Hello community, here is the log from the commit of package libressl for openSUSE:Factory checked in at 2015-03-23 12:17:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libressl (Old) and /work/SRC/openSUSE:Factory/.libressl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libressl" Changes: -------- --- /work/SRC/openSUSE:Factory/libressl/libressl.changes 2015-03-11 09:57:30.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libressl.new/libressl.changes 2015-03-23 12:17:11.000000000 +0100 @@ -1,0 +2,11 @@ +Thu Mar 19 18:12:17 UTC 2015 - [email protected] + +- Update to new upstream release 2.1.6 +* Reject server ephemeral DH keys smaller than 1024 bits +* Fixed CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp +* Fixed CVE-2015-0287 - ASN.1 structure reuse memory corruption +* Fixed CVE-2015-0289 - PKCS7 NULL pointer dereferences +* Fixed CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error +* Fixed CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref + +------------------------------------------------------------------- Old: ---- SHA256 SHA256.asc libressl-2.1.4.tar.gz New: ---- libressl-2.1.6.tar.gz libressl-2.1.6.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libressl.spec ++++++ --- /var/tmp/diff_new_pack.86CQUU/_old 2015-03-23 12:17:12.000000000 +0100 +++ /var/tmp/diff_new_pack.86CQUU/_new 2015-03-23 12:17:12.000000000 +0100 @@ -17,7 +17,7 @@ Name: libressl -Version: 2.1.4 +Version: 2.1.6 Release: 0 Summary: An SSL/TLS protocol implementation License: OpenSSL @@ -27,10 +27,9 @@ #Git-Clone: git://github.com/libressl-portable/portable #DL-URL: http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/ Source: http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/%name-%version.tar.gz -Source2: baselibs.conf +Source2: http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/%name-%version.tar.gz.asc Source3: %name.keyring -Source4: SHA256 -Source5: SHA256.asc +Source4: baselibs.conf BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: fdupes BuildRequires: pkg-config ++++++ libressl-2.1.4.tar.gz -> libressl-2.1.6.tar.gz ++++++ ++++ 3705 lines of diff (skipped) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
