commit openssl-1_1 for openSUSE:Factory

Thu, 08 Apr 2021 12:01:44 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package openssl-1_1 for openSUSE:Factory 
checked in at 2021-04-08 21:01:22
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openssl-1_1 (Old)
 and      /work/SRC/openSUSE:Factory/.openssl-1_1.new.2401 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "openssl-1_1"

Thu Apr  8 21:01:22 2021 rev:23 rq:882115 version:1.1.1k

Changes:
--------
--- /work/SRC/openSUSE:Factory/openssl-1_1/openssl-1_1.changes  2021-03-12 
13:30:40.978103936 +0100
+++ /work/SRC/openSUSE:Factory/.openssl-1_1.new.2401/openssl-1_1.changes        
2021-04-08 21:01:29.577857052 +0200
@@ -1,0 +2,21 @@
+Thu Mar 25 23:51:47 UTC 2021 - Jason Sikes <[email protected]>
+
+- Update to 1.1.1k
+  * Fixed a problem with verifying a certificate chain when using
+    the X509_V_FLAG_X509_STRICT flag. This flag enables additional
+    security checks of the certificates present in a certificate
+    chain. It is not set by default. ([CVE-2021-3450])
+
+  * Fixed an issue where an OpenSSL TLS server may crash if sent a
+    maliciously crafted renegotiation ClientHello message from a
+    client. If a TLSv1.2 renegotiation ClientHello omits the
+    signature_algorithms extension (where it was present in the
+    initial ClientHello), but includes a signature_algorithms_cert
+    extension then a NULL pointer dereference will result, leading
+    to a crash and a denial of service attack.
+
+    A server is only vulnerable if it has TLSv1.2 and renegotiation
+    enabled (which is the default configuration). OpenSSL TLS
+    clients are not impacted by this issue. ([CVE-2021-3449])
+
+-------------------------------------------------------------------

Old:
----
  openssl-1.1.1j.tar.gz
  openssl-1.1.1j.tar.gz.asc

New:
----
  openssl-1.1.1k.tar.gz
  openssl-1.1.1k.tar.gz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ openssl-1_1.spec ++++++
--- /var/tmp/diff_new_pack.X69BOu/_old  2021-04-08 21:01:33.133860893 +0200
+++ /var/tmp/diff_new_pack.X69BOu/_new  2021-04-08 21:01:33.133860893 +0200
@@ -21,7 +21,7 @@
 %define _rname  openssl
 Name:           openssl-1_1
 # Don't forget to update the version in the "openssl" package!
-Version:        1.1.1j
+Version:        1.1.1k
 Release:        0
 Summary:        Secure Sockets and Transport Layer Security
 License:        OpenSSL

Reply via email to