Overview
Request 1129507 accepted
- Update to 3.2.0
- Remove a hack for bsc#936563
bsc936563_hack.patch (bsc#936563)
- Build with no-ssl3, for details on why this is needed read
require us to patch dependant packages as the relevant
functions are still available (SSLv3_(client|server)_method)
- openssl.keyring: use Matt Caswells current key.
- openSSL 1.0.1j
- openssl.keyring: the 1.0.1i release was done by
- 012-Fix-eckey_priv_encode.patch eckey_priv_encode should
- 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
it is already in RPM_OPT_FLAGS and is replaced by
- Remove the "gmp" and "capi" shared engines, nobody noticed
but they are just dummies that do nothing.
- Use enable-rfc3779 to allow projects such as rpki.net
- openssl-buffreelistbug-aka-CVE-2010-5298.patch fix
- openssl-gcc-attributes.patch: fix thinko, CRYPTO_realloc_clean does
- openssl-gcc-attributes.patch
- additional changes required for FIPS validation( from Fedora repo)
- Remove GCC option "-O3" for compiliation issue of ARM version
Modify files: README-FIPS.txt openssl.spec
Add file: CVE-2013-6450.patch
- Fixed bnc#856687, openssl: crash when using TLS 1.2
Add file: CVE-2013-6449.patch
- 0001-libcrypto-Hide-library-private-symbols.patch
This patch is however not 100% complete, as some private library
symbols are declared in public headers that shall not be touched
- openssl-1.0.1c-ipv6-apps.patch:
- Fix armv6l arch (armv7 was previously used to build armv6 which
Request History
ohollmann created request
- Update to 3.2.0
- Remove a hack for bsc#936563
bsc936563_hack.patch (bsc#936563)
- Build with no-ssl3, for details on why this is needed read
require us to patch dependant packages as the relevant
functions are still available (SSLv3_(client|server)_method)
- openssl.keyring: use Matt Caswells current key.
- openSSL 1.0.1j
- openssl.keyring: the 1.0.1i release was done by
- 012-Fix-eckey_priv_encode.patch eckey_priv_encode should
- 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
it is already in RPM_OPT_FLAGS and is replaced by
- Remove the "gmp" and "capi" shared engines, nobody noticed
but they are just dummies that do nothing.
- Use enable-rfc3779 to allow projects such as rpki.net
- openssl-buffreelistbug-aka-CVE-2010-5298.patch fix
- openssl-gcc-attributes.patch: fix thinko, CRYPTO_realloc_clean does
- openssl-gcc-attributes.patch
- additional changes required for FIPS validation( from Fedora repo)
- Remove GCC option "-O3" for compiliation issue of ARM version
Modify files: README-FIPS.txt openssl.spec
Add file: CVE-2013-6450.patch
- Fixed bnc#856687, openssl: crash when using TLS 1.2
Add file: CVE-2013-6449.patch
- 0001-libcrypto-Hide-library-private-symbols.patch
This patch is however not 100% complete, as some private library
symbols are declared in public headers that shall not be touched
- openssl-1.0.1c-ipv6-apps.patch:
- Fix armv6l arch (armv7 was previously used to build armv6 which
ohollmann accepted request
