Overview
Request 893862 accepted
- Update to version 20200921 (fixes bsc#1183836, bsc#1181866):
* Add SSL_CIPHER_get_protocol_id.
* Add TrustTokenV2.
* Add X509_get_pathlen and X509_REVOKED_get0_extensions.
* Add some accommodations for FreeRDP
* Require non-NULL store in X509_STORE_CTX_init.
* Const-correct X509V3_CONF_METHOD.
* Avoid unions in X509_NAME logic.
* Bump OPENSSL_VERSION_NUMBER to 1.1.1.
* Document more of x509.h.
* Fix potential leak in bssl::Array::Shrink.
* Remove ASN1_STRING_length_set.
* Revert "Check AlgorithmIdentifier parameters for RSA and ECDSA signatures."
* Implement PSK variants of HPKE setup functions.
* acvp: support working with files.
* Document a few more functions in x509.h.
* Add subject key ID and authority key ID accessors.
* Remove sxnet and pkey_usage_period extensions.
* Const-correct various X509 functions.
* Make X509_set_not{Before,After} functions rather than macros.
* Add X509_get0_uids from OpenSSL 1.1.0.
* Bound RSA and DSA key sizes better.
* Add set1 versions of X509 timestamp setters.
* Consistently sort generated build files.
* delocate: use 64-bit GOT offsets in the large memory model.
* Update HPKE implementation and test vectors to draft-irtf-cfrg-hpke-05.
* Handle NULL arguments in some i2d_* functions.
* aarch64: support BTI and pointer authentication in assembly
* Support delegated credentials verison 06
* delocation: large memory model support. (forwarded request 893861 from mrostecki)
Which other package is going to need the -source subpackage?
We're going to use it in envoy-proxy as soon we're done with updating it to 1.14.x.
Currently (with 1.12.2 version) we are using github.com/envoyproxy/envoy-openssl to make Envoy compatible with OpenSSL, but unfortunately, those hacks are not following the newest Envoy changes, rebasing/updating them will be very hard and will take long time. We seriously need to come up with some better approach of making Envoy compatible with OpenSSL (either some scripts patching the code on demand or pushing for upstream support), but for now I see no better option than just using BoringSSL (SLE and CaaSP folks are fine with that as a temporary solution).
Request History
mrostecki created request
- Update to version 20200921 (fixes bsc#1183836, bsc#1181866):
* Add SSL_CIPHER_get_protocol_id.
* Add TrustTokenV2.
* Add X509_get_pathlen and X509_REVOKED_get0_extensions.
* Add some accommodations for FreeRDP
* Require non-NULL store in X509_STORE_CTX_init.
* Const-correct X509V3_CONF_METHOD.
* Avoid unions in X509_NAME logic.
* Bump OPENSSL_VERSION_NUMBER to 1.1.1.
* Document more of x509.h.
* Fix potential leak in bssl::Array::Shrink.
* Remove ASN1_STRING_length_set.
* Revert "Check AlgorithmIdentifier parameters for RSA and ECDSA signatures."
* Implement PSK variants of HPKE setup functions.
* acvp: support working with files.
* Document a few more functions in x509.h.
* Add subject key ID and authority key ID accessors.
* Remove sxnet and pkey_usage_period extensions.
* Const-correct various X509 functions.
* Make X509_set_not{Before,After} functions rather than macros.
* Add X509_get0_uids from OpenSSL 1.1.0.
* Bound RSA and DSA key sizes better.
* Add set1 versions of X509 timestamp setters.
* Consistently sort generated build files.
* delocate: use 64-bit GOT offsets in the large memory model.
* Update HPKE implementation and test vectors to draft-irtf-cfrg-hpke-05.
* Handle NULL arguments in some i2d_* functions.
* aarch64: support BTI and pointer authentication in assembly
* Support delegated credentials verison 06
* delocation: large memory model support. (forwarded request 893861 from mrostecki)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar_suse set openSUSE:Factory:Staging:N as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:N"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:N"
dimstar accepted review
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:N got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:N got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:N got accepted.
Please add it to openSUSE:Factory:Staging:Gcc7
It should go now to Staging:N.