Sophie

• Search
• Distribution
• Explorer
• Source & Patches
• Chat
• Help
• About

distrib > PLD > ac > amd64 > media > dist-src > by-pkgid > 5dc4777de8d6b5790d8f58e80e732a3f > changelog

openssl-0.9.7l-1.src.rpm

• Info
• Deps
• Files
• Scripts
• ChangeLog
• Location
• Others versions
• Analyse

• Sun Oct 1 2006 PLD Team <feedback@pld-linux.org>

  All persons listed below can be reached at @pld-linux.org
  
  $Log: openssl.spec,v $
  Revision 1.146.2.3.2.3 2006/10/01 09:38:53 paszczus
  - updated to 0.9.7l (fixes CVS-2006-{2940,2937,3738,4343})
  - STBR
  
  Revision 1.146.2.3.2.2 2006/09/08 07:59:32 hawk
  - add CVE note to changelog
  
  Revision 1.146.2.3.2.1 2006/09/08 07:57:46 hawk
  - can't wait any longer... AC-branch restored to proper place, updated
  to 0.9.7k (fixes CVE-2006-4339)
  
  Revision 1.146.2.3 2006/06/13 10:23:22 jajcus
  - 'purify' bcond added
  
  Revision 1.146.2.2 2006/03/21 19:56:12 radek
  - really moved ca-bundle.crt
  
  Revision 1.146.2.1 2006/03/21 19:53:13 radek
  - release 2: added certificates from Mozilla
  - moved ca-bundle.crt to main package (rev 1.75 didn't)
  
  Revision 1.146 2005/12/04 23:10:18 glen
  - adapterized (sorted %verify flags)
  
  Revision 1.145 2005/10/15 15:15:38 glen
  - updated to 0.9.7i
  
  Revision 1.144 2005/10/13 06:27:41 arekm
  - backward binary compatibility
  
  Revision 1.143 2005/10/12 12:33:26 qboosh
  - added CAN note
  
  Revision 1.142 2005/10/12 11:15:42 havner
  - 0.9.7h
  [fixes CAN-2005-2969]
  
  Revision 1.141 2005/08/27 14:37:04 arekm
  - rel 3
  
  Revision 1.140 2005/07/24 16:36:14 qboosh
  - fix libdir in *.pc, release 2
  
  Revision 1.139 2005/05/11 15:27:01 qboosh
  - use x8664 macro
  
  Revision 1.138 2005/05/11 02:48:14 pluto
  - exclude invalid libfips.so symlink from %%files.
  
  Revision 1.137 2005/04/15 22:08:33 qboosh
  - updated to 0.9.7g
  
  Revision 1.136 2005/03/24 19:53:04 qboosh
  - updated to 0.9.7f, updated optflags patch
  
  Revision 1.135 2005/03/21 18:28:44 mmazur
  - rel 3 for th
  
  Revision 1.134 2005/02/02 09:22:51 speedy
  - redefine SSLeay_add_ssl_algorithms
  - fix sparc64-linux optflags
  - fix sparc64 md5
  - release 2
  
  Revision 1.133 2004/11/20 21:16:02 qboosh
  - hack to fix build on i386
  - use default x86 code on i486 (only i386 is exceptional)
  
  Revision 1.132 2004/10/27 17:45:41 darekr
  - added missing file openssl_fips_fingerprint
  
  Revision 1.131 2004/10/26 18:32:48 qboosh
  - updated to 0.9.7e, updated optflags,include patches, removed obsolete smime patch
  
  Revision 1.130 2004/10/13 10:51:16 mmazur
  - rel 6 for th
  
  Revision 1.129 2004/09/02 14:36:07 snurf
  - typos / formatting / etc.
  
  Revision 1.128 2004/07/13 19:41:35 qboosh
  - added ia64, sorted archs
  
  Revision 1.127 2004/06/24 00:17:27 pluto
  - %%install: %%{__cc} added.
  
  Revision 1.126 2004/06/23 23:51:49 pluto
  - more sparc targets.
  
  Revision 1.125 2004/06/04 14:04:14 ankry
  - rebuild, rel. 5
  
  Revision 1.124 2004/06/04 10:45:34 aflinta
  - release 4 - sparc edition upgrade ;)
  
  Revision 1.123 2004/06/01 20:03:39 qboosh
  - added smime patch ("make S/MIME encrypt work again"); release 3
  
  Revision 1.122 2004/05/09 05:22:00 ankry
  - BR fixes, rel. 2
  
  Revision 1.121 2004/03/17 17:35:27 qboosh
  - security update to 0.9.7d (fixes CAN-2004-0079, CAN-2004-0112)
  - removed obsolete makefile,parallel_make patches
  
  Revision 1.120 2004/03/14 15:27:48 adgor
  - Typo
  
  Revision 1.119 2004/03/14 13:23:53 gotar
  - moved %dir %{_var}/lib/%{name}/{,certs,private} to the main package;
  there are programs (like proftpd) which take certificates from that
  directory, but they don't require openssl-tools,
  - release 4.
  
  Revision 1.118 2004/02/28 21:41:12 qboosh
  - strict internal deps, removed redundant BR textutils
  - simplified grep -r | cut -> grep -l -r
  
  Revision 1.117 2004/02/28 17:20:27 saq
  - a minor speed-up (invoke perl -pi -e once for many files)
  - generalized the ix86 architecture condition
  
  Revision 1.116 2004/02/28 16:55:17 andree
  - allow build on pentium3 (ifarch)
  
  Revision 1.115 2004/01/08 10:05:45 qboosh
  - well, one ifarch for one arch is enough...
  
  Revision 1.114 2004/01/08 09:54:41 blues
  - release 3 - added script for creating selfsigned certs, taken from debian
  
  Revision 1.113 2004/01/02 17:49:49 jajcus
  - Release: 2 (STBR after AMD64 fixes)
  
  Revision 1.112 2003/12/18 22:46:47 jajcus
  - put pkgconfig file in the right directory on amd64
  
  Revision 1.111 2003/11/18 16:59:03 adasi
  - x86_64 arch support
  
  Revision 1.110 2003/10/20 19:00:28 qboosh
  - use _pkgconfigdir macro
  
  Revision 1.109 2003/10/01 08:41:23 qboosh
  - cosmetics
  
  Revision 1.108 2003/09/30 21:27:58 pius
  - added openssl-makefile.patch
  
  Revision 1.107 2003/09/30 19:38:10 blues
  - md5 fix & cosmetics
  
  Revision 1.106 2003/09/30 19:32:17 eothane
  - openssl 0.9.7c
  - next release
  
  Revision 1.105 2003/08/24 23:51:24 mmazur
  - rel 1 for ac
  
  Revision 1.104 2003/08/20 19:20:22 krzak
  - make with set INSTALLTOP
  - include.patch
  - rel 0.3
  
  Revision 1.103 2003/08/12 22:32:51 ankry
  - cosmetics
  
  Revision 1.102 2003/05/25 11:00:56 malekith
  - massive attack, adding Source-md5
  
  Revision 1.101 2003/05/25 06:24:32 misi3k
  - massive attack s/pld.org.pl/pld-linux.org/
  
  Revision 1.100 2003/04/24 13:50:19 radek
  - removed BR:perl-tools-pod, it's implied by perl-devel
  
  Revision 1.99 2003/04/15 21:44:01 qboosh
  - fixed broken entries in optflags patch, release 0.2
  
  Revision 1.98 2003/04/12 10:23:19 misi3k
  - updated to 0.9.7b
  - removed patch 4 & 5 (not needed)
  - rel 0.1
  Note: Test me
  
  Revision 1.97 2003/03/20 09:59:34 djrzulf
  - added BR: perl-tools-pod
  
  Revision 1.96 2003/03/20 09:09:52 misi3k
  - security patch (no 5) - CAN-2003-0131 (Klima-Pokorny-Rosa attack on RSA in SSL/TLS)
  
  Revision 1.95 2003/03/17 19:01:36 misi3k
  - rel 1
  
  Revision 1.94 2003/03/17 18:43:02 misi3k
  - secuirty patch (patch4)
  
  Bug (bugtraq):
  Researchers have discovered a timing attack on RSA keys, to which
  OpenSSL is generally vulnerable, unless RSA blinding has been turned
  on.
  
  Typically, it will not have been, because it is not easily possible to
  do so when using OpenSSL to provide SSL or TLS.
  
  The enclosed patch switches blinding on by default. Applications that
  wish to can remove the blinding with RSA_blinding_off(), but this is
  not generally advised. It is also possible to disable it completely by
  defining OPENSSL_NO_FORCE_RSA_BLINDING at compile-time.
  
  The performance impact of blinding appears to be small (a few
  percent).
  
  This problem affects many applications using OpenSSL, in particular,
  almost all SSL-enabled Apaches. You should rebuild and reinstall
  OpenSSL, and all affected applications.
  
  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
  assigned the name CAN-2003-0147 to this issue.
  
  We strongly advise upgrading OpenSSL in all cases, as a precaution.
  
  Revision 1.93 2003/03/03 08:52:07 trojan