On Wed, Mar 02, 2016 at 08:06:31AM +0100, Patrick Schaaf wrote:
> On Wed, Mar 2, 2016 at 7:58 AM, Michal Kubecek wrote:
> > This is surprising as current evergreen 11.4 openssl update (version
> > 1.0.1p-68.2) does present exactly the same version (0x1000110f) which
> > was one of the reasons why
On Wed, Mar 2, 2016 at 7:58 AM, Michal Kubecek wrote:
> This is surprising as current evergreen 11.4 openssl update (version
> 1.0.1p-68.2) does present exactly the same version (0x1000110f) which
> was one of the reasons why I did cherry pick CVE related fixes from
> 1.0.1 branch since 1.0.1p ins
On Wed, Mar 02, 2016 at 07:29:02AM +0100, Patrick Schaaf wrote:
> On Tue, Mar 1, 2016 at 11:49 PM, Michal Kubecek wrote:
> > http://download.opensuse.org/repositories/home:/mkubecek:/branches:/Evergreen_Maintained:/openssl/openSUSE_Evergreen_11.4/
>
> I'm going to test that on a VM which makes ou
> http://download.opensuse.org/repositories/home:/mkubecek:/branches:/Evergreen_Maintained:/openssl/openSUSE_Evergreen_11.4/
>> Installing: openssh-5.8p1-4.1 [done]
ARGH. I'm stupid. Forget that. I copied the normal evergreen .repo
file and changed the baseurl only, so I had two repo files with th
On Wed, Mar 2, 2016 at 7:29 AM, Patrick Schaaf wrote:
> On Tue, Mar 1, 2016 at 11:49 PM, Michal Kubecek wrote:
>> http://download.opensuse.org/repositories/home:/mkubecek:/branches:/Evergreen_Maintained:/openssl/openSUSE_Evergreen_11.4/
>
> First observation, upon updating (together with glibc, o
On Tue, Mar 1, 2016 at 11:49 PM, Michal Kubecek wrote:
> http://download.opensuse.org/repositories/home:/mkubecek:/branches:/Evergreen_Maintained:/openssl/openSUSE_Evergreen_11.4/
I'm going to test that on a VM which makes outgoing SSL connections
(PHP/curl) all through the day.
First observatio
On Tue, Mar 01, 2016 at 07:05:24PM +0100, Wolfgang Rosenauer wrote:
>
> I'm not sure what to do for 11.4. 11.4 is currently on 1.0.1p and
> probably it's totally acceptable to update it to 1.0.1s?
>
> Anyone up for taking care?
I have packages ready in OBS; they passed openssl testsuite (as part
>
> I'm not sure what to do for 11.4. 11.4 is currently on 1.0.1p and
> probably it's totally acceptable to update it to 1.0.1s?
>
> Anyone up for taking care?
I'll take a look.
Michal
___
Evergreen mailing list
Evergreen@lists.rosenauer.org
http://l
Hi,
please see below. I'd like to add that openSUSE 13.1 still had SSLv2
enabled. Therefore I'm planning to do the same for 13.1 as described
here for SLES and Leap 42.1.
The patch is currently building for 13.1.
I'm not sure what to do for 11.4. 11.4 is currently on 1.0.1p and
probably it's tot