public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Tomas Mraz <tmraz@fedoraproject.org>
To: git-commits@fedoraproject.org
Subject: [rpms/openssl] rebase_40beta: minor upstream release 1.0.2d fixing a high severity security issue
Date: Tue, 09 Jun 2026 12:43:37 GMT [thread overview]
Message-ID: <178100901790.1.7111868969174111534.rpms-openssl-5675d07a144a@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/openssl
Branch : rebase_40beta
Commit : 5675d07a144aa1a6c85f488a95aeea7854e86059
Author : Tomas Mraz <tmraz@fedoraproject.org>
Date : 2015-07-09T17:25:58+02:00
Stats : +89/-97 in 5 file(s)
URL : https://src.fedoraproject.org/rpms/openssl/c/5675d07a144aa1a6c85f488a95aeea7854e86059?branch=rebase_40beta
Log:
minor upstream release 1.0.2d fixing a high severity security issue
---
diff --git a/.gitignore b/.gitignore
index c044edf..999c732 100644
--- a/.gitignore
+++ b/.gitignore
@@ -24,3 +24,4 @@ openssl-1.0.0a-usa.tar.bz2
/openssl-1.0.1k-hobbled.tar.xz
/openssl-1.0.2a-hobbled.tar.xz
/openssl-1.0.2c-hobbled.tar.xz
+/openssl-1.0.2d-hobbled.tar.xz
diff --git a/openssl-1.0.2a-manfix.patch b/openssl-1.0.2a-manfix.patch
deleted file mode 100644
index 91071b0..0000000
--- a/openssl-1.0.2a-manfix.patch
+++ /dev/null
@@ -1,93 +0,0 @@
-diff -up openssl-1.0.2a/doc/apps/ec.pod.manfix openssl-1.0.2a/doc/apps/ec.pod
---- openssl-1.0.2a/doc/apps/ec.pod.manfix 2015-01-20 13:33:36.000000000 +0100
-+++ openssl-1.0.2a/doc/apps/ec.pod 2015-04-21 17:39:20.084574580 +0200
-@@ -93,10 +93,6 @@ prints out the public, private key compo
-
- this option prevents output of the encoded version of the key.
-
--=item B<-modulus>
--
--this option prints out the value of the public key component of the key.
--
- =item B<-pubin>
-
- by default a private key is read from the input file: with this option a
-diff -up openssl-1.0.2a/doc/apps/openssl.pod.manfix openssl-1.0.2a/doc/apps/openssl.pod
---- openssl-1.0.2a/doc/apps/openssl.pod.manfix 2015-01-20 13:33:36.000000000 +0100
-+++ openssl-1.0.2a/doc/apps/openssl.pod 2015-04-21 17:39:20.084574580 +0200
-@@ -163,7 +163,7 @@ Create or examine a netscape certificate
-
- Online Certificate Status Protocol utility.
-
--=item L<B<passwd>|passwd(1)>
-+=item L<B<passwd>|sslpasswd(1)>
-
- Generation of hashed passwords.
-
-@@ -187,7 +187,7 @@ Public key algorithm parameter managemen
-
- Public key algorithm cryptographic operation utility.
-
--=item L<B<rand>|rand(1)>
-+=item L<B<rand>|sslrand(1)>
-
- Generate pseudo-random bytes.
-
-@@ -401,9 +401,9 @@ L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkc
- L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
- L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
- L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
--L<passwd(1)|passwd(1)>,
-+L<sslpasswd(1)|sslpasswd(1)>,
- L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
--L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
-+L<sslrand(1)|sslrand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
- L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
- L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
- L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
-diff -up openssl-1.0.2a/doc/apps/s_client.pod.manfix openssl-1.0.2a/doc/apps/s_client.pod
---- openssl-1.0.2a/doc/apps/s_client.pod.manfix 2015-04-21 17:39:20.085574603 +0200
-+++ openssl-1.0.2a/doc/apps/s_client.pod 2015-04-21 17:41:00.215924162 +0200
-@@ -34,6 +34,9 @@ B<openssl> B<s_client>
- [B<-ssl2>]
- [B<-ssl3>]
- [B<-tls1>]
-+[B<-tls1_1>]
-+[B<-tls1_2>]
-+[B<-dtls1>]
- [B<-no_ssl2>]
- [B<-no_ssl3>]
- [B<-no_tls1>]
-@@ -200,7 +203,7 @@ Use the PSK key B<key> when using a PSK
- given as a hexadecimal number without leading 0x, for example -psk
- 1a2b3c4d.
-
--=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
-+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
-
- these options disable the use of certain SSL or TLS protocols. By default
- the initial handshake uses a method which should be compatible with all
-diff -up openssl-1.0.2a/doc/apps/s_server.pod.manfix openssl-1.0.2a/doc/apps/s_server.pod
---- openssl-1.0.2a/doc/apps/s_server.pod.manfix 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/doc/apps/s_server.pod 2015-04-21 17:39:20.085574603 +0200
-@@ -212,7 +212,7 @@ Use the PSK key B<key> when using a PSK
- given as a hexadecimal number without leading 0x, for example -psk
- 1a2b3c4d.
-
--=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
-+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
-
- these options disable the use of certain SSL or TLS protocols. By default
- the initial handshake uses a method which should be compatible with all
-diff -up openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod.manfix openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod
---- openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod.manfix 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod 2015-04-22 20:12:43.082395251 +0200
-@@ -2,7 +2,7 @@
-
- =head1 NAME
-
--SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file
-+SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file - load serverinfo extensions
-
- =head1 SYNOPSIS
-
diff --git a/openssl-1.0.2d-manfix.patch b/openssl-1.0.2d-manfix.patch
new file mode 100644
index 0000000..b509a2b
--- /dev/null
+++ b/openssl-1.0.2d-manfix.patch
@@ -0,0 +1,81 @@
+diff -up openssl-1.0.2a/doc/apps/ec.pod.manfix openssl-1.0.2a/doc/apps/ec.pod
+--- openssl-1.0.2a/doc/apps/ec.pod.manfix 2015-01-20 13:33:36.000000000 +0100
++++ openssl-1.0.2a/doc/apps/ec.pod 2015-04-21 17:39:20.084574580 +0200
+@@ -93,10 +93,6 @@ prints out the public, private key compo
+
+ this option prevents output of the encoded version of the key.
+
+-=item B<-modulus>
+-
+-this option prints out the value of the public key component of the key.
+-
+ =item B<-pubin>
+
+ by default a private key is read from the input file: with this option a
+diff -up openssl-1.0.2a/doc/apps/openssl.pod.manfix openssl-1.0.2a/doc/apps/openssl.pod
+--- openssl-1.0.2a/doc/apps/openssl.pod.manfix 2015-01-20 13:33:36.000000000 +0100
++++ openssl-1.0.2a/doc/apps/openssl.pod 2015-04-21 17:39:20.084574580 +0200
+@@ -163,7 +163,7 @@ Create or examine a netscape certificate
+
+ Online Certificate Status Protocol utility.
+
+-=item L<B<passwd>|passwd(1)>
++=item L<B<passwd>|sslpasswd(1)>
+
+ Generation of hashed passwords.
+
+@@ -187,7 +187,7 @@ Public key algorithm parameter managemen
+
+ Public key algorithm cryptographic operation utility.
+
+-=item L<B<rand>|rand(1)>
++=item L<B<rand>|sslrand(1)>
+
+ Generate pseudo-random bytes.
+
+@@ -401,9 +401,9 @@ L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkc
+ L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
+ L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
+ L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
+-L<passwd(1)|passwd(1)>,
++L<sslpasswd(1)|sslpasswd(1)>,
+ L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
+-L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
++L<sslrand(1)|sslrand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
+ L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
+ L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
+ L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
+diff -up openssl-1.0.2a/doc/apps/s_client.pod.manfix openssl-1.0.2a/doc/apps/s_client.pod
+--- openssl-1.0.2a/doc/apps/s_client.pod.manfix 2015-04-21 17:39:20.085574603 +0200
++++ openssl-1.0.2a/doc/apps/s_client.pod 2015-04-21 17:41:00.215924162 +0200
+@@ -34,6 +34,9 @@ B<openssl> B<s_client>
+ [B<-ssl2>]
+ [B<-ssl3>]
+ [B<-tls1>]
++[B<-tls1_1>]
++[B<-tls1_2>]
++[B<-dtls1>]
+ [B<-no_ssl2>]
+ [B<-no_ssl3>]
+ [B<-no_tls1>]
+@@ -200,7 +203,7 @@ Use the PSK key B<key> when using a PSK
+ given as a hexadecimal number without leading 0x, for example -psk
+ 1a2b3c4d.
+
+-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
++=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+
+ these options disable the use of certain SSL or TLS protocols. By default
+ the initial handshake uses a method which should be compatible with all
+diff -up openssl-1.0.2a/doc/apps/s_server.pod.manfix openssl-1.0.2a/doc/apps/s_server.pod
+--- openssl-1.0.2a/doc/apps/s_server.pod.manfix 2015-03-19 14:30:36.000000000 +0100
++++ openssl-1.0.2a/doc/apps/s_server.pod 2015-04-21 17:39:20.085574603 +0200
+@@ -212,7 +212,7 @@ Use the PSK key B<key> when using a PSK
+ given as a hexadecimal number without leading 0x, for example -psk
+ 1a2b3c4d.
+
+-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
++=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+
+ these options disable the use of certain SSL or TLS protocols. By default
+ the initial handshake uses a method which should be compatible with all
diff --git a/openssl.spec b/openssl.spec
index 5d2753c..97458b9 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -22,8 +22,8 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
-Version: 1.0.2c
-Release: 3%{?dist}
+Version: 1.0.2d
+Release: 1%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@@ -70,7 +70,7 @@ Patch65: openssl-1.0.2a-chil-fixes.patch
Patch66: openssl-1.0.2a-pkgconfig-krb5.patch
Patch68: openssl-1.0.2a-secure-getenv.patch
Patch70: openssl-1.0.2a-fips-ec.patch
-Patch71: openssl-1.0.2a-manfix.patch
+Patch71: openssl-1.0.2d-manfix.patch
Patch72: openssl-1.0.2a-fips-ctor.patch
Patch73: openssl-1.0.2c-ecc-suiteb.patch
Patch74: openssl-1.0.2a-no-md5-verify.patch
@@ -474,6 +474,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun libs -p /sbin/ldconfig
%changelog
+* Thu Jul 9 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.2d-1
+- minor upstream release 1.0.2d fixing a high severity security issue
+
* Tue Jul 7 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.2c-3
- fix the aarch64 build
diff --git a/sources b/sources
index c5a84d6..172dba7 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-178792e60274974ec47aedc6dc5eba7a openssl-1.0.2c-hobbled.tar.xz
+e777c33ca529b963d5457a21cb11d6c3 openssl-1.0.2d-hobbled.tar.xz
reply other threads:[~2026-06-09 12:43 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178100901790.1.7111868969174111534.rpms-openssl-5675d07a144a@fedoraproject.org \
--to=tmraz@fedoraproject.org \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox