Overview
Request 1142585 accepted
- New libopenssl-fips-provider package.
- Remove a hack for bsc#936563
bsc936563_hack.patch (bsc#936563)
- Build with no-ssl3, for details on why this is needed read
require us to patch dependant packages as the relevant
functions are still available (SSLv3_(client|server)_method)
- openssl.keyring: use Matt Caswells current key.
- openSSL 1.0.1j
- openssl.keyring: the 1.0.1i release was done by
- 012-Fix-eckey_priv_encode.patch eckey_priv_encode should
- 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
it is already in RPM_OPT_FLAGS and is replaced by
- Remove the "gmp" and "capi" shared engines, nobody noticed
but they are just dummies that do nothing.
- Use enable-rfc3779 to allow projects such as rpki.net
- openssl-buffreelistbug-aka-CVE-2010-5298.patch fix
- openssl-gcc-attributes.patch: fix thinko, CRYPTO_realloc_clean does
- openssl-gcc-attributes.patch
- additional changes required for FIPS validation( from Fedora repo)
- Remove GCC option "-O3" for compiliation issue of ARM version
Modify files: README-FIPS.txt openssl.spec
Add file: CVE-2013-6450.patch
- Fixed bnc#856687, openssl: crash when using TLS 1.2
Add file: CVE-2013-6449.patch
- 0001-libcrypto-Hide-library-private-symbols.patch
This patch is however not 100% complete, as some private library
symbols are declared in public headers that shall not be touched
- openssl-1.0.1c-ipv6-apps.patch:
- Fix armv6l arch (armv7 was previously used to build armv6 which
- Created by pmonrealgonzalez
- In state accepted
- Supersedes 1131206
Can you please tend to the pending security:tls/openssl requests as well
A few packages got fixed
apache2:test_event apache2:test_prefork apache2:test_worker certmonger ibmswtpm2 FIXED [SR#1132697](https://build.opensuse.org/request/show/1132697) nodejs20 FIXED [SR#1120765](https://build.opensuse.org/request/show/1120765) perl-IO-Socket-SSL perl-Net-SSLeay FIXED STAGED [SR#1133779](https://build.opensuse.org/request/show/1133779) python-cheroot python-M2Crypto python-tornado6 python-urllib3_1:test python-websockets qca:qt5 ruby3.2:testsuite
We created a tracker bug https://bugzilla.suse.com/show_bug.cgi?id=1218342 to make it more transparent.
Request History
pmonrealgonzalez created request
- New libopenssl-fips-provider package.
- Remove a hack for bsc#936563
bsc936563_hack.patch (bsc#936563)
- Build with no-ssl3, for details on why this is needed read
require us to patch dependant packages as the relevant
functions are still available (SSLv3_(client|server)_method)
- openssl.keyring: use Matt Caswells current key.
- openSSL 1.0.1j
- openssl.keyring: the 1.0.1i release was done by
- 012-Fix-eckey_priv_encode.patch eckey_priv_encode should
- 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
it is already in RPM_OPT_FLAGS and is replaced by
- Remove the "gmp" and "capi" shared engines, nobody noticed
but they are just dummies that do nothing.
- Use enable-rfc3779 to allow projects such as rpki.net
- openssl-buffreelistbug-aka-CVE-2010-5298.patch fix
- openssl-gcc-attributes.patch: fix thinko, CRYPTO_realloc_clean does
- openssl-gcc-attributes.patch
- additional changes required for FIPS validation( from Fedora repo)
- Remove GCC option "-O3" for compiliation issue of ARM version
Modify files: README-FIPS.txt openssl.spec
Add file: CVE-2013-6450.patch
- Fixed bnc#856687, openssl: crash when using TLS 1.2
Add file: CVE-2013-6449.patch
- 0001-libcrypto-Hide-library-private-symbols.patch
This patch is however not 100% complete, as some private library
symbols are declared in public headers that shall not be touched
- openssl-1.0.1c-ipv6-apps.patch:
- Fix armv6l arch (armv7 was previously used to build armv6 which
anag+factory set openSUSE:Factory:Staging:O as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:O"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:O"
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
darix accepted review
Accepted review for by_group opensuse-review-team request 1142585 from user factory-auto
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:O got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:O got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:O got accepted.
