Upgrade to 1.1.1o

Resolves: CVE-2022-1292 Related: rhbz#2095817 Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-06-13 12:04:37 +02:00 · 2022-06-13 12:04:37 +02:00 · 6312831343
parent 861bb10feb
commit 6312831343
5 changed files with 15 additions and 9 deletions
--- a/.gitignore
+++ b/.gitignore
@ -4,3 +4,4 @@
 /openssl-1.1.1k-hobbled.tar.xz
 /openssl-1.1.1l-hobbled.tar.xz
 /openssl-1.1.1n-hobbled.tar.xz
+/openssl-1.1.1o-hobbled.tar.xz
--- a/openssl-1.1.1-s390x-ecc.patch
+++ b/openssl-1.1.1-s390x-ecc.patch
@ -1927,7 +1927,7 @@ diff -up openssl-1.1.1g/crypto/s390x_arch.h.s390x-ecc openssl-1.1.1g/crypto/s390
 +    unsigned long long kdsa[2];
 };
 
- extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
+ #if defined(__GNUC__) && defined(__linux)
@@ -66,11 +74,14 @@ extern struct OPENSSL_s390xcap_st OPENSS
 # define S390X_KMF		0x90
 # define S390X_PRNO		0xa0
--- a/openssl-1.1.1-version-override.patch
+++ b/openssl-1.1.1-version-override.patch
@ -1,12 +1,12 @@
-diff -up openssl-1.1.1i/include/openssl/opensslv.h.version-override openssl-1.1.1i/include/openssl/opensslv.h
--- openssl-1.1.1i/include/openssl/opensslv.h.version-override	2020-12-09 10:25:12.042374409 +0100
-+++ openssl-1.1.1i/include/openssl/opensslv.h	2020-12-09 10:26:00.362769170 +0100
+diff -up openssl-1.1.1o/include/openssl/opensslv.h.version-override openssl-1.1.1o/include/openssl/opensslv.h
+--- openssl-1.1.1o/include/openssl/opensslv.h.version-override	2022-06-13 11:49:31.433661103 +0200
+++ openssl-1.1.1o/include/openssl/opensslv.h	2022-06-13 11:50:03.838250447 +0200
@@ -40,7 +40,7 @@ extern "C" {
  *  major minor fix final patch/beta)
  */
- # define OPENSSL_VERSION_NUMBER  0x101010efL
-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1n  15 Mar 2022"
-+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1n  FIPS 15 Mar 2022"
+ # define OPENSSL_VERSION_NUMBER  0x101010ffL
+-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1o  3 May 2022"
+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1o  FIPS 3 May 2022"
 
 /*-
  * The macros below are to be used for shared library (.so, .dll, ...)
--- a/openssl1.1.spec
+++ b/openssl1.1.spec
@ -25,7 +25,7 @@

 Summary: Compatibility version of the OpenSSL library
 Name: openssl1.1
-Version: 1.1.1n
+Version: 1.1.1o
 Release: 1%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
@ -373,6 +373,11 @@ rm -rf $RPM_BUILD_ROOT%{_libdir}/pkgconfig
 %ldconfig_scriptlets

 %changelog
+* Mon Jun 13 2022 Clemens Lang <cllang@redhat.com> - 1:1.1.1o-1
+- Upgrade to 1.1.1o
+  Resolves: CVE-2022-1292
+  Related: rhbz#2095817
+
 * Thu Mar 24 2022 Clemens Lang <cllang@redhat.com> - 1:1.1.1n-1
 - Upgrade to version 1.1.1n
  Resolves: CVE-2022-0778, rhbz#2064918
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (openssl-1.1.1n-hobbled.tar.xz) = e76b367218394279a1f34afcb747c2fdac6fc25fc933a70cdf85d1fd0eb6a4418b3bab985e8082b563df4f98dd6bac34464d143a8532bb78530235aaef988c4b
+SHA512 (openssl-1.1.1o-hobbled.tar.xz) = abeb25b070e7f42daa2d477c5e8d11494b8e4edefa9fb1e285e0f968af111a2a7625c4451b6bd7bc7dbed2251a1de9d16700916ac0b286ae6506b958ae9a33c0