Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
isv:cpanel:EA4
ea-openssl11
ea-openssl11.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ea-openssl11.spec of Package ea-openssl11
%define pkg_base ea-openssl11 %define provider cpanel %global _prefix /opt/%{provider}/%{pkg_base} %global _opensslconfdir %{_prefix}/etc # end of distribution specific definitions Summary: Cryptography and SSL/TLS Toolkit Name: ea-openssl11 %global _path_version 1.1 Version: 1.1.1w # Doing release_prefix this way for Release allows for OBS-proof versioning, See EA-4544 for more details %define release_prefix 1 Release: %{release_prefix}%{?dist}.cpanel License: OpenSSL Group: System Environment/Libraries URL: https://www.openssl.org/ Vendor: OpenSSL Source0: https://www.openssl.org/source/openssl-%{version}.tar.gz BuildRoot: %{_tmppath}/openssl-%{version}-%{release}-root-%(%{__id_u} -n) Patch0: 0001-Add-shlib_variant-to-get-an-ea-specific-version-of-o.patch %description The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. OpenSSL is based on the excellent SSLeay library developed by Eric Young and Tim Hudson. The OpenSSL toolkit is licensed under an Apache-style license, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions. %package devel Summary: Files for development of applications which will use OpenSSL Group: Development/Libraries Requires: krb5-devel%{?_isa}, zlib-devel%{?_isa} Requires: pkgconfig %description devel OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols. #%package static #Summary: Libraries for static linking of applications which will use OpenSSL #Group: Development/Libraries #Requires: %{name}-devel%{?_isa} = %{version}-%{release} # #%description static #OpenSSL is a toolkit for supporting cryptography. The openssl-static #package contains static libraries needed for static linking of #applications which support various cryptographic algorithms and #protocols. %prep %setup -q -n openssl-%{version} %patch0 -p1 %build # Force dependency resolution to pick /usr/bin/perl instead of /bin/perl # This helps downstream users of our RPMS (see: EA-7468) export PATH="/usr/bin:$PATH" ./config \ -Wl,-rpath=%{_prefix}/%{_lib} \ --prefix=%{_prefix} \ --openssldir=%{_opensslconfdir}/pki/tls \ no-ssl2 no-ssl3 shared -fPIC make depend make all %install rm -rf $RPM_BUILD_ROOT mkdir -p $RPM_BUILD_ROOT%{_prefix}/ssl make DESTDIR=$RPM_BUILD_ROOT install # so PHP et all can find it on 64 bit machines rm -rf $RPM_BUILD_ROOT%{_prefix}/lib64 ln -s %{_prefix}/lib $RPM_BUILD_ROOT/%{_prefix}/lib64 ln -s %{_prefix}/lib/libcrypto-ea.so.%{_path_version} $RPM_BUILD_ROOT/%{_prefix}/lib/libcrypto.so.%{_path_version} ln -s %{_prefix}/lib/libssl-ea.so.%{_path_version} $RPM_BUILD_ROOT/%{_prefix}/lib/libssl.so.%{_path_version} ## Symlink to system certs %__rm -rf $RPM_BUILD_ROOT%{_opensslconfdir}/pki/tls/{cert.pem,certs,misc,private} %__ln_s /etc/pki/tls/cert.pem $RPM_BUILD_ROOT%{_opensslconfdir}/pki/tls/ %__ln_s /etc/pki/tls/certs $RPM_BUILD_ROOT%{_opensslconfdir}/pki/tls/ %__ln_s /etc/pki/tls/misc $RPM_BUILD_ROOT%{_opensslconfdir}/pki/tls/ %__ln_s /etc/pki/tls/private $RPM_BUILD_ROOT%{_opensslconfdir}/pki/tls/ %clean %{__rm} -rf $RPM_BUILD_ROOT %pre %files %defattr(-,root,root,-) %dir %{_prefix}/ %{_prefix}/bin %{_prefix}/lib %{_prefix}/lib64 %docdir %{_prefix}/man %{_prefix}/ssl %{_prefix}/etc %{_prefix}/share %config(noreplace) %{_opensslconfdir}/pki/tls/openssl.cnf %attr(0755,root,root) %{_prefix}/lib/libcrypto-ea.so.%{_path_version} %attr(0755,root,root) %{_prefix}/lib/libssl-ea.so.%{_path_version} %files devel %defattr(-,root,root) %{_prefix}/include %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %changelog * Mon Sep 11 2023 Cory McIntire <cory@cpanel.net> - 1.1.1w-1 - EA-11665: Update ea-openssl11 from v1.1.1v to v1.1.1w - Fix POLY1305 MAC implementation corrupting XMM registers on Windows (CVE-2023-4807) * Tue Aug 01 2023 Cory McIntire <cory@cpanel.net> - 1.1.1v-1 - EA-11578: Update ea-openssl11 from v1.1.1u to v1.1.1v - Fix excessive time spent checking DH q parameter value (CVE-2023-3817) - Fix DH_check() excessive time with over sized modulus (CVE-2023-3446) * Tue May 30 2023 Cory McIntire <cory@cpanel.net> - 1.1.1u-1 - EA-11449: Update ea-openssl11 from v1.1.1t to v1.1.1u - Possible DoS translating ASN.1 object identifiers (CVE-2023-2650) * Tue Apr 04 2023 Julian Brown <julian.brown@cpanel.net> - 1.1.1t-2 - ZC-10047: Do not build on Ubuntu 22 * Tue Feb 07 2023 Cory McIntire <cory@cpanel.net> - 1.1.1t-1 - EA-11213: Update ea-openssl11 from v1.1.1s to v1.1.1t - X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) - Timing Oracle in RSA Decryption (CVE-2022-4304) - Use-after-free following BIO_new_NDEF (CVE-2023-0215) - Double free after calling PEM_read_bio_ex (CVE-2022-4450) * Wed Nov 02 2022 Cory McIntire <cory@cpanel.net> - 1.1.1s-1 - EA-11035: Update ea-openssl11 from v1.1.1q to v1.1.1s * Tue Jul 05 2022 Cory McIntire <cory@cpanel.net> - 1.1.1q-1 - EA-10811: Update ea-openssl11 from v1.1.1p to v1.1.1q * Tue Jun 21 2022 Cory McIntire <cory@cpanel.net> - 1.1.1p-1 - EA-10773: Update ea-openssl11 from v1.1.1o to v1.1.1p - The c_rehash script allows command injection (CVE-2022-2068) * Tue May 03 2022 Cory McIntire <cory@cpanel.net> - 1.1.1o-1 - EA-10676: Update ea-openssl11 from v1.1.1n to v1.1.1o * Tue Mar 15 2022 Cory McIntire <cory@cpanel.net> - 1.1.1n-1 - EA-10564: Update ea-openssl11 from v1.1.1m to v1.1.1n - Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778) * Tue Dec 28 2021 Dan Muey <dan@cpanel.net> - 1.1.1m-2 - ZC-9589: Update DISABLE_BUILD to match OBS * Thu Dec 16 2021 Cory McIntire <cory@cpanel.net> - 1.1.1m-1 - EA-10363: Update ea-openssl11 from v1.1.1l to v1.1.1m * Thu Aug 26 2021 Cory McIntire <cory@cpanel.net> - 1.1.1l-1 - EA-10072: Update ea-openssl11 from v1.1.1k to v1.1.1l * Thu Mar 25 2021 Cory McIntire <cory@cpanel.net> - 1.1.1k-1 - EA-9664: Update ea-openssl11 from v1.1.1j to v1.1.1k * Mon Feb 22 2021 Cory McIntire <cory@cpanel.net> - 1.1.1j-1 - EA-9590: Update ea-openssl11 from v1.1.1i to v1.1.1j Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841) Incorrect SSLv2 rollback protection (CVE-2021-23839) Integer overflow in CipherUpdate (CVE-2021-23840) * Thu Dec 10 2020 Cory McIntire <cory@cpanel.net> - 1.1.1i-1 - EA-9478: Update ea-openssl11 from v1.1.1h to v1.1.1i * Fri Sep 25 2020 Cory McIntire <cory@cpanel.net> - 1.1.1h-1 - EA-9320: Update ea-openssl11 from v1.1.1g to v1.1.1h * Wed Sep 16 2020 Tim Mullin <tim@cpanel.net> - 1.1.1g-3 - EA-9303: Fix ea-openssl11 directory removal flags * Thu May 07 2020 Julian Brown <julian.brown@cpanel.net> - 1.1.1g-2 - ZC-6733: Get it to build on C8 * Tue Apr 21 2020 Cory McIntire <cory@cpanel.net> - 1.1.1g-1 - EA-9017: Update ea-openssl11 from v1.1.1f to v1.1.1g * Thu Apr 02 2020 Cory McIntire <cory@cpanel.net> - 1.1.1f-1 - EA-8961: Update ea-openssl11 from v1.1.1e to v1.1.1f * Fri Mar 27 2020 Cory McIntire <cory@cpanel.net> - 1.1.1e-1 - EA-8946: Update ea-openssl11 from v1.1.1d to v1.1.1e * Wed Sep 25 2019 Julian Brown <julian.brown@cpanel.net> - 1.1.1d-1 - ZC-5506: Create ea-openssl11 package for openssl v1.1.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor