lp:ubuntu/oneiric/openssl

Branch merges

Propose for merging

1 branch proposed for merging into this one.

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

61. By Marc Deslauriers on 2011-10-04

The previous change moved the notification to major upgrades only, but
in fact, we do want the sysadmin to be notified when security updates
are installed, without having services automatically restarted.
(LP: #244250)

60. By Anders Kaseorg on 2011-10-04

Only issue a restart required notification on important upgrades, and
not other actions such as reconfiguration or initial installation.
(LP: #244250)

Merged branch lp:~andersk/ubuntu/oneiric/openssl/spurious-reboot

Bug #244250: Spurious reboot notifications caused by libssl upgrades.

59. By Loïc Minier on 2011-09-27

Unapply patch c_rehash-multi and comment it out in the series as it breaks
parsing of certificates with CRLF line endings and other cases (see
Debian #642314 for discussion), it also changes the semantics of c_rehash
directories by requiring applications to parse hash link targets as files
containing potentially *multiplecertificates rather than exactly one.
LP: #855454.

58. By Steve Beattie on 2011-09-14

* Resynchronise with Debian, fixes CVE-2011-1945, CVE-2011-3207 and
  CVE-2011-3210 (LP: #850608). Remaining changes:
  - debian/libssl1.0.0.postinst:
    + Display a system restart required notification bubble on libssl1.0.0
      upgrade.
    + Use a different priority for libssl1.0.0/restart-services depending
      on whether a desktop, or server dist-upgrade is being performed.
  - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
    libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
    in Debian).
  - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
    rules}: Move runtime libraries to /lib, for the benefit of
    wpasupplicant.
  - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
    http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
    0.9.8 variant.
  - debian/patches/Bsymbolic-functions.patch: Link using
    -Bsymbolic-functions.
  - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
    .pc.
  - debian/rules:
    + Don't run 'make test' when cross-building.
    + Use host compiler when cross-building. Patch from Neil Williams.
    + Don't build for processors no longer supported: i486, i586 (on
      i386), v8 (on sparc).
    + Fix Makefile to properly clean up libs/ dirs in clean target.
    + Replace duplicate files in the doc directory with symlinks.
* debian/libssl1.0.0.postinst: only display restart notification on
  servers (LP: #244250)

Merged branch lp:~sbeattie/ubuntu/oneiric/openssl/lp850608

Bug #244250: Spurious reboot notifications caused by libssl upgrades.

Bug #850608: Please merge openssl 1.0.0e-2 from debian

57. By Steve Langasek on 2011-08-15

releasing version 1.0.0d-2ubuntu2

56. By Steve Langasek on 2011-08-15

Build for multiarch. LP: #826601.

55. By Colin Watson on 2011-05-01

* Resynchronise with Debian (LP: #675566). Remaining changes:
  - debian/libssl1.0.0.postinst:
    + Display a system restart required notification bubble on libssl1.0.0
      upgrade.
    + Use a different priority for libssl1.0.0/restart-services depending
      on whether a desktop, or server dist-upgrade is being performed.
  - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
    libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
    in Debian).
  - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
    rules}: Move runtime libraries to /lib, for the benefit of
    wpasupplicant.
  - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
    http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
    0.9.8 variant.
  - debian/patches/Bsymbolic-functions.patch: Link using
    -Bsymbolic-functions.
  - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
    .pc.
  - debian/rules:
    + Don't run 'make test' when cross-building.
    + Use host compiler when cross-building. Patch from Neil Williams.
    + Don't build for processors no longer supported: i486, i586 (on
      i386), v8 (on sparc).
    + Fix Makefile to properly clean up libs/ dirs in clean target.
    + Replace duplicate files in the doc directory with symlinks.
* Update architectures affected by Bsymbolic-functions.patch.
* Drop debian/patches/no-sslv2.patch; Debian now adds the 'no-ssl2'
  configure option, which compiles out SSLv2 support entirely, so this is
  no longer needed.
* Drop openssl-doc in favour of the libssl-doc package introduced by
  Debian. Add Conflicts/Replaces until the next LTS release.

54. By Artur Rona on 2011-02-13

* Merge from debian unstable. Remaining changes: (LP: #718205)
  - d/libssl0.9.8.postinst:
    + Display a system restart required notification bubble
      on libssl0.9.8 upgrade.
    + Use a different priority for libssl0.9.8/restart-services
      depending on whether a desktop, or server dist-upgrade
      is being performed.
  - d/{libssl0.9.8-udeb.dirs, control, rules}: Create
    libssl0.9.8-udeb, for the benefit of wget-udeb (no wget-udeb
    package in Debian).
  - d/{libcrypto0.9.8-udeb.dirs, libssl0.9.8.dirs, libssl0.9.8.files,
    rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant.
  - d/{control, openssl-doc.docs, openssl.docs, openssl.dirs}:
    + Ship documentation in openssl-doc, suggested by the package.
     (Closes: #470594)
  - d/p/aesni.patch: Backport Intel AES-NI support from
    http://rt.openssl.org/Ticket/Display.html?id=2067 (refreshed)
  - d/p/Bsymbolic-functions.patch: Link using -Bsymbolic-functions.
  - d/p/perlpath-quilt.patch: Don't change perl #! paths under .pc.
  - d/p/no-sslv2.patch: Disable SSLv2 to match NSS and GnuTLS.
    The protocol is unsafe and extremely deprecated. (Closes: #589706)
  - d/rules:
    + Disable SSLv2 during compile. (Closes: #589706)
    + Don't run 'make test' when cross-building.
    + Use host compiler when cross-building. Patch from Neil Williams.
      (Closes: #465248)
    + Don't build for processors no longer supported: i486, i586
      (on i386), v8 (on sparc).
    + Fix Makefile to properly clean up libs/ dirs in clean target.
      (Closes: #611667)
    + Replace duplicate files in the doc directory with symlinks.
* This upload fixed CVE: (LP: #718208)
  - CVE-2011-0014

53. By Steve Langasek on 2011-01-31

[ Peter Pearse ]
Fix Makefile to properly clean up libs/ dirs in clean target

52. By Artur Rona on 2010-12-23

* Merge from debian unstable. Remaining changes: (LP: #693902)
  - debian/patches/Bsymbolic-functions.patch: Link using
    -Bsymbolic-functions.
  - Use a different priority for libssl0.9.8/restart-services
    depending on whether a desktop, or server dist-upgrade is being
    performed.
  - Display a system restart required notification bubble on libssl0.9.8
    upgrade.
  - Don't build for processors no longer supported: i486, i586
    (on i386), v8 (on sparc).
  - Create libssl0.9.8-udeb, for the benefit of wget-udeb (no
    wget-udeb package in Debian).
  - Replace duplicate files in the doc directory with symlinks.
  - Move runtime libraries to /lib, for the benefit of wpasupplicant.
  - Ship documentation in openssl-doc, suggested by the package.
    (Closes: #470594)
  - Use host compiler when cross-building. Patch from Neil Williams.
    (Closes: #465248).
  - Don't run 'make test' when cross-building.
  - debian/patches/aesni.patch: Backport Intel AES-NI support from
    http://rt.openssl.org/Ticket/Display.html?id=2067 (refreshed)
  - debian/patches/perlpath-quilt.patch: Don't change perl #! paths
    under .pc.
  - debian/patches/no-sslv2.patch: disable SSLv2 to match NSS
    and GnuTLS. The protocol is unsafe and extremely deprecated.
    (Closes: #589706)