[packages/openssl/openssl-1.0.1] up to 1.0.1n. fixes for CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791
glen
glen at pld-linux.org
Thu Jun 11 17:22:02 CEST 2015
commit 07f2984c5a67fd88ae39af119d8bd993c5af8404
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Thu Jun 11 18:19:29 2015 +0300
up to 1.0.1n. fixes for CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791
openssl-optflags.patch | 14 +++++++-------
openssl.spec | 4 ++--
2 files changed, 9 insertions(+), 9 deletions(-)
---
diff --git a/openssl.spec b/openssl.spec
index d7b16b9..5937efc 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -19,12 +19,12 @@ Summary(pt_BR.UTF-8): Uma biblioteca C que fornece vários algoritmos e protocol
Summary(ru.UTF-8): Библиотеки и утилиты для соединений через Secure Sockets Layer
Summary(uk.UTF-8): Бібліотеки та утиліти для з'єднань через Secure Sockets Layer
Name: openssl
-Version: 1.0.1m
+Version: 1.0.1n
Release: 1
License: Apache-like
Group: Libraries
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
-# Source0-md5: d143d1555d842a069cb7cc34ba745a06
+# Source0-md5: 139568bd5a56fa49b72a290d37113f30
Source2: %{name}.1.pl
Source3: %{name}-ssl-certificate.sh
Source4: %{name}-c_rehash.sh
diff --git a/openssl-optflags.patch b/openssl-optflags.patch
index 44717de..05af6f0 100644
--- a/openssl-optflags.patch
+++ b/openssl-optflags.patch
@@ -3,8 +3,8 @@ built on a i686/ev6/sparcv9 to not run on a i386/ev5/sparcv7 and so on.
...add $ENV{OPTFLAGS} instead
---- openssl-1.0.1c/Configure.orig 2013-01-14 19:37:10.656534171 +0100
-+++ openssl-1.0.1c/Configure 2013-01-14 20:07:02.553163489 +0100
+--- openssl-1.0.1n/Configure~ 2015-06-11 18:13:10.000000000 +0300
++++ openssl-1.0.1n/Configure 2015-06-11 18:15:47.414930200 +0300
@@ -165,8 +165,8 @@
#"b2-is-ri-dp", "${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::",
@@ -76,7 +76,7 @@ built on a i686/ev6/sparcv9 to not run on a i386/ev5/sparcv7 and so on.
#### So called "highgprs" target for z/Architecture CPUs
# "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
# /proc/cpuinfo. The idea is to preserve most significant bits of
-@@ -373,16 +373,16 @@
+@@ -375,16 +375,16 @@
# ldconfig and run-time linker to autodiscover. Unfortunately it
# doesn't work just yet, because of couple of bugs in glibc
# sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1...
@@ -85,15 +85,15 @@ built on a i686/ev6/sparcv9 to not run on a i386/ev5/sparcv7 and so on.
#### SPARC Linux setups
# Ray Miller <ray.miller at computing-services.oxford.ac.uk> has patiently
# assisted with debugging of following two configs.
--"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -fomit-frame-pointer $ENV{OPTFLAGS} -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"linux-sparcv8","gcc:-mcpu=v8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-sparcv8","gcc:-mcpu=v8 -DB_ENDIAN $ENV{OPTFLAGS} -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# it's a real mess with -mcpu=ultrasparc option under Linux, but
# -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -fomit-frame-pointer $ENV{OPTFLAGS} -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN $ENV{OPTFLAGS} -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# GCC 3.1 is a requirement
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -fomit-frame-pointer $ENV{OPTFLAGS} -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
++"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN $ENV{OPTFLAGS} -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
#### Alpha Linux with GNU C and Compaq C setups
# Special notes:
# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/openssl.git/commitdiff/07f2984c5a67fd88ae39af119d8bd993c5af8404
More information about the pld-cvs-commit
mailing list