./emulators/suse131_openssl, Linux compatibility package for OpenSSL

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 13.1nb14, Package name: suse_openssl-13.1nb14, Maintainer: pkgsrc-users

Linux compatibility package based on the openSUSE Linux distribution.
Please visit http://www.opensuse.org/ for more information about openSUSE
Linux.

This package supports running ELF binaries linked with glibc2 that
require OpenSSL shared libraries.


Required to run:
[emulators/suse131_base]

Master sites:


Version history: (Expand)


CVS history: (Expand)


   2016-06-17 19:21:39 by Izumi Tsutsui | Files touched by this commit (26) | Package updated
Log message:
Update more RPMs from Suse 13.1.
   2015-11-03 21:31:11 by Alistair G. Crooks | Files touched by this commit (211)
Log message:
Add SHA512 digests for distfiles for emulators category

Problems found with existing digests:
	Package suse131_libSDL
	1c4d17a53bece6243cb3e6dd11c36d50f851a4f4 [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
	Package suse131_libdbus
	de99fcfa8e2c7ced28caf38c24d217d6037aaa56 [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
	Package suse131_qt4
	94daff738912c96ed8878ce1a131cd49fb379206 [recorded]
	886206018431aee9f8a01e1fb7e46973e8dca9d9 [calculated]

Problems found locating distfiles for atari800, compat12, compat 13,
compat14, compat15, compat20, compat30, compat40, compat50,
compat50-x11, compat51, compat51-x11, compat60, compat61,
compat61-x11, fmsx, osf1_lib, vice, xbeeb, xm7.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-07-28 10:49:16 by Thomas Klausner | Files touched by this commit (42) | Package updated
Log message:
Update RPMs from latest openSUSE 13.1 files.
From Rin Okuyama in PR 50082.
   2015-02-16 11:15:50 by Jonathan Perkin | Files touched by this commit (92)
Log message:
Put back PKGNAME definitions.
   2015-02-11 10:38:19 by OBATA Akio | Files touched by this commit (92)
Log message:
Revert
 define PKGNAME instead of fake DISTNAME
PKGNAME is unstable variable in current pkgsrc framework, so packages must not
rely on it.
   2015-01-24 02:01:54 by OBATA Akio | Files touched by this commit (2) | Package updated
Log message:
Apply following update to suse131_openssl, bump PKGREVISION.

   openSUSE Security Update: Security update for openssl
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2015:0130-1
Rating:             important
References:         #911399 #912014 #912015 #912018 #912292 #912293
                    #912294 #912296
Cross-References:   CVE-2014-3569 CVE-2014-3570 CVE-2014-3571
                    CVE-2014-3572 CVE-2014-8275 CVE-2015-0204
                    CVE-2015-0205 CVE-2015-0206
Affected Products:
                    openSUSE 13.2
                    openSUSE 13.1
______________________________________________________________________________

   An update that fixes 8 vulnerabilities is now available.

Description:

   openssl was updated to 1.0.1k to fix various security issues and bugs.

   More information can be found in the openssl advisory:
   http://openssl.org/news/secadv_20150108.txt

   Following issues were fixed:

   * CVE-2014-3570 (bsc#912296): Bignum squaring (BN_sqr) may have produced
     incorrect results on some platforms, including x86_64.

   * CVE-2014-3571 (bsc#912294): Fixed crash in dtls1_get_record whilst in
     the listen state where you get two separate reads performed - one for
     the header and one for the body of the handshake record.

   * CVE-2014-3572 (bsc#912015): Don't accept a handshake using an ephemeral
     ECDH ciphersuites with the server key exchange message omitted.

   * CVE-2014-8275 (bsc#912018): Fixed various certificate fingerprint issues.

   * CVE-2015-0204 (bsc#912014): Only allow ephemeral RSA keys in export
     ciphersuites

   * CVE-2015-0205 (bsc#912293): A fixwas added to prevent use of DH client
     certificates without sending certificate verify message.

   * CVE-2015-0206 (bsc#912292): A memory leak was fixed in
     dtls1_buffer_record.

References:

   http://support.novell.com/security/cve/ … -3569.html
   http://support.novell.com/security/cve/ … -3570.html
   http://support.novell.com/security/cve/ … -3571.html
   http://support.novell.com/security/cve/ … -3572.html
   http://support.novell.com/security/cve/ … -8275.html
   http://support.novell.com/security/cve/ … -0204.html
   http://support.novell.com/security/cve/ … -0205.html
   http://support.novell.com/security/cve/ … -0206.html
   https://bugzilla.suse.com/show_bug.cgi?id=911399
   https://bugzilla.suse.com/show_bug.cgi?id=912014
   https://bugzilla.suse.com/show_bug.cgi?id=912015
   https://bugzilla.suse.com/show_bug.cgi?id=912018
   https://bugzilla.suse.com/show_bug.cgi?id=912292
   https://bugzilla.suse.com/show_bug.cgi?id=912293
   https://bugzilla.suse.com/show_bug.cgi?id=912294
   https://bugzilla.suse.com/show_bug.cgi?id=912296
   2014-11-24 11:47:45 by OBATA Akio | Files touched by this commit (2) | Package updated
Log message:
Bump PKGREVISION to 11 for suse131_openssl.

   openSUSE Security Update: openssl: fixed elliptic curve handshake failure
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2014:1474-1
Rating:             low
References:         #905037
Affected Products:
                    openSUSE 13.2
                    openSUSE 13.1
                    openSUSE 12.3
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:

   This openssl update fixes a TLS handshake problem when elliptic curves are
   in use.
   2014-11-03 10:28:39 by OBATA Akio | Files touched by this commit (2) | Package updated
Log message:
Apply following security update to suse131_openssl, bump PKGREVISION to 10.

   openSUSE Security Update: update for openssl
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2014:1331-1
Rating:             important
References:         #901223 #901277
Cross-References:   CVE-2014-3513 CVE-2014-3566 CVE-2014-3567
                    CVE-2014-3568
Affected Products:
                    openSUSE 13.1
                    openSUSE 12.3
______________________________________________________________________________

   An update that fixes four vulnerabilities is now available.

Description:

   The following issues were fixed in this release:

   CVE-2014-3566: SSLv3 POODLE attack (bnc#901223) CVE-2014-3513,
   CVE-2014-3567:  DTLS memory leak and session ticket memory leak