Overview
Request 574808 accepted
- Merged changes from upstream openssl (Factory rev 137) into
this fork for steam.
- Remove O3 from optflags, no need to not rely on distro wide settings
- Remove conditions for sle10 and sle11, we care only about sle12+
- USE SUSE instead of SuSE in readme
- Pass over with spec-cleaner
- fix X509_CERT_FILE path (bsc#1022271) and rename
updated openssl-1.0.1e-truststore.diff to openssl-truststore.patch
- Updated to openssl 1.0.2k
- bsc#1009528 / CVE-2016-7055: openssl: Montgomery multiplication may produce incorrect results
- bsc#1019334 / CVE-2016-7056: openssl: ECSDA P-256 timing attack key recovery
- bsc#1022085 / CVE-2017-3731: openssl: Truncated packet could crash via OOB read
- bsc#1022086 / CVE-2017-3732: openssl: BN_mod_exp may produce incorrect results on x86_64
- resume reading from /dev/urandom when interrupted by a signal
(bsc#995075)
* add openssl-randfile_fread_interrupt.patch
- add FIPS changes from SP2:
- fix problems with locking in FIPS mode (bsc#992120)
* duplicates: bsc#991877, bsc#991193, bsc#990392, bsc#990428
and bsc#990207
* bring back openssl-fipslocking.patch
- drop openssl-fips_RSA_compute_d_with_lcm.patch (upstream)
(bsc#984323)
- don't check for /etc/system-fips (bsc#982268)
* add openssl-fips-dont_run_FIPS_module_installed.patch
- Created by AndreasStieger
- In state accepted
Request History
AndreasStieger created request
- Merged changes from upstream openssl (Factory rev 137) into
this fork for steam.
- Remove O3 from optflags, no need to not rely on distro wide settings
- Remove conditions for sle10 and sle11, we care only about sle12+
- USE SUSE instead of SuSE in readme
- Pass over with spec-cleaner
- fix X509_CERT_FILE path (bsc#1022271) and rename
updated openssl-1.0.1e-truststore.diff to openssl-truststore.patch
- Updated to openssl 1.0.2k
- bsc#1009528 / CVE-2016-7055: openssl: Montgomery multiplication may produce incorrect results
- bsc#1019334 / CVE-2016-7056: openssl: ECSDA P-256 timing attack key recovery
- bsc#1022085 / CVE-2017-3731: openssl: Truncated packet could crash via OOB read
- bsc#1022086 / CVE-2017-3732: openssl: BN_mod_exp may produce incorrect results on x86_64
- resume reading from /dev/urandom when interrupted by a signal
(bsc#995075)
* add openssl-randfile_fread_interrupt.patch
- add FIPS changes from SP2:
- fix problems with locking in FIPS mode (bsc#992120)
* duplicates: bsc#991877, bsc#991193, bsc#990392, bsc#990428
and bsc#990207
* bring back openssl-fipslocking.patch
- drop openssl-fips_RSA_compute_d_with_lcm.patch (upstream)
(bsc#984323)
- don't check for /etc/system-fips (bsc#982268)
* add openssl-fips-dont_run_FIPS_module_installed.patch
licensedigger accepted review
ok
maintbot accepted review
ok
MargueriteSu accepted review
MargueriteSu approved review
msmeissn moved maintenance target to openSUSE:Maintenance:7789
msmeissn accepted request
accepted request 574808:Thanks!
For information about the update, see https://build.opensuse.org/project/maintenance_incidents/openSUSE:Maintenance