[packages/openssl] up to 3.6.1 (multiple security fixes)
atler
atler at pld-linux.org
Tue Jan 27 15:19:05 CET 2026
commit 26449b7d3e166c1bab81e2b482e0d4804665aac0
Author: Jan Palus <atler at pld-linux.org>
Date: Tue Jan 27 15:14:11 2026 +0100
up to 3.6.1 (multiple security fixes)
fixes:
CVE-2025-11187
CVE-2025-15467
CVE-2025-15468
CVE-2025-15469
CVE-2025-66199
CVE-2025-68160
CVE-2025-69418
CVE-2025-69419
CVE-2025-69420
CVE-2025-69421
CVE-2026-22795
CVE-2026-22796
openssl-ca-certificates.patch | 18 +++++++++---------
openssl.spec | 8 +++-----
2 files changed, 12 insertions(+), 14 deletions(-)
---
diff --git a/openssl.spec b/openssl.spec
index 4e9eebc..bbc677f 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -13,12 +13,12 @@ Summary(pt_BR.UTF-8): Uma biblioteca C que fornece vários algoritmos e protocol
Summary(ru.UTF-8): Библиотеки и утилиты для соединений через Secure Sockets Layer
Summary(uk.UTF-8): Бібліотеки та утиліти для з'єднань через Secure Sockets Layer
Name: openssl
-Version: 3.6.0
-Release: 3
+Version: 3.6.1
+Release: 1
License: Apache v2.0
Group: Libraries
Source0: https://github.com/openssl/openssl/releases/download/openssl-%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: 77ab78417082f22a2ce809898bd44da0
+# Source0-md5: 589777dc85ebbfeca70161c0c384d572
Source2: %{name}.1.pl
Source3: %{name}-ssl-certificate.sh
Source4: %{name}-c_rehash.sh
@@ -27,7 +27,6 @@ Patch1: %{name}-ca-certificates.patch
Patch2: %{name}-find.patch
Patch3: engines-dir.patch
Patch4: x32-sha-avx-ssse3-detect.patch
-Patch5: x509-checkend.patch
URL: http://www.openssl.org/
%ifarch %{arm} ppc mips sparc sparcv9
BuildRequires: libatomic-devel
@@ -213,7 +212,6 @@ RC4, RSA и SSL. Включает статические библиотеки д
%patch -P2 -p1
%patch -P3 -p1
%patch -P4 -p1
-%patch -P5 -p1
# fails with enable-sctp as of 1.1.1
%{__rm} test/recipes/80-test_ssl_new.t
diff --git a/openssl-ca-certificates.patch b/openssl-ca-certificates.patch
index 67bad3f..7d607aa 100644
--- a/openssl-ca-certificates.patch
+++ b/openssl-ca-certificates.patch
@@ -1,11 +1,11 @@
--- openssl-1.1.1/include/internal/common.h~ 2018-09-11 14:48:23.000000000 +0200
+++ openssl-1.1.1/include/internal/common.h 2018-09-11 22:14:32.008012409 +0200
-@@ -56,7 +56,7 @@ DEFINE_LHASH_OF(MEM);
- # ifndef OPENSSL_SYS_VMS
- # define X509_CERT_AREA OPENSSLDIR
- # define X509_CERT_DIR OPENSSLDIR "/certs"
--# define X509_CERT_FILE OPENSSLDIR "/cert.pem"
-+# define X509_CERT_FILE "/etc/pki/tls/certs/ca-bundle.crt"
- # define X509_PRIVATE_DIR OPENSSLDIR "/private"
- # define CTLOG_FILE OPENSSLDIR "/ct_log_list.cnf"
- # else
+@@ -82,7 +82,7 @@ DEFINE_LHASH_OF(MEM);
+ #ifndef OPENSSL_SYS_VMS
+ #define X509_CERT_AREA OPENSSLDIR
+ #define X509_CERT_DIR OPENSSLDIR "/certs"
+-#define X509_CERT_FILE OPENSSLDIR "/cert.pem"
++#define X509_CERT_FILE OPENSSLDIR "/etc/pki/tls/certs/ca-bundle.crt"
+ #define X509_PRIVATE_DIR OPENSSLDIR "/private"
+ #define CTLOG_FILE OPENSSLDIR "/ct_log_list.cnf"
+ #else
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/openssl.git/commitdiff/26449b7d3e166c1bab81e2b482e0d4804665aac0
More information about the pld-cvs-commit
mailing list