| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libopenssl1_0_0 | Distribution: openSUSE 12.1 |
| Version: 1.0.0e | Vendor: openSUSE |
| Release: 34.7.1 | Build date: Wed Feb 29 14:59:18 2012 |
| Group: Productivity/Networking/Security | Build host: build18 |
| Size: 2295652 | Source RPM: openssl-1.0.0e-34.7.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: http://www.openssl.org/ | |
| Summary: Secure Sockets and Transport Layer Security | |
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, full-featured, and open source toolkit implementing
the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) protocols with full-strength cryptography. The project is managed
by a worldwide community of volunteers that use the Internet to
communicate, plan, and develop the OpenSSL toolkit and its related
documentation.
Derivation and License
OpenSSL is based on the excellent SSLeay library developed by Eric A.
Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
Apache-style license, which basically means that you are free to get it
and to use it for commercial and noncommercial purposes.
Authors:
--------
Mark J. Cox <mark@openssl.org>
Ralf S. Engelschall <rse@openssl.org>
Dr. Stephen Henson <steve@openssl.org>
Ben Laurie <ben@openssl.org>
Bodo Moeller <bodo@openssl.org>
Ulf Moeller <ulf@openssl.org>
Holger Reif <holger@openssl.org>
Paul C. Sutton <paul@openssl.org>
BSD3c(or similar)
* Fri Feb 24 2012 gjhe@suse.com
- fix bug[bnc#748738] - Tolerate bad MIME headers in openssl's
asn1 parser.
* Thu Feb 02 2012 gjhe@suse.com
- fix security bug [bnc#742821] - DTLS DoS Attack
CVE-2012-0050
* Wed Jan 11 2012 gjhe@suse.com
- fix security bug[bnc#739719] - openssl: various security issues
DTLS Plaintext Recovery Attack (CVE-2011-4108)
Uninitialized SSL 3.0 Padding (CVE-2011-4576)
Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577)
SGC Restart DoS Attack (CVE-2011-4619)
Invalid GOST parameters DoS Attack (CVE-2012-0027)
not affected:
Double-free in Policy Checks (CVE-2011-4109)
* Tue Oct 18 2011 crrodriguez@opensuse.org
- AES-NI: Check the return value of Engine_add()
if the ENGINE_add() call fails: it ends up adding a reference
to a freed up ENGINE which is likely to subsequently contain garbage
This will happen if an ENGINE with the same name is added multiple
times,for example different libraries. [bnc#720601]
* Sat Oct 08 2011 crrodriguez@opensuse.org
- Build with -DSSL_FORBID_ENULL so servers are not
able to use the NULL encryption ciphers (Those offering no
encryption whatsoever).
* Wed Sep 07 2011 crrodriguez@opensuse.org
- Update to openssl 1.0.0e fixes CVE-2011-3207 and CVE-2011-3210
see http://openssl.org/news/secadv_20110906.txt for details.
* Sat Aug 06 2011 crrodriguez@opensuse.org
- Add upstream patch that calls ENGINE_register_all_complete()
in ENGINE_load_builtin_engines() saving us from adding dozens
of calls to such function to calling applications.
* Fri Aug 05 2011 crrodriguez@opensuse.org
- remove -fno-strict-aliasing from CFLAGS no longer needed
and is likely to slow down stuff.
* Mon Jul 25 2011 jengelh@medozas.de
- Edit baselibs.conf to provide libopenssl-devel-32bit too
* Fri Jun 24 2011 gjhe@novell.com
- update to latest stable version 1.0.0d.
patch removed(already in the new package):
CVE-2011-0014
patch added:
ECDSA_signatures_timing_attack.patch
* Tue May 31 2011 gjhe@novell.com
- fix bug[bnc#693027].
Add protection against ECDSA timing attacks as mentioned in the paper
by Billy Bob Brumley and Nicola Tuveri, see:
http://eprint.iacr.org/2011/232.pdf
[Billy Bob Brumley and Nicola Tuveri]
* Mon May 16 2011 andrea@opensuse.org
- added openssl as dependency in the devel package
* Thu Feb 10 2011 gjhe@novell.com
- fix bug [bnc#670526]
CVE-2011-0014,OCSP stapling vulnerability
* Sat Jan 15 2011 cristian.rodriguez@opensuse.org
- Add patch from upstream in order to support AES-NI instruction
set present on current Intel and AMD processors
* Mon Jan 10 2011 meissner@suse.de
- enable -DPURIFY to avoid valgrind errors.
* Thu Dec 09 2010 gjhe@novell.com
- update to stable version 1.0.0c.
patch included:
CVE-2010-1633_and_CVE-2010-0742.patch
patchset-19727.diff
CVE-2010-2939.patch
CVE-2010-3864.patch
* Thu Nov 18 2010 gjhe@novell.com
- fix bug [bnc#651003]
CVE-2010-3864
* Sat Sep 25 2010 gjhe@novell.com
- fix bug [bnc#629905]
CVE-2010-2939
* Wed Jul 28 2010 cristian.rodriguez@opensuse.org
- Exclude static libraries, see what breaks and fix that
instead
* Wed Jun 30 2010 jengelh@medozas.de
- fix two compile errors on SPARC
* Tue Jun 15 2010 bg@novell.com
- -fstack-protector is not supported on hppa
* Fri Jun 04 2010 gjhe@novell.com
- fix bnc #610642
CVE-2010-0742
CVE-2010-1633
* Mon May 31 2010 gjhe@novell.com
- fix bnc #610223,change Configure to tell openssl to load engines
from /%{_lib} instead of %{_libdir}
* Mon May 10 2010 aj@suse.de
- Do not compile in build time but use mtime of changes file instead.
This allows build-compare to identify that no changes have happened.
* Tue May 04 2010 gjhe@novell.com
- build libopenssl to /%{_lib} dir,and keep only one
libopenssl-devel for new developping programs.
* Tue Apr 27 2010 gjhe@novell.com
- build libopenssl and libopenssl-devel to a version directory
* Sat Apr 24 2010 coolo@novell.com
- buildrequire pkg-config to fix provides
* Wed Apr 21 2010 lnussel@suse.de
- also create old certificate hash in /etc/ssl/certs for
compatibility with applications that still link against 0.9.8
* Mon Apr 12 2010 meissner@suse.de
- Disable our own build targets, instead use the openSSL provided ones
as they are now good (or should be good at least).
- add -Wa,--noexecstack to the Configure call, this is the upstream
approved way to avoid exec-stack marking
* Mon Apr 12 2010 gjhe@novell.com
- update to 1.0.0
Merge the following patches from 0.9.8k:
openssl-0.9.6g-alpha.diff
openssl-0.9.7f-ppc64.diff
openssl-0.9.8-flags-priority.dif
openssl-0.9.8-sparc.dif
openssl-allow-arch.diff
openssl-hppa-config.diff
* Fri Apr 09 2010 meissner@suse.de
- fixed "exectuable stack" for libcrypto.so issue on i586 by
adjusting the assembler output during MMX builds.
* Wed Apr 07 2010 meissner@suse.de
- Openssl is now partially converted to libdir usage upstream,
merge that in to fix lib64 builds.
* Thu Mar 25 2010 gjhe@novell.com
- fix security bug [bnc#590833]
CVE-2010-0740
* Mon Mar 22 2010 gjhe@novell.com
- update to version 0.9.8m
Merge the following patches from 0.9.8k:
bswap.diff
non-exec-stack.diff
openssl-0.9.6g-alpha.diff
openssl-0.9.7f-ppc64.diff
openssl-0.9.8-flags-priority.dif
openssl-0.9.8-sparc.dif
openssl-allow-arch.diff
openssl-hppa-config.diff
* Fri Feb 05 2010 jengelh@medozas.de
- build openssl for sparc64
* Mon Dec 14 2009 jengelh@medozas.de
- add baselibs.conf as a source
- package documentation as noarch
* Tue Nov 03 2009 coolo@novell.com
- updated patches to apply with fuzz=0
* Tue Sep 01 2009 gjhe@novell.com
- fix Bug [bnc#526319]
* Wed Aug 26 2009 coolo@novell.com
- use %patch0 for Patch0
* Fri Jul 03 2009 gjhe@novell.com
- update to version 0.9.8k
- patches merged upstream:
openssl-CVE-2008-5077.patch
openssl-CVE-2009-0590.patch
openssl-CVE-2009-0591.patch
openssl-CVE-2009-0789.patch
openssl-CVE-2009-1377.patch
openssl-CVE-2009-1378.patch
openssl-CVE-2009-1379.patch
openssl-CVE-2009-1386.patch
openssl-CVE-2009-1387.patch
* Tue Jun 30 2009 gjhe@novell.com
- fix security bug [bnc#509031]
CVE-2009-1386
CVE-2009-1387
* Tue Jun 30 2009 gjhe@novell.com
- fix security bug [bnc#504687]
CVE-2009-1377
CVE-2009-1378
CVE-2009-1379
* Wed Apr 15 2009 gjhe@suse.de
- fix security bug [bnc#489641]
CVE-2009-0590
CVE-2009-0591
CVE-2009-0789
/lib/engines /lib/engines/lib4758cca.so /lib/engines/libaep.so /lib/engines/libatalla.so /lib/engines/libcapi.so /lib/engines/libchil.so /lib/engines/libcswift.so /lib/engines/libgmp.so /lib/engines/libgost.so /lib/engines/libnuron.so /lib/engines/libpadlock.so /lib/engines/libsureware.so /lib/engines/libubsec.so /lib/libcrypto.so.1.0.0 /lib/libssl.so.1.0.0
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed May 22 03:00:14 2013