forked from rpms/openssl
new upstream release fixing CVE-2012-0050 - DoS regression in
DTLS support introduced by the previous release (#782795)
This commit is contained in:
parent
48bba71e16
commit
d91aea8890
1
.gitignore
vendored
1
.gitignore
vendored
@ -4,3 +4,4 @@ openssl-1.0.0a-usa.tar.bz2
|
|||||||
/openssl-1.0.0d-usa.tar.bz2
|
/openssl-1.0.0d-usa.tar.bz2
|
||||||
/openssl-1.0.0e-usa.tar.bz2
|
/openssl-1.0.0e-usa.tar.bz2
|
||||||
/openssl-1.0.0f-usa.tar.bz2
|
/openssl-1.0.0f-usa.tar.bz2
|
||||||
|
/openssl-1.0.0g-usa.tar.xz
|
||||||
|
@ -1,22 +1,22 @@
|
|||||||
diff -up openssl-1.0.0f/crypto/opensslv.h.version openssl-1.0.0f/crypto/opensslv.h
|
diff -up openssl-1.0.0g/crypto/opensslv.h.version openssl-1.0.0g/crypto/opensslv.h
|
||||||
--- openssl-1.0.0f/crypto/opensslv.h.version 2012-01-05 13:28:32.000000000 +0100
|
--- openssl-1.0.0g/crypto/opensslv.h.version 2012-01-19 14:50:50.094028047 +0100
|
||||||
+++ openssl-1.0.0f/crypto/opensslv.h 2012-01-05 13:29:37.000000000 +0100
|
+++ openssl-1.0.0g/crypto/opensslv.h 2012-01-19 14:51:48.655529671 +0100
|
||||||
@@ -25,7 +25,8 @@
|
@@ -25,7 +25,8 @@
|
||||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||||
* major minor fix final patch/beta)
|
* major minor fix final patch/beta)
|
||||||
*/
|
*/
|
||||||
-#define OPENSSL_VERSION_NUMBER 0x1000006fL
|
-#define OPENSSL_VERSION_NUMBER 0x1000007fL
|
||||||
+/* we have to keep the version number to not break the abi */
|
+/* we have to keep the version number to not break the abi */
|
||||||
+#define OPENSSL_VERSION_NUMBER 0x10000003
|
+#define OPENSSL_VERSION_NUMBER 0x10000003
|
||||||
#ifdef OPENSSL_FIPS
|
#ifdef OPENSSL_FIPS
|
||||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0f-fips 4 Jan 2012"
|
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0g-fips 18 Jan 2012"
|
||||||
#else
|
#else
|
||||||
@@ -83,7 +84,7 @@
|
@@ -83,7 +84,7 @@
|
||||||
* should only keep the versions that are binary compatible with the current.
|
* should only keep the versions that are binary compatible with the current.
|
||||||
*/
|
*/
|
||||||
#define SHLIB_VERSION_HISTORY ""
|
#define SHLIB_VERSION_HISTORY ""
|
||||||
-#define SHLIB_VERSION_NUMBER "1.0.0"
|
-#define SHLIB_VERSION_NUMBER "1.0.0"
|
||||||
+#define SHLIB_VERSION_NUMBER "1.0.0f"
|
+#define SHLIB_VERSION_NUMBER "1.0.0g"
|
||||||
|
|
||||||
|
|
||||||
#endif /* HEADER_OPENSSLV_H */
|
#endif /* HEADER_OPENSSLV_H */
|
10
openssl.spec
10
openssl.spec
@ -20,12 +20,12 @@
|
|||||||
|
|
||||||
Summary: A general purpose cryptography library with TLS implementation
|
Summary: A general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 1.0.0f
|
Version: 1.0.0g
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
# The original openssl upstream tarball cannot be shipped in the .src.rpm.
|
# The original openssl upstream tarball cannot be shipped in the .src.rpm.
|
||||||
Source: openssl-%{version}-usa.tar.bz2
|
Source: openssl-%{version}-usa.tar.xz
|
||||||
Source1: hobble-openssl
|
Source1: hobble-openssl
|
||||||
Source2: Makefile.certificate
|
Source2: Makefile.certificate
|
||||||
Source6: make-dummy-cert
|
Source6: make-dummy-cert
|
||||||
@ -61,7 +61,7 @@ Patch45: openssl-0.9.8j-env-nozlib.patch
|
|||||||
Patch47: openssl-1.0.0-beta5-readme-warning.patch
|
Patch47: openssl-1.0.0-beta5-readme-warning.patch
|
||||||
Patch49: openssl-1.0.0-beta4-algo-doc.patch
|
Patch49: openssl-1.0.0-beta4-algo-doc.patch
|
||||||
Patch50: openssl-1.0.0-beta4-dtls1-abi.patch
|
Patch50: openssl-1.0.0-beta4-dtls1-abi.patch
|
||||||
Patch51: openssl-1.0.0f-version.patch
|
Patch51: openssl-1.0.0g-version.patch
|
||||||
Patch52: openssl-1.0.0b-aesni.patch
|
Patch52: openssl-1.0.0b-aesni.patch
|
||||||
Patch53: openssl-1.0.0-name-hash.patch
|
Patch53: openssl-1.0.0-name-hash.patch
|
||||||
Patch54: openssl-1.0.0c-speed-fips.patch
|
Patch54: openssl-1.0.0c-speed-fips.patch
|
||||||
@ -429,6 +429,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
|||||||
%postun -p /sbin/ldconfig
|
%postun -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jan 19 2012 Tomas Mraz <tmraz@redhat.com> 1.0.0g-1
|
||||||
|
- new upstream release fixing CVE-2012-0050 - DoS regression in
|
||||||
|
DTLS support introduced by the previous release (#782795)
|
||||||
|
|
||||||
* Thu Jan 5 2012 Tomas Mraz <tmraz@redhat.com> 1.0.0f-1
|
* Thu Jan 5 2012 Tomas Mraz <tmraz@redhat.com> 1.0.0f-1
|
||||||
- new upstream release fixing multiple CVEs
|
- new upstream release fixing multiple CVEs
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user