From 5675d07a144aa1a6c85f488a95aeea7854e86059 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 9 Jul 2015 17:25:58 +0200 Subject: [PATCH] minor upstream release 1.0.2d fixing a high severity security issue --- .gitignore | 1 + ....0.2a-manfix.patch => openssl-1.0.2d-manfix.patch | 12 ------------ openssl.spec | 9 ++++++--- sources | 2 +- 4 files changed, 8 insertions(+), 16 deletions(-) rename openssl-1.0.2a-manfix.patch => openssl-1.0.2d-manfix.patch (87%) diff --git a/.gitignore b/.gitignore index c044edf..999c732 100644 --- a/.gitignore +++ b/.gitignore @@ -24,3 +24,4 @@ openssl-1.0.0a-usa.tar.bz2 /openssl-1.0.1k-hobbled.tar.xz /openssl-1.0.2a-hobbled.tar.xz /openssl-1.0.2c-hobbled.tar.xz +/openssl-1.0.2d-hobbled.tar.xz diff --git a/openssl-1.0.2a-manfix.patch b/openssl-1.0.2d-manfix.patch similarity index 87% rename from openssl-1.0.2a-manfix.patch rename to openssl-1.0.2d-manfix.patch index 91071b0..b509a2b 100644 --- a/openssl-1.0.2a-manfix.patch +++ b/openssl-1.0.2d-manfix.patch @@ -79,15 +79,3 @@ diff -up openssl-1.0.2a/doc/apps/s_server.pod.manfix openssl-1.0.2a/doc/apps/s_s these options disable the use of certain SSL or TLS protocols. By default the initial handshake uses a method which should be compatible with all -diff -up openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod.manfix openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod ---- openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod.manfix 2015-03-19 14:30:36.000000000 +0100 -+++ openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod 2015-04-22 20:12:43.082395251 +0200 -@@ -2,7 +2,7 @@ - - =head1 NAME - --SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file -+SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file - load serverinfo extensions - - =head1 SYNOPSIS - diff --git a/openssl.spec b/openssl.spec index 5d2753c..97458b9 100644 --- a/openssl.spec +++ b/openssl.spec @@ -22,8 +22,8 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl -Version: 1.0.2c -Release: 3%{?dist} +Version: 1.0.2d +Release: 1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -70,7 +70,7 @@ Patch65: openssl-1.0.2a-chil-fixes.patch Patch66: openssl-1.0.2a-pkgconfig-krb5.patch Patch68: openssl-1.0.2a-secure-getenv.patch Patch70: openssl-1.0.2a-fips-ec.patch -Patch71: openssl-1.0.2a-manfix.patch +Patch71: openssl-1.0.2d-manfix.patch Patch72: openssl-1.0.2a-fips-ctor.patch Patch73: openssl-1.0.2c-ecc-suiteb.patch Patch74: openssl-1.0.2a-no-md5-verify.patch @@ -474,6 +474,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* %postun libs -p /sbin/ldconfig %changelog +* Thu Jul 9 2015 Tomáš Mráz 1.0.2d-1 +- minor upstream release 1.0.2d fixing a high severity security issue + * Tue Jul 7 2015 Tomáš Mráz 1.0.2c-3 - fix the aarch64 build diff --git a/sources b/sources index c5a84d6..172dba7 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -178792e60274974ec47aedc6dc5eba7a openssl-1.0.2c-hobbled.tar.xz +e777c33ca529b963d5457a21cb11d6c3 openssl-1.0.2d-hobbled.tar.xz