Revisions of openssl-1_0_0
Ana Guerrero (anag+factory)
accepted
request 1126788
from
Otto Hollmann (ohollmann)
(revision 41)
- Security fix: [bsc#1216922, CVE-2023-5678] * Fix excessive time spent in DH check / generation with large Q parameter value. * Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex () or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. * Add openssl-CVE-2023-5678.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 1102939
from
Otto Hollmann (ohollmann)
(revision 40)
- Security fix: (bsc#1213853, CVE-2023-3817) * Fix excessive time spent checking DH q parameter value (bsc#1213853, CVE-2023-3817). The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. If DH_check() is called with such q parameter value, DH_CHECK_INVALID_Q_VALUE return flag is set and the computationally intensive checks are skipped. * Add openssl-1_0-CVE-2023-3817.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 1099702
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 39)
Dominique Leuenberger (dimstar_suse)
accepted
request 1095763
from
Dominique Leuenberger (dimstar_suse)
(revision 38)
Reintroduce change, sync with openssl 3.0
Dominique Leuenberger (dimstar_suse)
committed
(revision 37)
Revert; change needs to be synced with openssl 3.0 update
Dominique Leuenberger (dimstar_suse)
accepted
request 1095610
from
Otto Hollmann (ohollmann)
(revision 36)
- Improve cross-package provides/conflicts [boo#1210313] * Remove Conflicts: ssl * Add Conflicts: openssl(cli) - Security Fix: [bsc#1207534, CVE-2022-4304] * Reworked the Fix for the Timing Oracle in RSA Decryption The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case compared to 1.1.1s. * Reworked openssl-CVE-2022-4304.patch * Refreshed patches: - openssl-CVE-2023-0286.patch - openssl-CVE-2023-0464.patch - openssl-CVE-2023-0465.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 1090920
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 35)
Dominique Leuenberger (dimstar_suse)
accepted
request 1089985
from
Otto Hollmann (ohollmann)
(revision 34)
- Security Fix: [CVE-2023-2650, bsc#1211430] * Possible DoS translating ASN.1 object identifiers * Add openssl-CVE-2023-2650.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 1077222
from
Otto Hollmann (ohollmann)
(revision 33)
- Security Fix: [CVE-2023-0465, bsc#1209878] * Invalid certificate policies in leaf certificates are silently ignored * Add openssl-CVE-2023-0465.patch - Security Fix: [CVE-2023-0466, bsc#1209873] * Certificate policy check not enabled * Add openssl-CVE-2023-0466.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 1074723
from
Otto Hollmann (ohollmann)
(revision 32)
- Security Fix: [CVE-2023-0464, bsc#1209624] * Excessive Resource Usage Verifying X.509 Policy Constraints * Add openssl-CVE-2023-0464.patch - Pass over with spec-cleaner
Dominique Leuenberger (dimstar_suse)
accepted
request 1066748
from
Otto Hollmann (ohollmann)
(revision 31)
Dominique Leuenberger (dimstar_suse)
accepted
request 1063738
from
Martin Pluskal (pluskalm)
(revision 30)
Dominique Leuenberger (dimstar_suse)
accepted
request 1046230
from
Otto Hollmann (ohollmann)
(revision 29)
- Update further expiring certificates that affect tests [bsc#1201627] * Add openssl-Update-further-expiring-certificates.patch
Richard Brown (RBrownFactory)
accepted
request 1007225
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 28)
Dominique Leuenberger (dimstar_suse)
accepted
request 987303
from
Jason Sikes (jsikes)
(revision 27)
Dominique Leuenberger (dimstar_suse)
accepted
request 977471
from
Marcus Meissner (msmeissn)
(revision 26)
Dominique Leuenberger (dimstar_suse)
accepted
request 971746
from
Jason Sikes (jsikes)
(revision 25)
Dominique Leuenberger (dimstar_suse)
accepted
request 917073
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 24)
Displaying revisions 1 - 20 of 43