Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libressl for openSUSE:Factory checked in at 2022-05-19 22:49:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libressl (Old) and /work/SRC/openSUSE:Factory/.libressl.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libressl" Thu May 19 22:49:45 2022 rev:63 rq:978071 version:3.5.3 Changes: -------- --- /work/SRC/openSUSE:Factory/libressl/libressl.changes 2022-05-05 23:06:50.809591261 +0200 +++ /work/SRC/openSUSE:Factory/.libressl.new.1538/libressl.changes 2022-05-19 22:50:20.454413397 +0200 @@ -1,0 +2,7 @@ +Thu May 19 07:41:31 UTC 2022 - Jan Engelhardt <[email protected]> + +- Update to release 3.5.3 + * Fix d2i_ASN1_OBJECT(). A confusion of two CBS resulted in + advancing the passed *der_in pointer incorrectly. + +------------------------------------------------------------------- Old: ---- libressl-3.5.2.tar.gz libressl-3.5.2.tar.gz.asc New: ---- libressl-3.5.3.tar.gz libressl-3.5.3.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libressl.spec ++++++ --- /var/tmp/diff_new_pack.tYTEhh/_old 2022-05-19 22:50:21.002414099 +0200 +++ /var/tmp/diff_new_pack.tYTEhh/_new 2022-05-19 22:50:21.006414104 +0200 @@ -1,7 +1,7 @@ # # spec file for package libressl # -# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,7 +16,7 @@ # Name: libressl -Version: 3.5.2 +Version: 3.5.3 Release: 0 Summary: An SSL/TLS protocol implementation License: OpenSSL ++++++ libressl-3.5.2.tar.gz -> libressl-3.5.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libressl-3.5.2/ChangeLog new/libressl-3.5.3/ChangeLog --- old/libressl-3.5.2/ChangeLog 2022-04-19 22:24:39.000000000 +0200 +++ new/libressl-3.5.3/ChangeLog 2022-05-16 04:39:46.000000000 +0200 @@ -28,6 +28,12 @@ LibreSSL Portable Release Notes: +3.5.3 - Reliability fix + + * Fix d2i_ASN1_OBJECT(). A confusion of two CBS resulted in advancing + the passed *der_in pointer incorrectly. Thanks to Aram Sargsyan for + reporting the issue and testing the fix. + 3.5.2 - Stable release * Bug fixes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libressl-3.5.2/VERSION new/libressl-3.5.3/VERSION --- old/libressl-3.5.2/VERSION 2022-04-20 19:51:56.000000000 +0200 +++ new/libressl-3.5.3/VERSION 2022-05-16 04:54:27.000000000 +0200 @@ -1,2 +1,2 @@ -3.5.2 +3.5.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libressl-3.5.2/configure new/libressl-3.5.3/configure --- old/libressl-3.5.2/configure 2022-04-20 19:52:25.000000000 +0200 +++ new/libressl-3.5.3/configure 2022-05-16 04:55:01.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for libressl 3.5.2. +# Generated by GNU Autoconf 2.69 for libressl 3.5.3. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ # Identity of this package. PACKAGE_NAME='libressl' PACKAGE_TARNAME='libressl' -PACKAGE_VERSION='3.5.2' -PACKAGE_STRING='libressl 3.5.2' +PACKAGE_VERSION='3.5.3' +PACKAGE_STRING='libressl 3.5.3' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1452,7 +1452,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libressl 3.5.2 to adapt to many kinds of systems. +\`configure' configures libressl 3.5.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1523,7 +1523,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libressl 3.5.2:";; + short | recursive ) echo "Configuration of libressl 3.5.3:";; esac cat <<\_ACEOF @@ -1641,7 +1641,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libressl configure 3.5.2 +libressl configure 3.5.3 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2189,7 +2189,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libressl $as_me 3.5.2, which was +It was created by libressl $as_me 3.5.3, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3125,7 +3125,7 @@ # Define the identity of the package. PACKAGE='libressl' - VERSION='3.5.2' + VERSION='3.5.3' cat >>confdefs.h <<_ACEOF @@ -14684,7 +14684,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libressl $as_me 3.5.2, which was +This file was extended by libressl $as_me 3.5.3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -14741,7 +14741,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -libressl config.status 3.5.2 +libressl config.status 3.5.3 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libressl-3.5.2/crypto/asn1/a_object.c new/libressl-3.5.3/crypto/asn1/a_object.c --- old/libressl-3.5.2/crypto/asn1/a_object.c 2022-04-13 23:34:02.000000000 +0200 +++ new/libressl-3.5.3/crypto/asn1/a_object.c 2022-05-16 04:40:49.000000000 +0200 @@ -1,4 +1,4 @@ -/* $OpenBSD: a_object.c,v 1.46 2022/04/10 12:42:33 inoguchi Exp $ */ +/* $OpenBSD: a_object.c,v 1.46.2.1 2022/05/14 15:06:09 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young ([email protected]) * All rights reserved. * @@ -651,7 +651,7 @@ if (!c2i_ASN1_OBJECT_cbs(&aobj, &content)) return NULL; - *pp = CBS_data(&content); + *pp = CBS_data(&cbs); if (out_aobj != NULL) *out_aobj = aobj; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libressl-3.5.2/include/openssl/opensslv.h new/libressl-3.5.3/include/openssl/opensslv.h --- old/libressl-3.5.2/include/openssl/opensslv.h 2022-03-21 09:35:57.000000000 +0100 +++ new/libressl-3.5.3/include/openssl/opensslv.h 2022-05-16 04:40:32.000000000 +0200 @@ -3,9 +3,9 @@ #define HEADER_OPENSSLV_H /* These will change with each release of LibreSSL-portable */ -#define LIBRESSL_VERSION_NUMBER 0x3050200fL +#define LIBRESSL_VERSION_NUMBER 0x3050300fL /* ^ Patch starts here */ -#define LIBRESSL_VERSION_TEXT "LibreSSL 3.5.2" +#define LIBRESSL_VERSION_TEXT "LibreSSL 3.5.3" /* These will never change */ #define OPENSSL_VERSION_NUMBER 0x20000000L
