- Wed May 30 2012 Gleb F-Malinovskiy <glebfm@altlinux.org> 0.9.8d-alt4.M41.2
- 4.1 security update (fix CVE-2011-4109 CVE-2011-4576 CVE-2011-4619
CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2333) - Thu Nov 24 2011 Andriy Stepanov <stanv@altlinux.ru> 0.9.8d-alt4.M41.1
- CVE-2008-5077
CVE-2009-0590
CVE-2009-0789
DTLS fixes.
CVE-2009-3555
CVE-2009-3245
CVE-2009-4355
CVE-2010-0433
CVE-2010-4180 - Wed Oct 10 2007 Dmitry V. Levin <ldv@altlinux.org> 0.9.8d-alt4
- Backported upstream fix for off-by-one bug in the
SSL_get_shared_ciphers() function (CVE-2007-5135). - Tue Aug 7 2007 Dmitry V. Levin <ldv@altlinux.org> 0.9.8d-alt3
- Fixed side-channel attack on private keys
(CVE-2007-3108, RH#245732, http://cvs.openssl.org/chngview?cn=16275).
- Mitigated branch prediction attacks
(RH#250573, http://cvs.openssl.org/chngview?cn=16077).
- Changed SSL/TLS server implementation to be stricter about session ID
context matching (RH#233599, http://cvs.openssl.org/chngview?cn=16006). - Tue Feb 6 2007 Dmitry V. Levin <ldv@altlinux.org> 0.9.8d-alt2
- Moved a bundle of X.509 certificates of public Certificate
Authorities (CA) from openssl package to separate ca-certificates
package.
- Moved /var/lib/ssl/{openssl.cnf,cert.pem} from openssl subpackage
to libssl6 subpackage. - Sun Nov 5 2006 Dmitry V. Levin <ldv@altlinux.org> 0.9.8d-alt1
- openssl: Updated to 0.9.8d.
- TSA patch: Updated to 20060923 (still not applied by default).
- Asymm patch: Updated to 20061110 (still not applied by default).
- Packaged engine and tsget in separate subpackages.
- Makefile.certificate, ca-bundle.crt: Updated from FC.
- Updated FC specific patches from 0.9.8b-12.
- Renamed subpackage according to soname change: libssl4 -> libssl6. - Thu Nov 2 2006 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt6
- Updated upstream bss_conn.c fix.
- Renamed srpm: openssl -> openssl097.
- Renamed subpackage: libssl -> libssl4. - Wed Sep 27 2006 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt5
- Applied upstream fixes for DoS bugs in ASN1 parser
(CVE-2006-2937, CVE-2006-2940).
- Applied fix for buffer overflow in SSL_get_shared_ciphers(),
discovery and patch from Tavis Ormandy and Will Drewry of the
Google Security Team (CVE-2006-3738).
- Applied fix for possible DoS in the sslv2 client code,
discovery and patch from Tavis Ormandy and Will Drewry of the
Google Security Team (CVE-2006-4343).
- Build this package without optimizations based on strict aliasing rules. - Wed Sep 6 2006 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt4
- Applied upstream patch to avoid RSA signature forgery (CVE-2006-4339).
- Tue Oct 11 2005 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt3
- Applied upstream fix for potential SSL 2.0 rollback
during SSL handshake (CAN-2005-2969). - Fri Jun 24 2005 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt2
- Minor package cleanup.
- Fri Jun 17 2005 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt1
- Removed those of RH patches which I do not like.
- Rediffed patches and renamed them accourding to the packaging policy.
- Relocated development manpages from libssl-devel subpackage to
openssl-doc subpackage. - Tue Jun 7 2005 Anton D. Kachalov <mouse@altlinux.org> 0.9.7g-alt0.4
- Added multilib support
- Fri Jun 3 2005 LAKostis <lakostis at altlinux.org> 0.9.7g-alt0.3
- Incorporated patches from Fedora.
- Changed certs dir to be more useful.
- Added provides/requires for tsa (for future use). - Fri Jun 3 2005 LAKostis <lakostis at altlinux.org> 0.9.7g-alt0.2
- Updated to 0.9.7g.
- Made split build (with/without tsa patch). - Tue Nov 16 2004 LAKostis <lakostis at altlinux.org> 0.9.7e-alt0.1.ts
- Test build with 0.9.7e.
- Tue Oct 26 2004 LAKostis <lakostis at altlinux.org> 0.9.7d-alt1.ts
- Added timestamping support patch.
- Sat May 8 2004 Dmitry V. Levin <ldv@altlinux.org> 0.9.7d-alt1
- Updated to 0.9.7d.
- Reviewed patches.
- Applied RH's soname convention. - Wed Mar 17 2004 Dmitry V. Levin <ldv@altlinux.org> 0.9.6m-alt1
- Updated to 0.9.6m.
- Wed Mar 17 2004 Dmitry V. Levin <ldv@altlinux.org> 0.9.6l-alt2
- Fixed null-pointer assignment during SSL handshake
(CAN-2004-0079). - Fri Nov 7 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6l-alt1
- Updated to 0.9.6l.
- For non-i386 ix86 platforms, relaxed textrel check. - Tue Sep 30 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6k-alt1
- Updated to 0.9.6k:
+ Fix various ASN1 parsing bugs.
+ SSL/TLS protocol fix for unrequested client certificates. - Thu Aug 28 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6j-alt2
- Fixed linux-elf-arm architecture support (sbolshakov@, #2804).
- Shared /usr/bin/openssl-config between openssl and
libssl-devel subpackages (fixes #2806). - Sat Apr 12 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6j-alt1
- Updated to 0.9.6j.
- Thu Mar 20 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6i-alt3
- Applied patch against Klima-Pokorny-Rosa attack.
- Tue Mar 18 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6i-alt2
- Applied blinding patch from OpenSSL team,
to defend against timing attack on RSA keys. - Wed Feb 19 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6i-alt1
- Updated to 0.9.6i.
- Thu Dec 12 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6h-alt1
- Updated to 0.9.6h.
- Merged Owl changes:
* Fri Nov 15 2002 Solar Designer
- Dropped the patch removing -Wl,-Bsymbolic which is no longer needed with
0.9.6g and/or after dropping the explicit "make build-shared".
- Dropped RSAref stuff. - Sun Sep 29 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6g-alt3
- Fixed glibc/crypto compatibility patch.
- Sat Sep 21 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6g-alt2
- Fixed libssl linkage:
Don't do an explicit "make build-shared", it's not needed and
could only cause harm (link libssl against libcrypto statically).
- FHS fixes (#0000915):
+ changed %openssldir from /usr/lib/ssl to /var/lib/ssl;
+ moved openssl.cnf from %openssldir/ to /etc/openssl/;
+ on upgrade, copy old %openssldir to new location;
+ added openssl-config script to provide current %openssldir location.
- Renamed openssl-devel subpackage to libssl-devel.
- Renamed openssl-devel-static subpackage to libssl-devel-static. - Mon Aug 19 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6g-alt1
- 0.9.6g; asn1_lib patch merged upstream.
- Mon Aug 5 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6e-alt1
- Updated to 0.9.6e, recent security patch merged upstream.
- Added two post-0.9.6e changes from the CVS which correct the recent ASN.1
parsing vulnerability fixes (Owl). - Wed Jul 31 2002 Solar Designer <solar@owl.openwall.com>
- Updated to 0.9.6e, dropping the shared-on-SPARC and the official
security patches (both are now included). - Mon Jul 29 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6d-alt2
- Various security fixes (see CHANGES).
- Mon May 13 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.9.6d-alt1
- Updated to 0.9.6d.
- Added a patch by Ben Laurie for "openssl dgst" to behave on read errors.
- Properly restrict the instruction set in assembly code when building for i386 (Owl). - Wed Apr 10 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.9.6c-alt3
- Fixed /usr/bin/openssl linkage.
- Relocate shared libs to /lib/. - Thu Mar 21 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.9.6c-alt2
- libssl: Conflicts: %name < %version-%release.
- Tue Jan 15 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.9.6c-alt1
- 0.9.6c
- Relocated docs. - Wed Jul 11 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.9.6b-alt1
- 0.9.6b
- Fri Jun 22 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.9.6a-alt2
- Changed two memcpy() calls to memmove() (nalin).
- Added a script for creating dummy certificates (nalin). - Mon May 14 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.9.6a-alt1
- 0.9.6a
- Keep standard soname scheme.
- Do not provide crypt symbol (solar).
- Use __libc_enable_secure variable (solar).
- Link /usr/bin/openssl dinamically with shared libraries from libssl subpackage (solar). - Wed Apr 4 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.9.6-ipl2mdk
- Moved shared libraries to libssl subpackage.
- Moved static libraries to devel-static subpackage. - Thu Sep 28 2000 Dmitry V. Levin <ldv@fandra.org> 0.9.6-ipl1mdk
- 0.9.6
- Wed May 31 2000 Dmitry V. Levin <ldv@fandra.org>
- 0.9.5a
- Fri Apr 28 2000 Dmitry V. Levin <ldv@fandra.org>
- separate openssl-doc package
- 0.9.5 - Sun Dec 5 1999 Dmitry V. Levin <ldv@fandra.org>
- Fandra adaptions
- Sun Nov 28 1999 Arne Coucheron <arneco@online.no>
[0.9.4-3]
- config file moved to /var/ssl due to problems when it stays in /etc - Tue Aug 17 1999 Arne Coucheron <arneco@online.no>
[0.9.4-2]
- the source rpm was corrupt, so this is just a rerelase - Wed Aug 11 1999 Arne Coucheron <arneco@online.no>
[0.9.4-1]
- Sun Jun 20 1999 Arne Coucheron <arneco@online.no>
[0.9.3a-1]
- several changes