.gitignore

@@ -1,4 +1 @@
-/xmlsec1-1.2.36.tar.gz
+/xmlsec1-1.2.25.tar.gz
-/xmlsec1-1.2.37.tar.gz
-/xmlsec1-1.3.0.tar.gz
-/xmlsec1-1.2.39.tar.gz

0001-Conditional-include-for-openssl-engines.patch

@@ -1,26 +0,0 @@
-From 57e7e5eb0f9cbc8db2418bf7df6be0d70739408c Mon Sep 17 00:00:00 2001
-From: Tomas Halman <thalman@redhat.com>
-Date: Mon, 29 Jul 2024 12:08:50 +0200
-Subject: [PATCH] Conditional include for openssl engines
-
----
- src/openssl/app.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/openssl/app.c b/src/openssl/app.c
-index e68011be..11ca8f9a 100644
---- a/src/openssl/app.c
-+++ b/src/openssl/app.c
-@@ -24,7 +24,9 @@
- #include <openssl/pem.h>
- #include <openssl/pkcs12.h>
- #include <openssl/conf.h>
-+#if !defined(OPENSSL_NO_ENGINE) && (!defined(XMLSEC_OPENSSL_API_300) || defined(XMLSEC_OPENSSL3_ENGINES))
- #include <openssl/engine.h>
-+#endif /* !defined(OPENSSL_NO_ENGINE) && (!defined(XMLSEC_OPENSSL_API_300) || defined(XMLSEC_OPENSSL3_ENGINES)) */
- #include <openssl/ui.h>
- 
- #include <xmlsec/xmlsec.h>
--- 
-2.45.0
-

0001-resource-leaks.patch

@@ -0,0 +1,88 @@
+diff -up xmlsec1-1.2.25/src/c14n.c.orig xmlsec1-1.2.25/src/c14n.c
+--- xmlsec1-1.2.25/src/c14n.c.orig	2017-09-12 15:21:09.000000000 +0200
++++ xmlsec1-1.2.25/src/c14n.c	2024-05-14 09:55:35.800202266 +0200
+@@ -228,7 +228,10 @@ xmlSecTransformC14NPushXml(xmlSecTransfo
+     /* we are using a semi-hack here: we know that xmlSecPtrList keeps
+      * all pointers in the big array */
+     nsList = xmlSecTransformC14NGetNsList(transform);
+-    xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
++    if (! xmlSecPtrListCheckId(nsList, xmlSecStringListId)) {
++        xmlOutputBufferClose(buf);
++        xmlSecAssert2(0, -1);
++    };
+ 
+     ret = xmlSecTransformC14NExecute(transform->id, nodes, (xmlChar**)(nsList->data), buf);
+     if(ret < 0) {
+@@ -292,7 +295,10 @@ xmlSecTransformC14NPopBin(xmlSecTransfor
+         /* we are using a semi-hack here: we know that xmlSecPtrList keeps
+          * all pointers in the big array */
+         nsList = xmlSecTransformC14NGetNsList(transform);
+-        xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
++        if (! xmlSecPtrListCheckId(nsList, xmlSecStringListId)) {
++            xmlOutputBufferClose(buf);
++            xmlSecAssert2(0, -1);
++        }
+ 
+         ret = xmlSecTransformC14NExecute(transform->id, transform->inNodes, (xmlChar**)(nsList->data), buf);
+         if(ret < 0) {
+@@ -732,4 +738,3 @@ xmlSecTransformId
+ xmlSecTransformRemoveXmlTagsC14NGetKlass(void) {
+     return(&xmlSecTransformRemoveXmlTagsC14NKlass);
+ }
+-
+diff -up xmlsec1-1.2.25/src/gcrypt/asymkeys.c.orig xmlsec1-1.2.25/src/gcrypt/asymkeys.c
+--- xmlsec1-1.2.25/src/gcrypt/asymkeys.c.orig	2017-09-12 15:21:09.000000000 +0200
++++ xmlsec1-1.2.25/src/gcrypt/asymkeys.c	2024-05-14 09:55:35.801202265 +0200
+@@ -186,6 +186,9 @@ xmlSecGCryptAsymKeyDataAdoptKey(xmlSecKe
+     pub_key = NULL; /* data owns it now */
+     priv_key = NULL; /* data owns it now */
+ 
++    /* Adopt functions assume ownership thus the caller would expect this to be released */
++    gcry_sexp_release(key_pair);
++
+     /* success */
+     res = 0;
+ 
+diff -up xmlsec1-1.2.25/src/parser.c.orig xmlsec1-1.2.25/src/parser.c
+--- xmlsec1-1.2.25/src/parser.c.orig	2017-09-12 15:21:09.000000000 +0200
++++ xmlsec1-1.2.25/src/parser.c	2024-05-14 09:55:35.802202264 +0200
+@@ -354,7 +354,6 @@ xmlDocPtr
+ xmlSecParseFile(const char *filename) {
+     xmlParserCtxtPtr ctxt;
+     xmlDocPtr res = NULL;
+-    char *directory = NULL;
+     int ret;
+ 
+     xmlSecAssert2(filename != NULL, NULL);
+@@ -371,23 +370,15 @@ xmlSecParseFile(const char *filename) {
+     /* crashes on x64 xmlCtxtUseOptions (ctxt, XML_PARSE_HUGE); */
+ 
+     /* todo: set directories from current doc? */
+-    if ((ctxt->directory == NULL) && (directory == NULL)) {
+-        directory = xmlParserGetDirectory(filename);
+-        if(directory == NULL) {
++    if (ctxt->directory == NULL) {
++        ctxt->directory = xmlParserGetDirectory(filename);
++        if(ctxt->directory == NULL) {
+             xmlSecXmlError2("xmlParserGetDirectory", NULL,
+                             "filename=%s", xmlSecErrorsSafeString(filename));
+             xmlFreeParserCtxt(ctxt);
+             return(NULL);
+         }
+     }
+-    if ((ctxt->directory == NULL) && (directory != NULL)) {
+-        ctxt->directory = (char *) xmlStrdup(BAD_CAST directory);
+-        if(ctxt->directory == NULL) {
+-            xmlSecStrdupError(BAD_CAST directory, NULL);
+-            xmlFreeParserCtxt(ctxt);
+-            return(NULL);
+-        }
+-    }
+ 
+     /* required for c14n! */
+     ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
+@@ -547,4 +538,3 @@ xmlSecParseMemory(const xmlSecByte *buff
+     xmlFreeParserCtxt(ctxt);
+     return(res);
+ }
+-

gating.yaml

@@ -1,6 +1,6 @@
 --- !Policy
 product_versions:
-  - rhel-10
+  - rhel-8
 decision_context: osci_compose_gate
 rules:
   - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

plans/all.fmf

@@ -1,17 +0,0 @@
-summary: Run gating tests
-discover:
-  how: fmf
-  dist-git-source: true
-  dist-git-type: centos
-prepare:
-  - how: install
-    package:
-      - dnf-plugins-core
-  - how: install
-    package:
-      - xmlsec1
-      - git
-
-execute:
-  how: tmt
-

sources

@@ -1 +1 @@
-SHA512 (xmlsec1-1.2.39.tar.gz) = bc8457bca8ada87c12d3be685bf8ad805f102b4ac1265e257ba12137e0430783973f27d22bfcb7559be5e89cb4c01b3556488fa641fc7c9d8f403972fdc8f2f7
+SHA512 (xmlsec1-1.2.25.tar.gz) = ac61547a1cbf9016d7f75be3dc5249d6bc8a526bc51715e53ede13f056c1c72c57433a6be200c886000a25826c3e473954ded3ae988f25d37ac4ef4d777c66a6

tests/scripts/main.fmf

@@ -1,6 +0,0 @@
-summary: Run xmlsec1 gating tests
-require:
-  - git
-test: ./run_tests.sh
-duration: 30m
-

tests/tests.yml

@@ -4,7 +4,7 @@
     tags:
     - classic
     tests:
-    - xmlsec1:
+    - mod_auth_mellon:
         dir: scripts
         run: ./run_tests.sh
     required_packages:

xmlSecOpenSSLX509DataNodeRead-error.patch

@@ -0,0 +1,55 @@
+Please see this bug report for full details:
+https://github.com/lsh123/xmlsec/issues/164
+
+commit e303e077fb3e13654ba711b2816ff1a94247338b
+Author: lsh123 <aleksey@aleksey.com>
+Date:   Wed Apr 11 17:13:43 2018 -1000
+
+    Add missing return(-1). (#165)
+    
+    Fixed issue #164. All other crypto libraries are ok.
+
+diff --git a/src/openssl/x509.c b/src/openssl/x509.c
+index 15fe70db..b98e62d1 100644
+--- a/src/openssl/x509.c
++++ b/src/openssl/x509.c
+@@ -870,6 +870,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
+                 xmlSecInternalError2("xmlSecOpenSSLX509CertificateNodeRead",
+                                      xmlSecKeyDataGetName(data),
+                                      "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
++                return(-1);
+             }
+         } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
+             ret = xmlSecOpenSSLX509SubjectNameNodeRead(data, cur, keyInfoCtx);
+@@ -877,6 +878,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
+                 xmlSecInternalError2("xmlSecOpenSSLX509SubjectNameNodeRead",
+                                      xmlSecKeyDataGetName(data),
+                                      "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
++                return(-1);
+             }
+         } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
+             ret = xmlSecOpenSSLX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
+@@ -884,6 +886,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
+                 xmlSecInternalError2("xmlSecOpenSSLX509IssuerSerialNodeRead",
+                                      xmlSecKeyDataGetName(data),
+                                      "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
++                return(-1);
+             }
+         } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
+             ret = xmlSecOpenSSLX509SKINodeRead(data, cur, keyInfoCtx);
+@@ -891,6 +894,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
+                 xmlSecInternalError2("xmlSecOpenSSLX509SKINodeRead",
+                                      xmlSecKeyDataGetName(data),
+                                      "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
++                return(-1);
+             }
+         } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
+             ret = xmlSecOpenSSLX509CRLNodeRead(data, cur, keyInfoCtx);
+@@ -898,6 +902,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
+                 xmlSecInternalError2("xmlSecOpenSSLX509CRLNodeRead",
+                                      xmlSecKeyDataGetName(data),
+                                      "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
++                return(-1);
+             }
+         } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
+             /* laxi schema validation: ignore unknown nodes */

xmlsec1.spec

@@ -1,27 +1,25 @@
 Summary: Library providing support for "XML Signature" and "XML Encryption" standards
 Name: xmlsec1
-Version: 1.2.39
+Version: 1.2.25
-Release: 3%{?dist}%{?extra_release}
+Release: 8%{?dist}%{?extra_release}
-Epoch: 1
 License: MIT
-Source0: https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.tar.gz
+Source0: http://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.tar.gz
 URL: http://www.aleksey.com/xmlsec/
-
-Patch0: 0001-Conditional-include-for-openssl-engines.patch
-
-BuildRequires: make
 BuildRequires: pkgconfig(libxml-2.0) >= 2.8.0
 BuildRequires: pkgconfig(libxslt) >= 1.0.20
-BuildRequires: pkgconfig(openssl) >= 3.0.0
+BuildRequires: pkgconfig(openssl) >= 1.0.0
-BuildRequires: pkgconfig(nss) >= 3.49.0
+BuildRequires: pkgconfig(nss) >= 3.11.1
-BuildRequires: pkgconfig(nspr) >= 4.25.0
+BuildRequires: pkgconfig(nspr) >= 4.4.1
+BuildRequires: libgcrypt-devel >= 1.4.0
+BuildRequires: pkgconfig(gnutls) >= 2.8.0
 BuildRequires: libtool-ltdl-devel
 # autoreconf stuff
 BuildRequires: autoconf
 BuildRequires: automake
 BuildRequires: gettext-devel
 BuildRequires: libtool
-# BuildRequires: openssl-devel-engine
+Patch0: 0001-resource-leaks.patch
+Patch1: xmlSecOpenSSLX509DataNodeRead-error.patch
 
 %description
 XML Security Library is a C library based on LibXML2  and OpenSSL.
@@ -30,7 +28,7 @@ standards "XML Digital Signature" and "XML Encryption".
 
 %package devel
 Summary: Libraries, includes, etc. to develop applications with XML Digital Signatures and XML Encryption support.
-Requires: xmlsec1%{?_isa} = 1:%{version}-%{release}
+Requires: xmlsec1%{?_isa} = %{version}-%{release}
 Requires: openssl-devel%{?_isa} >= 1.0.0
 
 %description devel
@@ -39,7 +37,7 @@ Signatures and XML Encryption support.
 
 %package openssl
 Summary: OpenSSL crypto plugin for XML Security Library
-Requires: xmlsec1%{?_isa} = 1:%{version}-%{release}
+Requires: xmlsec1%{?_isa} = %{version}-%{release}
 
 %description openssl
 OpenSSL plugin for XML Security Library provides OpenSSL based crypto services
@@ -47,15 +45,50 @@ for the xmlsec library.
 
 %package openssl-devel
 Summary: OpenSSL crypto plugin for XML Security Library
-Requires: xmlsec1-devel%{?_isa} = 1:%{version}-%{release}
+Requires: xmlsec1-devel%{?_isa} = %{version}-%{release}
-Requires: xmlsec1-openssl%{?_isa} = 1:%{version}-%{release}
+Requires: xmlsec1-openssl%{?_isa} = %{version}-%{release}
 
 %description openssl-devel
 Libraries, includes, etc. for developing XML Security applications with OpenSSL
 
+%package gcrypt
+Summary: GCrypt crypto plugin for XML Security Library
+Requires: xmlsec1%{?_isa} = %{version}-%{release}
+
+%description gcrypt
+GCrypt plugin for XML Security Library provides GCrypt based crypto services
+for the xmlsec library.
+
+%package gcrypt-devel
+Summary: GCrypt crypto plugin for XML Security Library
+Requires: xmlsec1-devel%{?_isa} = %{version}-%{release}
+Requires: xmlsec1-gnutls-devel%{?_isa} = %{version}-%{release}
+
+%description gcrypt-devel
+Libraries, includes, etc. for developing XML Security applications with GCrypt.
+
+%package gnutls
+Summary: GNUTls crypto plugin for XML Security Library
+Requires: xmlsec1%{?_isa} = %{version}-%{release}
+Requires: xmlsec1-gcrypt%{?_isa} = %{version}-%{release}
+
+%description gnutls
+GNUTls plugin for XML Security Library provides GNUTls based crypto services
+for the xmlsec library.
+
+%package gnutls-devel
+Summary: GNUTls crypto plugin for XML Security Library
+Requires: xmlsec1-devel%{?_isa} = %{version}-%{release}
+Requires: xmlsec1-openssl-devel%{?_isa} = %{version}-%{release}
+Requires: libgcrypt-devel%{?_isa} >= 1.2.0
+Requires: gnutls-devel%{?_isa} >= 1.0.20
+
+%description gnutls-devel
+Libraries, includes, etc. for developing XML Security applications with GNUTls.
+
 %package nss
 Summary: NSS crypto plugin for XML Security Library
-Requires: xmlsec1%{?_isa} = 1:%{version}-%{release}
+Requires: xmlsec1%{?_isa} = %{version}-%{release}
 
 %description nss
 NSS plugin for XML Security Library provides NSS based crypto services
@@ -63,8 +96,8 @@ for the xmlsec library
 
 %package nss-devel
 Summary: NSS crypto plugin for XML Security Library
-Requires: xmlsec1-devel%{?_isa} = 1:%{version}-%{release}
+Requires: xmlsec1-devel%{?_isa} = %{version}-%{release}
-Requires: xmlsec1-nss%{?_isa} = 1:%{version}-%{release}
+Requires: xmlsec1-nss%{?_isa} = %{version}-%{release}
 
 %description nss-devel
 Libraries, includes, etc. for developing XML Security applications with NSS.
@@ -91,10 +124,11 @@ rm -rf __tmp_doc ; mkdir __tmp_doc
 mv %{buildroot}%{_docdir}/xmlsec1/* __tmp_doc
 
 %ldconfig_scriptlets
+%ldconfig_scriptlets gnutls
 %ldconfig_scriptlets openssl
 
 %files
-%doc AUTHORS ChangeLog NEWS Copyright
+%doc AUTHORS ChangeLog NEWS README Copyright
 %{_mandir}/man1/xmlsec1.1*
 %{_libdir}/libxmlsec1.so.*
 %{_bindir}/xmlsec1
@@ -103,7 +137,9 @@ mv %{buildroot}%{_docdir}/xmlsec1/* __tmp_doc
 %{_bindir}/xmlsec1-config
 %dir %{_includedir}/xmlsec1
 %dir %{_includedir}/xmlsec1/xmlsec
+%dir %{_includedir}/xmlsec1/xmlsec/private
 %{_includedir}/xmlsec1/xmlsec/*.h
+%{_includedir}/xmlsec1/xmlsec/private/*.h
 %{_libdir}/libxmlsec1.so
 %{_libdir}/pkgconfig/xmlsec1.pc
 %{_libdir}/xmlsec1Conf.sh
@@ -119,6 +155,22 @@ mv %{buildroot}%{_docdir}/xmlsec1/* __tmp_doc
 %{_includedir}/xmlsec1/xmlsec/openssl/
 %{_libdir}/pkgconfig/xmlsec1-openssl.pc
 
+%files gcrypt
+%{_libdir}/libxmlsec1-gcrypt.so.*
+%{_libdir}/libxmlsec1-gcrypt.so
+
+%files gcrypt-devel
+%{_includedir}/xmlsec1/xmlsec/gcrypt/
+%{_libdir}/pkgconfig/xmlsec1-gcrypt.pc
+
+%files gnutls
+%{_libdir}/libxmlsec1-gnutls.so.*
+%{_libdir}/libxmlsec1-gnutls.so
+
+%files gnutls-devel
+%{_includedir}/xmlsec1/xmlsec/gnutls/
+%{_libdir}/pkgconfig/xmlsec1-gnutls.pc
+
 %files nss
 %{_libdir}/libxmlsec1-nss.so.*
 %{_libdir}/libxmlsec1-nss.so
@@ -128,94 +180,21 @@ mv %{buildroot}%{_docdir}/xmlsec1/* __tmp_doc
 %{_libdir}/pkgconfig/xmlsec1-nss.pc
 
 %changelog
-* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1:1.2.39-3
+* Fri May 31 2024 Tomas Halman <thalman@redhat.com> - 1.2.25-8
-- Bump release for October 2024 mass rebuild:
-  Resolves: RHEL-64018
-
-* Tue Jul 30 2024 Tomas Halman <thalman@redhat.com> - 1.2.39-2
 - Add gating tests
+  Related: RHEL-36185
 
-* Mon Jul 29 2024 Tomas Halman <thalman@redhat.com> - 1.2.39-1
+* Mon May 20 2024 Tomas Halman <thalman@redhat.com> - 1.2.25-7
-- Resolves: RHEL-46771
+- Fix adopt function the same way as in upstream
-  Rebase to version 1.2.39
+  Related: RHEL-36185
-  Fix openssl engine dependency
-  Stop building gcrypt and gnutls implementations
 
-* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1:1.2.37-8
+* Fri May 17 2024 Tomas Halman <thalman@redhat.com> - 1.2.25-6
-- Bump release for June 2024 mass rebuild
+- Add xmlsec1-gnutls dependency on xmlsec1-gcrypt
+  Related: RHEL-36185
 
-* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.2.37-7
+* Mon May 13 2024 Tomas Halman <thalman@redhat.com> - 1.2.25-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+- Fix memory leaks found by SAST
-
+  Resolves: RHEL-36185
-* Wed Dec 13 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 1:1.2.37-6
-- Fix build with libxml2-2.12.0
-
-* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.2.37-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
-
-* Thu Jun 22 2023 Tomas Halman <thalman@redhat.com> - 1.2.37-4
-- Resolves: rhbz#2187631 - Cannot load modules/mod_auth_mellon.so
-  Revert to previous version
-
-* Fri Apr 14 2023 Tomas Halman <thalman@redhat.com> - 1.3.0-1
-- Resolves: rhbz#2186304 - rebase to version 1.3.0
-
-* Tue Mar 7 2023 Tomas Halman <thalman@redhat.com> - 1.2.37-3
-- migrated to SPDX license
-
-* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.37-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
-
-* Tue Nov 29 2022 Tomas Halman <thalman@redhat.com> - 1.2.37-1
-- Resolves: rhbz#2149129 latest upstream release
-
-* Tue Nov 08 2022 Caolán McNamara <caolanm@redhat.com> - 1.2.36-1
-- Resolves: rhbz#2138484 latest upstream release
-
-* Thu Oct 27 2022 Caolán McNamara <caolanm@redhat.com> - 1.2.35-1
-- Resolves: rhbz#2137430 latest upstream release
-
-* Mon Oct 24 2022 David King <amigadave@amigadave.com> - 1.2.34-3
-- Rebuild against libxml2 (#2136800)
-
-* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.34-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
-
-* Wed May 18 2022 Caolán McNamara <caolanm@redhat.com> - 1.2.34-1
-- Resolves: rhbz#2081413 latest upstream release
-
-* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.33-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-
-* Sun Nov 14 2021 Caolán McNamara <caolanm@redhat.com> - 1.2.33-1
-- Resolves: rhbz#1826433 latest upstream release
-
-* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.2.29-5
-- Rebuilt with OpenSSL 3.0.0
-
-* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.29-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
-
-* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.29-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.29-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Wed Jan 29 2020 Caolán McNamara <caolanm@redhat.com> - 1.2.29-1
-- New upstream release
-
-* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.27-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.27-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Tue Oct 23 2018 Simo Sorce <simo@redhat.com> - 1.2.27-1
-- New upstream release
-
-* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.25-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 
 * Thu Apr 12 2018 John Dennis <jdennis@redhat.com> - 1.2.25-4
 - Resolves: rhbz#1566748