- new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability)

This commit is contained in:
Tomas Mraz 2011-02-10 15:41:44 +01:00
parent ccc6e6f1c6
commit 1caf3ae072
4 changed files with 14 additions and 10 deletions

1
.gitignore vendored
View File

@ -1,3 +1,4 @@
openssl-1.0.0a-usa.tar.bz2
/openssl-1.0.0b-usa.tar.bz2
/openssl-1.0.0c-usa.tar.bz2
/openssl-1.0.0d-usa.tar.bz2

View File

@ -1,22 +1,22 @@
diff -up openssl-1.0.0c/crypto/opensslv.h.version openssl-1.0.0c/crypto/opensslv.h
--- openssl-1.0.0c/crypto/opensslv.h.version 2010-12-03 11:55:54.000000000 +0100
+++ openssl-1.0.0c/crypto/opensslv.h 2010-12-03 11:57:25.000000000 +0100
diff -up openssl-1.0.0d/crypto/opensslv.h.version openssl-1.0.0d/crypto/opensslv.h
--- openssl-1.0.0d/crypto/opensslv.h.version 2011-02-10 14:24:52.000000000 +0100
+++ openssl-1.0.0d/crypto/opensslv.h 2011-02-10 14:48:00.000000000 +0100
@@ -25,7 +25,8 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x1000003f
-#define OPENSSL_VERSION_NUMBER 0x1000004fL
+/* we have to keep the version number to not break the abi */
+#define OPENSSL_VERSION_NUMBER 0x10000003
#ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0c-fips 2 Dec 2010"
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0d-fips 8 Feb 2011"
#else
@@ -83,7 +84,7 @@
* should only keep the versions that are binary compatible with the current.
*/
#define SHLIB_VERSION_HISTORY ""
-#define SHLIB_VERSION_NUMBER "1.0.0"
+#define SHLIB_VERSION_NUMBER "1.0.0c"
+#define SHLIB_VERSION_NUMBER "1.0.0d"
#endif /* HEADER_OPENSSLV_H */

View File

@ -20,8 +20,8 @@
Summary: A general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.0.0c
Release: 4%{?dist}
Version: 1.0.0d
Release: 1%{?dist}
# We remove certain patented algorithms from the openssl source tarball
# with the hobble-openssl script which is included below.
Source: openssl-%{version}-usa.tar.bz2
@ -59,7 +59,7 @@ Patch45: openssl-0.9.8j-env-nozlib.patch
Patch47: openssl-1.0.0-beta5-readme-warning.patch
Patch49: openssl-1.0.0-beta4-algo-doc.patch
Patch50: openssl-1.0.0-beta4-dtls1-abi.patch
Patch51: openssl-1.0.0c-version.patch
Patch51: openssl-1.0.0d-version.patch
Patch52: openssl-1.0.0b-aesni.patch
Patch53: openssl-1.0.0-name-hash.patch
Patch54: openssl-1.0.0c-speed-fips.patch
@ -405,6 +405,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun -p /sbin/ldconfig
%changelog
* Thu Feb 10 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-1
- new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability)
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.0c-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

View File

@ -1 +1 @@
4f47a00408abc9904788ba596992085f openssl-1.0.0c-usa.tar.bz2
531c1627ff9701cb8540ee3bd03de5d7 openssl-1.0.0d-usa.tar.bz2