commit openssl-1_1 for openSUSE:Factory

Mon, 23 Dec 2019 13:39:16 -0800 

Hello community,

here is the log from the commit of package openssl-1_1 for openSUSE:Factory 
checked in at 2019-12-23 22:36:03
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openssl-1_1 (Old)
 and      /work/SRC/openSUSE:Factory/.openssl-1_1.new.6675 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "openssl-1_1"

Mon Dec 23 22:36:03 2019 rev:10 rq:755725 version:1.1.1d

Changes:
--------
--- /work/SRC/openSUSE:Factory/openssl-1_1/openssl-1_1.changes  2019-11-20 
13:42:39.644285832 +0100
+++ /work/SRC/openSUSE:Factory/.openssl-1_1.new.6675/openssl-1_1.changes        
2019-12-23 22:38:14.457841059 +0100
@@ -1,0 +2,8 @@
+Tue Dec 10 16:04:06 UTC 2019 - Pedro Monreal Gonzalez 
<pmonrealgonza...@suse.com>
+
+- Security fix: [bsc#1158809, CVE-2019-1551]
+  * Overflow bug in the x64_64 Montgomery squaring procedure used
+    in exponentiation with 512-bit moduli
+- Add openssl-1_1-CVE-2019-1551.patch
+
+-------------------------------------------------------------------

New:
----
  openssl-1_1-CVE-2019-1551.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ openssl-1_1.spec ++++++
--- /var/tmp/diff_new_pack.1ko1MA/_old  2019-12-23 22:38:15.225841392 +0100
+++ /var/tmp/diff_new_pack.1ko1MA/_new  2019-12-23 22:38:15.233841395 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package openssl-1_1
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -51,6 +51,9 @@
 Patch12:        0005-s390x-assembly-pack-import-chacha-from-cryptogams-re.patch
 Patch13:        0006-s390x-assembly-pack-import-poly-from-cryptogams-repo.patch
 Patch14:        openssl-jsc-SLE-8789-backport_KDF.patch
+# OpenSSL Security Advisory [6 December 2019] bsc#1158809 CVE-2019-1551
+# PATCH-FIX-UPSTREAM Integer overflow in RSAZ modular exponentiation on x86_64
+Patch15:        openssl-1_1-CVE-2019-1551.patch
 BuildRequires:  pkgconfig
 Conflicts:      ssl
 Provides:       ssl
@@ -201,7 +204,7 @@
 # Do not install demo scripts executable under /usr/share/doc
 find demos -type f -perm /111 -exec chmod 644 {} \;
 
-# Place showciphers.c for %doc macro
+# Place showciphers.c for %%doc macro
 cp %{SOURCE5} .
 
 %post -n libopenssl1_1 -p /sbin/ldconfig


++++++ openssl-1_1-CVE-2019-1551.patch ++++++
++++ 1058 lines (skipped)

Reply via email to