Dmitry Belyavskiy
3ae0078fd9
Rebase to OpenSSL 3.2.2.
...
Related: RHEL-31762
2024-06-05 18:56:27 +02:00
Sahana Prasad
f4c397c598
Rebase to new upstream release 3.2.1
...
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2024-02-08 13:42:51 +01:00
Sahana Prasad
e331fc1326
Rebase to upstream version 3.1.4
...
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2023-10-26 12:29:21 +02:00
Sahana Prasad
9409bc7044
Rebase to upstream release 3.1.1
...
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2023-07-28 15:26:00 +02:00
Sahana Prasad
477bb5e652
- Upload new upstream sources without manually hobbling them.
...
- Remove the hobbling script as it is redundant. It is now allowed to ship
the sources of patented EC curves, however it is still made unavailable to use
by compiling with the 'no-ec2m' Configure option. The additional forbidden
curves such as P-160, P-192, wap-tls curves are manually removed by updating
0011-Remove-EC-curves.patch.
- Apply the changes to ec_curve.c and ectest.c as a new patch
0010-Add-changes-to-ectest-and-eccurve.patch instead of replacing them.
- Modify 0011-Remove-EC-curves.patch to allow Brainpool curves.
- Modify 0011-Remove-EC-curves.patch to allow code under macro OPENSSL_NO_EC2M.
┊ Resolves: rhbz#2130618, rhbz#2141672
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2023-03-21 14:21:41 +01:00
Dmitry Belyavskiy
194ef7464a
Rebase to upstream version 3.0.8
...
Resolves: CVE-2022-4203
Resolves: CVE-2022-4304
Resolves: CVE-2022-4450
Resolves: CVE-2023-0215
Resolves: CVE-2023-0216
Resolves: CVE-2023-0217
Resolves: CVE-2023-0286
Resolves: CVE-2023-0401
2023-02-09 17:57:19 +01:00
Dmitry Belyavskiy
106fe8964c
- Rebase to upstream version 3.0.7
...
Rebased to openssl-3.0.7 with corresponding minor bugfixes
- C99 compatibility in downstream-only 0032-Force-fips.patch
Resolves: rhbz#2152504
- Adjusting include for the FIPS_mode macro
Resolves: rhbz#2083876
2022-12-23 11:53:21 +01:00
Clemens Lang
32908974c2
Rebase to upstream version 3.0.5
...
Also fixes CVE-2022-2097, which only affects i686.
Related: rhbz#2099972
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-07-07 12:36:41 +02:00
Dmitry Belyavskiy
8a03afa13c
Rebasing to OpenSSL 3.0.3
...
Resolves: rhbz#2091987
2022-06-01 17:29:35 +02:00
Dmitry Belyavskiy
a0bd929a42
Update to openssl 3.0.2
...
Related: rhbz#2064453
2022-03-18 10:41:13 +01:00
Sahana Prasad
347681c6b2
Rebase to upstream version 3.0.0
...
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-09-09 17:27:21 +02:00
Sahana Prasad
0f5f931f9a
update to version 1.1.1k
...
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-03-26 07:37:03 +01:00
Sahana Prasad
b023ffe39f
Upgrade to version 1.1.1.j
...
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2021-03-03 15:08:11 +01:00
Tomas Mraz
a07706cf0e
Update to the 1.1.1i release fixing CVE-2020-1971
2020-12-09 10:49:38 +01:00
Sahana Prasad
3413ff9700
Upgrade to version 1.1.1h
...
Signed-off-by: Sahana Prasad <sahana@redhat.com>
2020-11-09 10:41:15 +01:00
Tomas Mraz
5888d1863e
update to the 1.1.1g release
2020-04-23 13:47:52 +02:00
Tomas Mraz
5004ccfb25
update to the 1.1.1f release
2020-04-07 16:50:53 +02:00
Tomas Mraz
c11b71fd2f
update to the 1.1.1e release
...
add selftest of the RAND_DRBG implementation
fix incorrect error return value from FIPS_selftest_dsa
2020-03-19 17:44:25 +01:00
Tomas Mraz
f6a62c4c2c
update to the 1.1.1d release
2019-09-13 17:25:44 +02:00
Tomas Mraz
31d61b19d5
update to the 1.1.1c release
2019-05-29 17:23:31 +02:00
Tomas Mraz
5cda1ca091
update to the 1.1.1b release
...
EVP_KDF API backport from master
SSH KDF implementation for EVP_KDF API backport from master
2019-02-28 17:01:40 +01:00
Tomas Mraz
301c642c7f
update to the 1.1.1a release
2019-01-15 15:07:49 +01:00
Tomas Mraz
d2c08bab45
Upload the 1.1.1 sources
2018-09-13 09:45:00 +02:00
Tomas Mraz
62ec0f1fa9
update to the latest 1.1.1 beta version
2018-08-22 12:41:26 +02:00
Tomas Mraz
9189f03055
update to the latest 1.1.1 beta version
2018-07-25 18:15:19 +02:00
Tomas Mraz
6eb8f62027
update to upstream version 1.1.0h
...
Add Recommends for openssl-pkcs11
2018-03-29 15:44:09 +02:00
Tomas Mraz
8e2fdfb52a
Uploaded 1.1.0g sources.
2017-11-03 17:07:20 +01:00
Tomas Mraz
1ff978b22e
update to upstream version 1.1.0f
...
SRP and GOST is now allowed, note that GOST support requires
adding GOST engine which is not part of openssl anymore
2017-06-02 15:32:15 +02:00
Tomas Mraz
c676ac32d5
update to upstream version 1.1.0e
...
add documentation of the PROFILE=SYSTEM special cipher string (#1420232 )
2017-02-16 16:59:27 +01:00
Tomas Mraz
c144665042
update to upstream version 1.1.0d
2017-01-26 16:24:24 +01:00
Tomas Mraz
e443a79334
Add back EC NIST P-224 and revert SSL_read() change
...
- revert SSL_read() behavior change - patch from upstream (#1394677 )
- EC curve NIST P-224 is now allowed, still kept disabled in TLS due
to less than optimal security
2016-11-22 10:39:55 +01:00
Tomas Mraz
be56ae067b
update to upstream version 1.1.0c
2016-11-11 14:47:36 +01:00
Tomas Mraz
510bcc2e3a
update to upstream version 1.1.0b
2016-10-11 10:31:54 +02:00
Tomas Mraz
e8261d1b72
minor upstream release 1.0.2j fixing regression from previous release
2016-09-26 12:56:04 +02:00
Tomas Mraz
6e67274c62
minor upstream release 1.0.2i fixing security issues
...
- move man pages for perl based scripts to perl subpackage (#1377617 )
2016-09-22 14:16:05 +02:00
Tomas Mraz
eeb6ac1a65
minor upstream release 1.0.2h fixing security issues
2016-05-03 18:23:18 +02:00
Tom Callaway
589d3ee15b
enable RC5 with permission from Legal
2016-03-07 21:56:55 -06:00
Tomas Mraz
e7a0ff581f
minor upstream release 1.0.2g fixing security issues
2016-03-01 17:22:06 +01:00
Tomas Mraz
1004dabcc6
minor upstream release 1.0.2f fixing security issues
...
- add support for MIPS secondary architecture
2016-01-28 17:12:09 +01:00
Tomas Mraz
4240ecaa1b
minor upstream release 1.0.2e fixing moderate severity security issues
...
- enable fast assembler implementation for NIST P-256 and P-521
elliptic curves (#1164210 )
- filter out unwanted link options from the .pc files (#1257836 )
2015-12-04 14:13:59 +01:00
Tomas Mraz
5675d07a14
minor upstream release 1.0.2d fixing a high severity security issue
2015-07-09 17:25:58 +02:00
Tomas Mraz
837dd04882
minor upstream release 1.0.2c fixing multiple security issues
2015-06-15 18:23:46 +02:00
Tomas Mraz
a1fb602a95
rebase to 1.0.2 branch
2015-04-23 13:57:26 +02:00
Tomas Mraz
7e7e3f299f
new upstream release fixing multiple security issues
2015-01-09 10:54:51 +01:00
Tomas Mraz
0a961bb5e3
new upstream release fixing multiple security issues
2014-10-16 14:02:00 +02:00
Tomas Mraz
a78828f786
new upstream release fixing multiple moderate security issues
...
- for now disable only SSLv2 by default
2014-08-07 16:00:47 +02:00
Tomas Mraz
360a4bb67c
new upstream release 1.0.1h
2014-06-05 15:05:17 +02:00
Tomas Mraz
0376d8368c
new upstream release 1.0.1g
...
- do not include ECC ciphersuites in SSLv2 client hello (#1090952 )
- fail on hmac integrity check if the .hmac file is empty
2014-05-07 11:42:32 +02:00
Tomas Mraz
b3551463ca
only ECC NIST Suite B curves support
...
- drop -fips subpackage
2013-10-16 14:37:51 +02:00
Tom Callaway
1f19ac14f9
resolve bugzilla 319901 (phew! only took 6 years & 9 days)
2013-10-15 02:08:35 +01:00