rpms / openssl

Clone
Source Code
GIT

#33 Rebase to upstream version 3.0.5
Merged 7 months ago by clang. Opened 7 months ago by clang.
rpms/ clang/openssl rawhide-cve20222068-cve20222097  into  rawhide

file modified
+1 
@@ -55,3 +55,4 @@ 
 

  /openssl-3.0.0-hobbled.tar.xz
 

  /openssl-3.0.2-hobbled.tar.gz
 

  /openssl-3.0.3-hobbled.tar.gz
 

+ /openssl-3.0.5-hobbled.tar.xz

file removed
-38 
@@ -1,38 +0,0 @@ 
 

- diff --git a/test/certs/embeddedSCTs1_issuer.pem b/test/certs/embeddedSCTs1_issuer.pem
 

- index 1fa449d5a098..6aa9455f09ed 100644
 

- --- a/test/certs/embeddedSCTs1_issuer.pem
 

- +++ b/test/certs/embeddedSCTs1_issuer.pem
 

- @@ -1,18 +1,18 @@
 

-  -----BEGIN CERTIFICATE-----
 

- -MIIC0DCCAjmgAwIBAgIBADANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJHQjEk
 

- +MIIC0jCCAjugAwIBAgIBADANBgkqhkiG9w0BAQsFADBVMQswCQYDVQQGEwJHQjEk
 

-  MCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENBMQ4wDAYDVQQIEwVX
 

- -YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAeFw0xMjA2MDEwMDAwMDBaFw0yMjA2MDEw
 

- -MDAwMDBaMFUxCzAJBgNVBAYTAkdCMSQwIgYDVQQKExtDZXJ0aWZpY2F0ZSBUcmFu
 

- -c3BhcmVuY3kgQ0ExDjAMBgNVBAgTBVdhbGVzMRAwDgYDVQQHEwdFcncgV2VuMIGf
 

- -MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVimhTYhCicRmTbneDIRgcKkATxtB7
 

- -jHbrkVfT0PtLO1FuzsvRyY2RxS90P6tjXVUJnNE6uvMa5UFEJFGnTHgW8iQ8+EjP
 

- -KDHM5nugSlojgZ88ujfmJNnDvbKZuDnd/iYx0ss6hPx7srXFL8/BT/9Ab1zURmnL
 

- -svfP34b7arnRsQIDAQABo4GvMIGsMB0GA1UdDgQWBBRfnYgNyHPmVNT4DdjmsMEk
 

- -tEfDVTB9BgNVHSMEdjB0gBRfnYgNyHPmVNT4DdjmsMEktEfDVaFZpFcwVTELMAkG
 

- -A1UEBhMCR0IxJDAiBgNVBAoTG0NlcnRpZmljYXRlIFRyYW5zcGFyZW5jeSBDQTEO
 

- -MAwGA1UECBMFV2FsZXMxEDAOBgNVBAcTB0VydyBXZW6CAQAwDAYDVR0TBAUwAwEB
 

- -/zANBgkqhkiG9w0BAQUFAAOBgQAGCMxKbWTyIF4UbASydvkrDvqUpdryOvw4BmBt
 

- -OZDQoeojPUApV2lGOwRmYef6HReZFSCa6i4Kd1F2QRIn18ADB8dHDmFYT9czQiRy
 

- -f1HWkLxHqd81TbD26yWVXeGJPE3VICskovPkQNJ0tU4b03YmnKliibduyqQQkOFP
 

- -OwqULg==
 

- +YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAgFw0yMjA2MDExMDM4MDJaGA8yMTIyMDUw
 

- +ODEwMzgwMlowVTELMAkGA1UEBhMCR0IxJDAiBgNVBAoTG0NlcnRpZmljYXRlIFRy
 

- +YW5zcGFyZW5jeSBDQTEOMAwGA1UECBMFV2FsZXMxEDAOBgNVBAcTB0VydyBXZW4w
 

- +gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANWKaFNiEKJxGZNud4MhGBwqQBPG
 

- +0HuMduuRV9PQ+0s7UW7Oy9HJjZHFL3Q/q2NdVQmc0Tq68xrlQUQkUadMeBbyJDz4
 

- +SM8oMczme6BKWiOBnzy6N+Yk2cO9spm4Od3+JjHSyzqE/HuytcUvz8FP/0BvXNRG
 

- +acuy98/fhvtqudGxAgMBAAGjga8wgawwHQYDVR0OBBYEFF+diA3Ic+ZU1PgN2Oaw
 

- +wSS0R8NVMH0GA1UdIwR2MHSAFF+diA3Ic+ZU1PgN2OawwSS0R8NVoVmkVzBVMQsw
 

- +CQYDVQQGEwJHQjEkMCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENB
 

- +MQ4wDAYDVQQIEwVXYWxlczEQMA4GA1UEBxMHRXJ3IFdlboIBADAMBgNVHRMEBTAD
 

- +AQH/MA0GCSqGSIb3DQEBCwUAA4GBAD0aYh9OkFYfXV7kBfhrtD0PJG2U47OV/1qq
 

- ++uFpqB0S1WO06eJT0pzYf1ebUcxjBkajbJZm/FHT85VthZ1lFHsky87aFD8XlJCo
 

- +2IOhKOkvvWKPUdFLoO/ZVXqEVKkcsS1eXK1glFvb07eJZya3JVG0KdMhV2YoDg6c
 

- +Doud4XrO
 

-  -----END CERTIFICATE-----

file modified
+6 -4 
@@ -14,13 +14,13 @@ 
 

  

  Summary: Utilities from the general purpose cryptography library with TLS implementation
 

  Name: openssl
 

- Version: 3.0.3
 

+ Version: 3.0.5
 

  Release: 1%{?dist}
 

  Epoch: 1
 

  # We have to remove certain patented algorithms from the openssl source
 

  # tarball with the hobble-openssl script which is included below.
 

  # The original openssl upstream tarball cannot be shipped in the .src.rpm.
 

- Source: openssl-%{version}-hobbled.tar.gz
 

+ Source: openssl-%{version}-hobbled.tar.xz
 

  Source1: hobble-openssl
 

  Source2: Makefile.certificate
 

  Source3: genpatches
 
@@ -83,8 +83,6 @@ 
 

  # The patch is incorporated in 3.0.3 but we provide this function since 3.0.1
 

  # so the patch should persist
 

  Patch56: 0056-strcasecmp.patch
 

- # https://github.com/openssl/openssl/pull/18444
 

- Patch58: 0058-replace-expired-certs.patch
 

  

  License: ASL 2.0
 

  URL: http://www.openssl.org/
 
@@ -416,6 +414,10 @@ 
 

  %ldconfig_scriptlets libs
 

  

  %changelog
 

+ * Tue Jul 05 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.5-1
 

+ - Rebase to upstream version 3.0.5
 

+   Related: rhbz#2099972, CVE-2022-2097
 

+ 

  * Wed Jun 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.3-1
 

  - Rebase to upstream version 3.0.3

file modified
+1 -1 
@@ -1,1 +1,1 @@ 
 

- SHA512 (openssl-3.0.3-hobbled.tar.gz) = 474a6309e0457ad33ec4b5f98606ba7ee6fa15dd0abb26a1da80fa37e3fc0ec535b858e03aceb4ce675dcce6a26796c802d8bf8ebb4adc350e6b3ea95810a61b
 

+ SHA512 (openssl-3.0.5-hobbled.tar.xz) = 2f5531d46a905af8d36bf81c18fa34ccc86f5bd66e6e4227bb17e2f926ef14f78057ab60cd9d55bb9d1bad3d5b56a71170e4a86708fd8352324db2e0747142cf

Also fixes CVE-2022-2097, which only affects i686.

Related: rhbz#2099972
Signed-off-by: Clemens Lang cllang@redhat.com

Build succeeded.

Pull-Request has been merged by clang
7 months ago
Metadata
None
No Tags
Changes Summary 4
+1 -0
file changed
.gitignore
-38
file removed
0058-replace-expired-certs.patch
+6 -4
file changed
openssl.spec
+1 -1
file changed
sources
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.