:00
Tomáš Mráz
a99897e811 - aliasing bug in engine loading, patch by IBM (#213216) 2006-11-02 21:16:00 +00:00
Tomáš Mráz
98d8457650 - CVE-2006-2940 fix was incorrect (#208744) 2006-10-02 08:37:59 +00:00
Tomáš Mráz
6dc7017559 - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276) 
- fix CVE-2006-2940 - parasitic public keys DoS (#207274)
- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)
- fix CVE-2006-4343 - sslv2 client DoS (#206940)
 2006-09-28 19:59:16 +00:00
Tomáš Mráz
cd294fcd2a - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276) 
- fix CVE-2006-2940 - parasitic public keys DoS (#207274)
- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)
- fix CVE-2006-4343 - sslv2 client DoS (#206940)
 2006-09-28 19:58:49 +00:00
Tomáš Mráz
ba40f6bb66 - fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180) 2006-09-05 13:44:39 +00:00
Tomáš Mráz
2020821670 - set buffering to none on stdio/stdout FILE when bufsize is set (#200580) 
patch by IBM
 2006-08-02 18:18:43 +00:00
aoliva
c1d3bf9a12 - rebuild with new binutils (#200330) 2006-07-29 02:54:33 +00:00
Tomáš Mráz
e9887c37ef - add a temporary workaround for sha512 test failure on s390 (#199604) 2006-07-21 08:28:43 +00:00
Tomáš Mráz
4d4d77e68c - add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737) 
- add patches for BN threadsafety, AES cache collision attack hazard fix
    and pkcs7 code memleak fix from upstream CVS
 2006-07-20 12:58:48 +00:00
Jesse Keating
a362beea0e bumped for rebuild 2006-07-12 07:35:49 +00:00
Tomáš Mráz
6b8c7ea159 - dropped libica and ica engine from build 2006-06-21 21:14:05 +00:00
jorton
24c8087012 - update to new CA bundle from mozilla.org; adds CA certificates from 
netlock.hu and startcom.org
 2006-06-21 12:49:44 +00:00
Tomáš Mráz
810d3c4e49 - add export 2006-06-06 12:03:44 +00:00
Tomáš Mráz
50ec471f0f - libica: add path to openssl headers for compilation in mock 2006-06-06 10:51:31 +00:00
Tomáš Mráz
499412dfe4 - fixed a few rpmlint warnings 
- better fix for #173399 from upstream
- upstream fix for pkcs12
 2006-06-05 13:55:51 +00:00
Tomáš Mráz
340dc6a41e - there is no more linux/config.h (it was empty anyway) 2006-05-11 12:21:42 +00:00
Tomáš Mráz
bf80fa7d8e - upgrade to new version, stays ABI compatible 2006-05-11 11:52:19 +00:00
Tomáš Mráz
6f11ea3f44 - fix stale open handles in libica (#177155) 
- fix build if 'rand' or 'passwd' in buildroot path (#178782)
- initialize VIA Padlock engine (#186857)
 2006-04-04 17:45:56 +00:00
Jesse Keating
8c34b0921c bump for bug in double-long on ppc(64) 2006-02-11 04:53:59 +00:00
Jesse Keating
95579342d3 bump for new gcc/glibc 2006-02-07 13:22:17 +00:00
Tomáš Mráz
f1d9cb4f96 - don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG in SSL_OP_ALL 
(#175779)
 2005-12-15 10:45:33 +00:00
Jesse Keating
6a4a9c2005 gcc update bump 2005-12-09 22:42:35 +00:00
Tomáš Mráz
feb192463e - fix build (-lcrypto was erroneusly dropped) of the updated libica 
- updated ICA engine to 1.3.6-rc3
 2005-11-29 11:52:11 +00:00
Tomáš Mráz
eba5bcbbc4 - disable builtin compression methods for now until they work properly 
(#173399)
 2005-11-22 15:36:57 +00:00
Tomáš Mráz
20e19070fe - don't set -rpath for openssl binary 2005-11-16 21:45:59 +00:00
Tomáš Mráz
e96bebc853 - new upstream version 
- patches partially renumbered
 2005-11-08 13:52:29 +00:00
Tomáš Mráz
2099136c66 - updated IBM ICA engine library and patch to latest upstream version 2005-10-21 13:48:38 +00:00
Tomáš Mráz
b073820eb5 - fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which disables 
the countermeasure against man in the middle attack in SSLv2 (#169863)
- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803)
 2005-10-12 12:01:16 +00:00
Tomáš Mráz
86877cdfc8 - add *.so.soversion as symlinks in /lib (#165264) 
- remove unpackaged symlinks (#159595)
- fixes from upstream (constant time fixes for DSA, bn assembler div on ppc
    arch, initialize memory on realloc)
 2005-08-23 15:28:52 +00:00
Phil Knirsch
95f9154b19 - Updated ICA engine IBM patch to latest upstream version. 2005-08-11 10:16:19 +00:00
Karsten Hopp
655f2e498a make it build with current rpm - remove symlinks 2005-08-03 13:30:46 +00:00
Tomáš Mráz
784dc22c4c - fix CAN-2005-0109 - use constant time/memory access mod_exp so bits of 
private key aren't leaked by cache eviction (#157631)
- a few more fixes from upstream 0.9.7g
 2005-05-19 09:17:54 +00:00
Tomáš Mráz
4e6a921995 - use poll instead of select in rand (#128285) 
- fix Makefile.certificate to point to /etc/pki/tls
- change the default string mask in ASN1 to PrintableString+UTF8String
 2005-04-27 10:48:43 +00:00
jorton
9c01f4a254 - update to revision 1.37 of Mozilla CA bundle 2005-04-25 09:06:16 +00:00
Tomáš Mráz
79f559a35a - move certificates to _sysconfdir/pki/tls (#143392) 
- move CA directories to _sysconfdir/pki/CA
- patch the CA script and the default config so it points to the CA
    directories
 2005-04-21 20:22:55 +00:00
Tomáš Mráz
1d982a09cd - uninitialized variable mustn't be used as input in inline assembly 
- reenable the x86_64 assembly again
 2005-04-01 16:19:34 +00:00
Tomáš Mráz
d9b56b6f14 - add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken 
- disable broken bignum assembly on x86_64
 2005-03-31 19:41:28 +00:00
Tomáš Mráz
c9c6ff6b15 - added support for changing serial number to Makefile.certificate 
(#151188)
- make ca-bundle.crt a config file (#118903)
 2005-03-30 10:52:21 +00:00
Tomáš Mráz
632ff532b1 - reenable optimizations on ppc64 
- enable assembly code on ia64
- upgrade to new upstream version (no soname bump needed)
- disable thread test - it was testing the backport of the RSA blinding -
    no longer needed
 2005-03-30 09:14:37 +00:00