Rebase to upstream version 3.0.5
Also fixes CVE-2022-2097, which only affects i686. Related: rhbz#2099972 Signed-off-by: Clemens Lang <cllang@redhat.com>
This commit is contained in:
Clemens Lang
parent
8a03afa13c
commit
32908974c2
1
.gitignore
vendored
1
.gitignore
vendored
@ -55,3 +55,4 @@ openssl-1.0.0a-usa.tar.bz2
|
|||||||
/openssl-3.0.0-hobbled.tar.xz
|
/openssl-3.0.0-hobbled.tar.xz
|
||||||
/openssl-3.0.2-hobbled.tar.gz
|
/openssl-3.0.2-hobbled.tar.gz
|
||||||
/openssl-3.0.3-hobbled.tar.gz
|
/openssl-3.0.3-hobbled.tar.gz
|
||||||
|
/openssl-3.0.5-hobbled.tar.xz
|
||||||
|
|||||||
@ -1,38 +0,0 @@
|
|||||||
diff --git a/test/certs/embeddedSCTs1_issuer.pem b/test/certs/embeddedSCTs1_issuer.pem
|
|
||||||
index 1fa449d5a098..6aa9455f09ed 100644
|
|
||||||
--- a/test/certs/embeddedSCTs1_issuer.pem
|
|
||||||
+++ b/test/certs/embeddedSCTs1_issuer.pem
|
|
||||||
@@ -1,18 +1,18 @@
|
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
-MIIC0DCCAjmgAwIBAgIBADANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJHQjEk
|
|
||||||
+MIIC0jCCAjugAwIBAgIBADANBgkqhkiG9w0BAQsFADBVMQswCQYDVQQGEwJHQjEk
|
|
||||||
MCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENBMQ4wDAYDVQQIEwVX
|
|
||||||
-YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAeFw0xMjA2MDEwMDAwMDBaFw0yMjA2MDEw
|
|
||||||
-MDAwMDBaMFUxCzAJBgNVBAYTAkdCMSQwIgYDVQQKExtDZXJ0aWZpY2F0ZSBUcmFu
|
|
||||||
-c3BhcmVuY3kgQ0ExDjAMBgNVBAgTBVdhbGVzMRAwDgYDVQQHEwdFcncgV2VuMIGf
|
|
||||||
-MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVimhTYhCicRmTbneDIRgcKkATxtB7
|
|
||||||
-jHbrkVfT0PtLO1FuzsvRyY2RxS90P6tjXVUJnNE6uvMa5UFEJFGnTHgW8iQ8+EjP
|
|
||||||
-KDHM5nugSlojgZ88ujfmJNnDvbKZuDnd/iYx0ss6hPx7srXFL8/BT/9Ab1zURmnL
|
|
||||||
-svfP34b7arnRsQIDAQABo4GvMIGsMB0GA1UdDgQWBBRfnYgNyHPmVNT4DdjmsMEk
|
|
||||||
-tEfDVTB9BgNVHSMEdjB0gBRfnYgNyHPmVNT4DdjmsMEktEfDVaFZpFcwVTELMAkG
|
|
||||||
-A1UEBhMCR0IxJDAiBgNVBAoTG0NlcnRpZmljYXRlIFRyYW5zcGFyZW5jeSBDQTEO
|
|
||||||
-MAwGA1UECBMFV2FsZXMxEDAOBgNVBAcTB0VydyBXZW6CAQAwDAYDVR0TBAUwAwEB
|
|
||||||
-/zANBgkqhkiG9w0BAQUFAAOBgQAGCMxKbWTyIF4UbASydvkrDvqUpdryOvw4BmBt
|
|
||||||
-OZDQoeojPUApV2lGOwRmYef6HReZFSCa6i4Kd1F2QRIn18ADB8dHDmFYT9czQiRy
|
|
||||||
-f1HWkLxHqd81TbD26yWVXeGJPE3VICskovPkQNJ0tU4b03YmnKliibduyqQQkOFP
|
|
||||||
-OwqULg==
|
|
||||||
+YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAgFw0yMjA2MDExMDM4MDJaGA8yMTIyMDUw
|
|
||||||
+ODEwMzgwMlowVTELMAkGA1UEBhMCR0IxJDAiBgNVBAoTG0NlcnRpZmljYXRlIFRy
|
|
||||||
+YW5zcGFyZW5jeSBDQTEOMAwGA1UECBMFV2FsZXMxEDAOBgNVBAcTB0VydyBXZW4w
|
|
||||||
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANWKaFNiEKJxGZNud4MhGBwqQBPG
|
|
||||||
+0HuMduuRV9PQ+0s7UW7Oy9HJjZHFL3Q/q2NdVQmc0Tq68xrlQUQkUadMeBbyJDz4
|
|
||||||
+SM8oMczme6BKWiOBnzy6N+Yk2cO9spm4Od3+JjHSyzqE/HuytcUvz8FP/0BvXNRG
|
|
||||||
+acuy98/fhvtqudGxAgMBAAGjga8wgawwHQYDVR0OBBYEFF+diA3Ic+ZU1PgN2Oaw
|
|
||||||
+wSS0R8NVMH0GA1UdIwR2MHSAFF+diA3Ic+ZU1PgN2OawwSS0R8NVoVmkVzBVMQsw
|
|
||||||
+CQYDVQQGEwJHQjEkMCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENB
|
|
||||||
+MQ4wDAYDVQQIEwVXYWxlczEQMA4GA1UEBxMHRXJ3IFdlboIBADAMBgNVHRMEBTAD
|
|
||||||
+AQH/MA0GCSqGSIb3DQEBCwUAA4GBAD0aYh9OkFYfXV7kBfhrtD0PJG2U47OV/1qq
|
|
||||||
++uFpqB0S1WO06eJT0pzYf1ebUcxjBkajbJZm/FHT85VthZ1lFHsky87aFD8XlJCo
|
|
||||||
+2IOhKOkvvWKPUdFLoO/ZVXqEVKkcsS1eXK1glFvb07eJZya3JVG0KdMhV2YoDg6c
|
|
||||||
+Doud4XrO
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
10
openssl.spec
10
openssl.spec
@ -14,13 +14,13 @@
|
|||||||
|
|
||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 3.0.3
|
Version: 3.0.5
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
# The original openssl upstream tarball cannot be shipped in the .src.rpm.
|
# The original openssl upstream tarball cannot be shipped in the .src.rpm.
|
||||||
Source: openssl-%{version}-hobbled.tar.gz
|
Source: openssl-%{version}-hobbled.tar.xz
|
||||||
Source1: hobble-openssl
|
Source1: hobble-openssl
|
||||||
Source2: Makefile.certificate
|
Source2: Makefile.certificate
|
||||||
Source3: genpatches
|
Source3: genpatches
|
||||||
@ -83,8 +83,6 @@ Patch53: 0053-Add-SHA1-probes.patch
|
|||||||
# The patch is incorporated in 3.0.3 but we provide this function since 3.0.1
|
# The patch is incorporated in 3.0.3 but we provide this function since 3.0.1
|
||||||
# so the patch should persist
|
# so the patch should persist
|
||||||
Patch56: 0056-strcasecmp.patch
|
Patch56: 0056-strcasecmp.patch
|
||||||
# https://github.com/openssl/openssl/pull/18444
|
|
||||||
Patch58: 0058-replace-expired-certs.patch
|
|
||||||
|
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
URL: http://www.openssl.org/
|
URL: http://www.openssl.org/
|
||||||
@ -416,6 +414,10 @@ install -m644 %{SOURCE9} \
|
|||||||
%ldconfig_scriptlets libs
|
%ldconfig_scriptlets libs
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Jul 05 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.5-1
|
||||||
|
- Rebase to upstream version 3.0.5
|
||||||
|
Related: rhbz#2099972, CVE-2022-2097
|
||||||
|
|
||||||
* Wed Jun 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.3-1
|
* Wed Jun 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.3-1
|
||||||
- Rebase to upstream version 3.0.3
|
- Rebase to upstream version 3.0.3
|
||||||
|
|
||||||
|
|||||||
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (openssl-3.0.3-hobbled.tar.gz) = 474a6309e0457ad33ec4b5f98606ba7ee6fa15dd0abb26a1da80fa37e3fc0ec535b858e03aceb4ce675dcce6a26796c802d8bf8ebb4adc350e6b3ea95810a61b
|
SHA512 (openssl-3.0.5-hobbled.tar.xz) = 2f5531d46a905af8d36bf81c18fa34ccc86f5bd66e6e4227bb17e2f926ef14f78057ab60cd9d55bb9d1bad3d5b56a71170e4a86708fd8352324db2e0747142cf
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user