Ubuntu
openssl package

lp:~nvalcarcel/ubuntu/maverick/openssl/openssl-merge

  1. Maverick (10.10)
  2. openssl-merge
Created by Nicolas Valcarcel and last modified
Get this branch:
bzr branch lp:~nvalcarcel/ubuntu/maverick/openssl/openssl-merge
Only Nicolas Valcarcel can upload to this branch. If you are Nicolas Valcarcel please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Nicolas Valcarcel
Status:
Development

Recent revisions

50. By Nicolas Valcarcel

added configure.patch

49. By Nicolas Valcarcel

fix configure.patch

48. By Nicolas Valcarcel

add perl-path.diff

47. By Nicolas Valcarcel

strip patches out of the source

46. By Nicolas Valcarcel

removed unneded patches

45. By Nicolas Valcarcel

Merge from debian unstable, remaining changes (LP: #581167):

44. By Nicolas Valcarcel

* Merge from debian unstable, remaining changes (LP: #493392):
  - Link using -Bsymbolic-functions
  - Add support for lpia
  - Disable SSLv2 during compile
  - Ship documentation in openssl-doc, suggested by the package.
  - Use a different priority for libssl0.9.8/restart-services
    depending on whether a desktop, or server dist-upgrade is being
    performed.
  - Display a system restart required notification bubble on libssl0.9.8
    upgrade.
  - Replace duplicate files in the doc directory with symlinks.
  - Move runtime libraries to /lib, for the benefit of wpasupplicant
  - Use host compiler when cross-building
  - Don't run 'make test' when cross-building.
  - Create libssl0.9.8-udeb, for the benefit of wget-udeb
* New upstream version.
  - Fixes CVE-2010-0740.
  - Drop cfb.patch, applied upstream.
* Revert CFB block length change preventing reading older files.
  (Closes: #571810, #571940)
* New upstream version
  - Implements RFC5746, reenables renegotiation but requires the extension.
  - Fixes CVE-2009-3245
  - Drop patches CVE-2009-4355.patch, CVE-2009-1378.patch,
    CVE-2009-1377.patch, CVE-2009-1379.patch, CVE-2009-3555.patch,
    CVE-2009-2409.patch, CVE-2009-1387.patch, tls_ext_v3.patch,
    no_check_self_signed.patch: applied upstream
  - pk7_mime_free.patch removed, code rewritten
  - ca.diff partially applied upstream
  - engines-path.patch adjusted, upstream made some minor changes to the
    build system.
  - some flags changed values, bump shlibs.
* Switch to 3.0 (quilt) source package.
* Make sure the package is properly cleaned.
* Add ${misc:Depends} to the Depends on all packages.
* Fix spelling of extension in the changelog file.
* Clean up zlib state so that it will be reinitialized on next use and
  not cause a memory leak. (CVE-2009-4355, CVE-2008-1678)
* Don't add extensions to ssl v3 connections. It breaks with some
* CA.sh should use the v3_ca extension when called with -newca

43. By Marc Deslauriers

* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via unchecked return values
  - debian/patches/CVE-2009-3245.patch: check bn_wexpand return value in
    crypto/bn/{bn_div.c,bn_gf2m.c,bn_mul.c}, crypto/ec/ec2_smpl.c,
    engines/e_ubsec.c.
  - CVE-2009-3245
* SECURITY UPDATE: denial of service via "record of death"
  - debian/patches/CVE-2010-0740.patch: only send back minor version
    number in ssl/s3_pkt.c.
  - CVE-2010-0740

42. By Marc Deslauriers

debian/patches/dtls-compatibility.patch: backport dtls compatibility
code from 0.9.8m to fix interopability. (LP: #516318)

41. By Colin Watson

* Backport Intel AES-NI support from
  http://rt.openssl.org/Ticket/Display.html?id=2067 (LP: #485518).
* Don't change perl #! paths under .pc.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/maverick/openssl
This branch contains Public information 
Everyone can see this information.