Hello community, here is the log from the commit of package openssl-1_1_0 for openSUSE:Factory checked in at 2017-11-03 16:28:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openssl-1_1_0 (Old) and /work/SRC/openSUSE:Factory/.openssl-1_1_0.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssl-1_1_0" Fri Nov 3 16:28:56 2017 rev:7 rq:538523 version:1.1.0g Changes: -------- --- /work/SRC/openSUSE:Factory/openssl-1_1_0/openssl-1_1_0.changes 2017-09-04 12:34:37.157882069 +0200 +++ /work/SRC/openSUSE:Factory/.openssl-1_1_0.new/openssl-1_1_0.changes 2017-11-03 16:31:10.930383015 +0100 @@ -1,0 +2,12 @@ +Thu Nov 2 19:56:54 UTC 2017 - vci...@suse.com + +- Update to 1.1.0g + OpenSSL Security Advisory [02 Nov 2017] + * bn_sqrx8x_internal carry bug on x86_64 + (CVE-2017-3736) (bsc#1066242) + * Malformed X.509 IPAddressFamily could cause OOB read + (CVE-2017-3735) (bsc#1056058) +- drop 0001-Fix-a-TLSProxy-race-condition.patch (upstream) +- refresh 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch + +------------------------------------------------------------------- Old: ---- 0001-Fix-a-TLSProxy-race-condition.patch openssl-1.1.0f.tar.gz openssl-1.1.0f.tar.gz.asc New: ---- openssl-1.1.0g.tar.gz openssl-1.1.0g.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl-1_1_0.spec ++++++ --- /var/tmp/diff_new_pack.GEyv4T/_old 2017-11-03 16:31:11.834350113 +0100 +++ /var/tmp/diff_new_pack.GEyv4T/_new 2017-11-03 16:31:11.838349967 +0100 @@ -24,7 +24,7 @@ %define maj_min 1.1 %define _rname openssl Name: openssl-1_1_0 -Version: 1.1.0f +Version: 1.1.0g Release: 0 Summary: Secure Sockets and Transport Layer Security License: OpenSSL @@ -66,7 +66,6 @@ Patch59: openssl-fips-clearerror.patch Patch60: openssl-fips-dont-fall-back-to-default-digest.patch Patch61: openssl-disable_rsa_keygen_tests_with_small_modulus.patch -Patch62: 0001-Fix-a-TLSProxy-race-condition.patch BuildRequires: bc BuildRequires: ed BuildRequires: pkgconfig ++++++ 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch ++++++ --- /var/tmp/diff_new_pack.GEyv4T/_old 2017-11-03 16:31:11.886348220 +0100 +++ /var/tmp/diff_new_pack.GEyv4T/_new 2017-11-03 16:31:11.890348075 +0100 @@ -4,11 +4,11 @@ Subject: [PATCH] Axe builtin printf implementation, use glibc instead -Index: openssl-1.1.0f/crypto/bio/b_print.c +Index: openssl-1.1.0g/crypto/bio/b_print.c =================================================================== ---- openssl-1.1.0f.orig/crypto/bio/b_print.c 2017-05-25 14:46:18.000000000 +0200 -+++ openssl-1.1.0f/crypto/bio/b_print.c 2017-05-29 11:59:37.293885541 +0200 -@@ -21,829 +21,6 @@ +--- openssl-1.1.0g.orig/crypto/bio/b_print.c 2017-11-02 15:29:02.000000000 +0100 ++++ openssl-1.1.0g/crypto/bio/b_print.c 2017-11-02 20:48:01.240953505 +0100 +@@ -21,831 +21,6 @@ * on all source code distributions. */ @@ -249,6 +249,7 @@ - break; - case 'E': - flags |= DP_F_UP; +- /* fall thru */ - case 'e': - if (cflags == DP_C_LDOUBLE) - fvalue = va_arg(args, LDOUBLE); @@ -260,6 +261,7 @@ - break; - case 'G': - flags |= DP_F_UP; +- /* fall thru */ - case 'g': - if (cflags == DP_C_LDOUBLE) - fvalue = va_arg(args, LDOUBLE); @@ -838,7 +840,7 @@ int BIO_printf(BIO *bio, const char *format, ...) { va_list args; -@@ -857,30 +34,36 @@ int BIO_printf(BIO *bio, const char *for +@@ -859,30 +34,36 @@ int BIO_printf(BIO *bio, const char *for return (ret); } @@ -896,7 +898,7 @@ return (ret); } -@@ -896,29 +79,21 @@ int BIO_snprintf(char *buf, size_t n, co +@@ -898,29 +79,21 @@ int BIO_snprintf(char *buf, size_t n, co int ret; va_start(args, format); @@ -934,10 +936,10 @@ - return (retlen <= INT_MAX) ? (int)retlen : -1; + return (ret); } -Index: openssl-1.1.0f/test/bioprinttest.c +Index: openssl-1.1.0g/test/bioprinttest.c =================================================================== ---- openssl-1.1.0f.orig/test/bioprinttest.c 2017-05-25 14:46:20.000000000 +0200 -+++ openssl-1.1.0f/test/bioprinttest.c 2017-05-29 11:58:41.305051621 +0200 +--- openssl-1.1.0g.orig/test/bioprinttest.c 2017-11-02 15:29:05.000000000 +0100 ++++ openssl-1.1.0g/test/bioprinttest.c 2017-11-02 20:45:03.446174264 +0100 @@ -200,13 +200,6 @@ int main(int argc, char **argv) dofptest(test++, 66666.0 + frac, width, prec, &fail); } ++++++ openssl-1.1.0-fips.patch ++++++ ++++ 1499 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/openssl-1_1_0/openssl-1.1.0-fips.patch ++++ and /work/SRC/openSUSE:Factory/.openssl-1_1_0.new/openssl-1.1.0-fips.patch