Commit Graph

49 Commits

Author SHA1 Message Date
Tomas Mraz
837dd04882 minor upstream release 1.0.2c fixing multiple security issues 2015-06-15 18:23:46 +02:00
Tomas Mraz
a1fb602a95 rebase to 1.0.2 branch 2015-04-23 13:57:26 +02:00
Tomas Mraz
7e7e3f299f new upstream release fixing multiple security issues 2015-01-09 10:54:51 +01:00
Tomas Mraz
0a961bb5e3 new upstream release fixing multiple security issues 2014-10-16 14:02:00 +02:00
Tomas Mraz
a78828f786 new upstream release fixing multiple moderate security issues
- for now disable only SSLv2 by default
2014-08-07 16:00:47 +02:00
Tomas Mraz
360a4bb67c new upstream release 1.0.1h 2014-06-05 15:05:17 +02:00
Tomas Mraz
0376d8368c new upstream release 1.0.1g
- do not include ECC ciphersuites in SSLv2 client hello (#1090952)
- fail on hmac integrity check if the .hmac file is empty
2014-05-07 11:42:32 +02:00
Tomas Mraz
b3551463ca only ECC NIST Suite B curves support
- drop -fips subpackage
2013-10-16 14:37:51 +02:00
Tom Callaway
1f19ac14f9 resolve bugzilla 319901 (phew! only took 6 years & 9 days) 2013-10-15 02:08:35 +01:00
Tomas Mraz
dc696fdac4 new upstream version 2013-02-19 13:57:39 +01:00
Tomas Mraz
651215c12b new upstream version 2012-05-15 19:37:55 +02:00
Tomas Mraz
5eb4589d83 new upstream version 2012-04-26 18:10:52 +02:00
Tomas Mraz
e8c18345a4 new upstream version fixing CVE-2012-2110 2012-04-20 12:24:39 +02:00
Tomas Mraz
0f0ab24176 new upstream release 2012-03-14 21:38:58 +01:00
Tomas Mraz
00c4986d53 new upstream release from the 1.0.1 branch
- epoch bumped to 1 due to revert to 1.0.0g on Fedora 17
- fix s390x build (#798411)
- versioning for the SSLeay symbol (#794950)
- add -DPURIFY to build flags (#797323)
- filter engine provides
- split the libraries to a separate -libs package
- add make to requires on the base package (#783446)
2012-02-29 21:54:08 +01:00
Tomas Mraz
ad05b50537 New upstream release from the 1.0.1 branch, ABI compatible
- also add documentation for the -no_ign_eof option
2012-02-07 13:46:42 +01:00
Tomas Mraz
d91aea8890 new upstream release fixing CVE-2012-0050 - DoS regression in
DTLS support introduced by the previous release (#782795)
2012-01-19 16:48:48 +01:00
Tomas Mraz
ea51fee99f Add the new sources. 2012-01-05 16:57:03 +01:00
Tomas Mraz
3447c41c99 new upstream release fixing CVE-2011-3207 (#736088) 2011-09-07 18:27:06 +02:00
Tomas Mraz
4c970c62c5 drop the separate engine for Intel acceleration improvements
and merge in the AES-NI, SHA1, and RC4 optimizations
add support for OPENSSL_DISABLE_AES_NI environment variable
that disables the AES-NI support
2011-08-24 13:12:33 +02:00
Tomas Mraz
5c4fc08e4d add support for newest Intel acceleration improvements backported
from upstream by Intel in form of a separate engine
2011-07-20 14:56:21 +02:00
Tomas Mraz
1caf3ae072 - new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability) 2011-02-10 15:41:44 +01:00
Tomas Mraz
0a5657ab94 - replace the revert for the s390x bignum asm routines with
fix from upstream
2010-12-03 14:19:39 +01:00
Tomas Mraz
2b2423c26b - new upstream version fixing CVE-2010-3864 (#649304) 2010-11-16 18:25:23 +01:00
Tomáš Mráz
1b4b1eaf63 - new upstream patch release, fixes CVE-2010-0742 (#598738) and
CVE-2010-1633 (#598732)
2010-06-04 12:23:14 +00:00
Tomáš Mráz
fa66cf4b52 - update to final 1.0.0 upstream release 2010-03-30 09:37:41 +00:00
Tomáš Mráz
ae5568515b - new upstream release 2010-01-21 08:12:12 +00:00
Tomáš Mráz
aabbc9ad89 - update to new upstream version, no soname bump needed
- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used
    so the compatibility with unfixed clients is not broken. The protocol
    extension is also not final.
2009-11-12 15:51:40 +00:00
Tomáš Mráz
2ccfa6b48f - update to new major upstream release 2009-08-20 14:20:57 +00:00
Tomáš Mráz
a9e5f01ef5 - update to new upstream release (minor bug fixes, security fixes and
machine code optimizations only)
2009-03-25 21:12:41 +00:00
Tomáš Mráz
1d20b5f238 - new upstream version with necessary soname bump (#455753)
- temporarily provide symlink to old soname to make it possible to rebuild
    the dependent packages in rawhide
- add eap-fast support (#428181)
- add possibility to disable zlib by setting
- add fips mode support for testing purposes
- do not null dereference on some invalid smime files
- add buildrequires pkgconfig (#479493)
2009-01-15 09:10:25 +00:00
Tomáš Mráz
3849a1678a - update to latest upstream release, SONAME bumped to 7 2007-12-03 14:24:08 +00:00
Tomáš Mráz
6b8c7ea159 - dropped libica and ica engine from build 2006-06-21 21:14:05 +00:00
Tomáš Mráz
bf80fa7d8e - upgrade to new version, stays ABI compatible 2006-05-11 11:52:19 +00:00
Tomáš Mráz
feb192463e - fix build (-lcrypto was erroneusly dropped) of the updated libica
- updated ICA engine to 1.3.6-rc3
2005-11-29 11:52:11 +00:00
Tomáš Mráz
e96bebc853 - new upstream version
- patches partially renumbered
2005-11-08 13:52:29 +00:00
Tomáš Mráz
2099136c66 - updated IBM ICA engine library and patch to latest upstream version 2005-10-21 13:48:38 +00:00
Tomáš Mráz
632ff532b1 - reenable optimizations on ppc64
- enable assembly code on ia64
- upgrade to new upstream version (no soname bump needed)
- disable thread test - it was testing the backport of the RSA blinding -
    no longer needed
2005-03-30 09:14:37 +00:00
Tomáš Mráz
0448422a83 - rebuild
Mon Feb 28 2005 Tomas Mraz <tmraz@redhat.com> 0.9.7e-1
- new upstream source, updated patches
- added patch so we are hopefully ABI compatible with upcoming
0.9.7f
2005-02-28 21:50:14 +00:00
Phil Knirsch
f577c55009 - Include latest libica version with important bugfixes. 2004-10-05 12:41:13 +00:00
cvsdist
b966cc9f0d auto-import openssl-0.9.7a-34 from openssl-0.9.7a-34.src.rpm 2004-09-09 09:49:16 +00:00
cvsdist
321fa67e1c auto-import changelog data from openssl-0.9.7a-20.src.rpm
Wed Sep 24 2003 Nalin Dahyabhai <nalin@redhat.com> 0.9.7a-20
- only parse a client cert if one was requested
- temporarily exclusivearch for %{ix86}
Tue Sep 23 2003 Nalin Dahyabhai <nalin@redhat.com>
- add security fixes for protocol parsing bugs (CAN-2003-0543,
    CAN-2003-0544) and heap corruption (CAN-2003-0545)
- update RHNS-CA-CERT files
- ease back on the number of threads used in the threading test
Wed Sep 17 2003 Matt Wilson <msw@redhat.com> 0.9.7a-19
- rebuild to fix gzipped file md5sums (#91211)
Mon Aug 25 2003 Phil Knirsch <pknirsch@redhat.com> 0.9.7a-18
- Updated libica to version 1.3.4.
Thu Jul 17 2003 Nalin Dahyabhai <nalin@redhat.com> 0.9.7a-17
- rebuild
Tue Jul 15 2003 Nalin Dahyabhai <nalin@redhat.com> 0.9.7a-10.9
- free the kssl_ctx structure when we free an SSL structure (#99066)
Thu Jul 10 2003 Nalin Dahyabhai <nalin@redhat.com> 0.9.7a-16
- rebuild
Thu Jul 10 2003 Nalin Dahyabhai <nalin@redhat.com> 0.9.7a-15
- lower thread test count on s390x
Tue Jul 08 2003 Nalin Dahyabhai <nalin@redhat.com> 0.9.7a-14
- rebuild
Thu Jun 26 2003 Nalin Dahyabhai <nalin@redhat.com> 0.9.7a-13
- disable assembly on arches where it seems to conflict with threading
Thu Jun 26 2003 Phil Knirsch <pknirsch@redhat.com> 0.9.7a-12
- Updated libica to latest upstream version 1.3.0
2004-09-09 09:45:46 +00:00
cvsdist
e32c11245f auto-import openssl-0.9.7a-2 from openssl-0.9.7a-2.src.rpm 2004-09-09 09:45:17 +00:00
cvsdist
0cfdac5c04 auto-import openssl-0.9.6b-18 from openssl-0.9.6b-18.src.rpm 2004-09-09 09:41:24 +00:00
cvsdist
4f250d3986 auto-import openssl-0.9.6b-15 from openssl-0.9.6b-15.src.rpm 2004-09-09 09:40:40 +00:00
cvsdist
107c5de8ec auto-import openssl-0.9.6b-3 from openssl-0.9.6b-3.src.rpm 2004-09-09 09:39:08 +00:00
cvsdist
821b825f3f auto-import changelog data from openssl-0.9.6-3.src.rpm
Tue Mar 13 2001 Nalin Dahyabhai <nalin@redhat.com>
- use BN_LLONG on s390
Mon Mar 12 2001 Nalin Dahyabhai <nalin@redhat.com>
- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit)
Sat Mar 03 2001 Nalin Dahyabhai <nalin@redhat.com>
- move c_rehash to the perl subpackage, because it's a perl script now
Fri Mar 02 2001 Nalin Dahyabhai <nalin@redhat.com>
- update to 0.9.6
- enable MD2
- use the libcrypto.so and libssl.so targets to build shared libs with
- bump the soversion to 1 because we're no longer compatible with any of
    the various 0.9.5a packages circulating around, which provide lib*.so.0
Wed Feb 28 2001 Florian La Roche <Florian.LaRoche@redhat.de>
- change hobble-openssl for disabling MD2 again
Tue Feb 27 2001 Nalin Dahyabhai <nalin@redhat.com>
- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152
    bytes or so, causing EVP_DigestInit() to zero out stack variables in
    apps built against a version of the library without it
Mon Feb 26 2001 Nalin Dahyabhai <nalin@redhat.com>
- disable some inline assembly, which on x86 is Pentium-specific
- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all)
Thu Feb 08 2001 Florian La Roche <Florian.LaRoche@redhat.de>
- fix s390 patch
Fri Dec 08 2000 Than Ngo <than@redhat.com>
- added support s390
Mon Nov 20 2000 Nalin Dahyabhai <nalin@redhat.com>
- remove -Wa,* and -m* compiler flags from the default Configure file
    (#20656)
- add the CA.pl man page to the perl subpackage
Thu Nov 02 2000 Nalin Dahyabhai <nalin@redhat.com>
- always build with -mcpu=ev5 on alpha
Tue Oct 31 2000 Nalin Dahyabhai <nalin@redhat.com>
- add a symlink from cert.pem to ca-bundle.crt
Wed Oct 25 2000 Nalin Dahyabhai <nalin@redhat.com>
- add a ca-bundle file for packages like Samba to reference for CA
    certificates
Tue Oct 24 2000 Nalin Dahyabhai <nalin@redhat.com>
- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295)
Mon Oct 02 2000 Nalin Dahyabhai <nalin@redhat.com>
- add unzip as a buildprereq (#17662)
- update m2crypto to 0.05-snap4
2004-09-09 09:35:41 +00:00
cvsdist
e21e1846a7 auto-import changelog data from openssl-0.9.5a-14.src.rpm
Thu Sep 21 2000 Nalin Dahyabhai <nalin@redhat.com>
- tweak the makefile some more
- disable MD2 support
- disable MDC2 support
- tweak the makefile
- rework certificate makefile to have the right parts for Apache
- strip binaries and libraries
- enable actual RSA support
- use /usr/bin/perl instead of /usr/bin/perl
- move the passwd.1 man page out of the passwd package's way
- update to 0.9.5a, modified for U.S.
- add perl as a build-time requirement
- disable RC5, IDEA support
- break out python extensions
- byte-compile python extensions without the build-root
- adjust the makefile to not remove temporary files (like .key files when
    building .csr files)
- fix the building of python modules without openssl-devel already
    installed
Wed Mar 01 2000 Florian La Roche <Florian.LaRoche@redhat.de>
- Bero told me to move the Makefile into this package
Wed Mar 01 2000 Florian La Roche <Florian.LaRoche@redhat.de>
- add lib*.so symlinks to link dynamically against shared libs
Tue Feb 29 2000 Florian La Roche <Florian.LaRoche@redhat.de>
- update to 0.9.5
- run ldconfig directly in post/postun
- add FAQ
Sat Dec 18 1999 Bernhard Rosenkrnzer <bero@redhat.de>
- Fix build on non-x86 platforms
Fri Nov 12 1999 Bernhard Rosenkrnzer <bero@redhat.de>
- move /usr/share/ssl/* from -devel to main package
Tue Oct 26 1999 Bernhard Rosenkrnzer <bero@redhat.de>
- inital packaging
- changes from base:
- Move /usr/local/ssl to /usr/share/ssl for FHS compliance
- handle RPM_OPT_FLAGS
2004-09-09 09:35:06 +00:00
cvsdist
877c1bc373 Setup of module openssl 2004-09-09 09:35:04 +00:00