Publishing details
Changelog
openssl (1.1.0f-2~ubuntu14.04.1+deb.sury.org+1) trusty; urgency=medium
* No-change backport to trusty
openssl (1.1.0f-2) unstable; urgency=medium
* Change the debhelper compatibility back to 9
* Set correct gbp.conf
* Disable running tests in the PPA
openssl (1.1.0f-1) unstable; urgency=medium
* New upstream version
- Fix regression in req -x509 (Closes: #839575)
- Properly detect features on the AMD Ryzen processor (Closes: #861145)
- Don't mention -tls1_3 in the manpage (Closes: #859191)
* Update libssl1.1.symbols for new symbols
* Update man-section.patch
openssl (1.1.0e-2) unstable; urgency=medium
* Make openssl depend on perl-base (Closes: #860254)
openssl (1.1.0e-1) unstable; urgency=high
* New upstream version
- Fixes CVE-2017-3733
- Remove patches that are applied upstream.
openssl (1.1.0d-2) unstable; urgency=medium
* Fix building of arch and all packages in a minimal environment
(Closes: #852900).
* Fix precomputing SHA1 by adding the following patches from upstream:
- Add-a-couple-of-test-to-check-CRL-fingerprint.patch
- Document-what-EXFLAG_SET-is-for-in-x509v3.h.patch
- X509_CRL_digest-ensure-precomputed-sha1-hash-before-.patch
(Closes: #852920).
openssl (1.1.0d-1) unstable; urgency=medium
* New Upstream release
- Fixes CVE-2017-3731
- Fixes CVE-2017-3730
- Fixes CVE-2017-3732
- drop revert_ssl_read.patch and
0001-Add-missing-zdelete-for-some-linux-arches.patch, applied upstream.
* add new symbols.
openssl (1.1.0c-4) unstable; urgency=medium
* Make build-indep build again.
* Don't depend on perl:any in openssl as it breaks debootstrap
("Closes: #852017).
openssl (1.1.0c-3) unstable; urgency=medium
* Add myself as Uploader.
* Add support for tilegx, patch by Helmut Grohne (Closes: #848957).
* redo the rules file to some newer debhelper:
- everyfile should remain, nothing should get lost
- the scripts in the doc package gained an exec bit
- openssl gained a dep on perl (the package contains perl scripts)
- libssl1.0.2-dbg is gone, we have dbgsym now
- dh compat 10
- pkg.install instead of pkg.files is used for install
* Mark libssl-doc as MA foreign
* Update Standards-Version from 3.9.5 to 3.9.8. No changes required.
* Document the change for openssl's enc command between 1.1.0 and pre 1.1.0
in the NEWS file (Closes: #843064).
* Add an override for lintian for the non-standard private directory
openssl (1.1.0c-2) unstable; urgency=medium
* Revert behaviour of SSL_read() and SSL_write(), and update documentation.
(Closes: #844234)
* Add missing -zdelete on x32 (Closes: #844715)
* Add a Breaks on salt-common. Addresses #844706
openssl (1.1.0c-1) unstable; urgency=medium
* New upstrem release
- Fix CVE-2016-7053
- Fix CVE-2016-7054
- Fix CVE-2016-7055
* remove no-rpath.patch, applied upstream.
* Remove old d2i test cases, use the one from the upstream tarball.
* Update libssl1.1.symbols for new sysmbols.
openssl (1.1.0b-2) unstable; urgency=low
* Upload to unstable
openssl (1.1.0b-1) experimental; urgency=medium
* New upstream release
- Fixes CVE-2016-6309
openssl (1.1.0a-1) experimental; urgency=medium
* New upstream release
- Fix CVE-2016-6304
- Fix CVE-2016-6305
- Fix CVE-2016-6307
- Fix CVE-2016-6308
* Update c_rehash-compat.patch to apply to new version.
* Update symbol file.
openssl (1.1.0-1) experimental; urgency=medium
[ Kurt Roeckx ]
* New upstream version
* Use Package-Type instead of XC-Package-Type
* Remove "Priority: optional" in the binary packages.
* Add Homepage
* Use dpkg-buildflags's LDFLAGS also for building the shared libraries.
[ Sebastian Andrzej Siewior ]
* drop config-hurd.patch, we don't use `config' and it works without the
patch.
* Drop depend on zlib1g-dev since we don't use it anymore (Closes: #767207)
* Make the openssl package Multi-Arch: foregin (Closes: #827028)
openssl (1.1.0~pre6-1) experimental; urgency=medium
[ Sebastian Andrzej Siewior ]
* drop engines-path.patch. Upstream uses a 1.1 suffixes now.
[ Kurt Roeckx ]
* New upstream version
* Drop upstream snapshot
* Update symbols file
* Use some https instead of http URLs
openssl (1.1.0~pre5-5) experimental; urgency=medium
* Update snapshot to commit fe964f0c88f6780fd30b26e306484b981b0a8480
openssl (1.1.0~pre5-4) experimental; urgency=medium
* Update snapshot to commit c32bdbf171ce6650ef045ec47b5abe0de7c264db
* Remove utils-mkdir-p-check-if-dir-exists-also-after-mkdir-f.patch, applied
upstream
openssl (1.1.0~pre5-3) experimental; urgency=medium
[ Kurt Roeckx ]
* Don't use assembler on hppa, it's not writen for Linux.
openssl (1.1.0~pre5-2) experimental; urgency=medium
[ Sebastian Andrzej Siewior ]
* Run the testsuite with verbose output.
* Use $(MAKE) so the whole make environment is passed to its child and we
can build in parallel with -jX
* Update snapshot to commit 5000a6d1215e ("Fix an error path leak in int
X509_ATTRIBUTE_set1_data()")
openssl (1.1.0~pre5-1) experimental; urgency=medium
* New upstream version with soname change. Upload to experimental.
- Rename binary packages
- Remove patches:
- block_diginotar.patch: All cross certificates expired in 2013
- block_digicert_malaysia.patch: intermediate certificates expired in
2015
- man-dir.patch: Fixed upstream
- valgrind.patch: Upstream no longer adds the uninitialized data to the
RNG
- shared-lib-ext.patch: No longer needed
- version-script.patch: Upstream does symbol versioning itself now
- disable_freelist.patch: No longer needed
- soname.patch: Was to change to the 1.0.2 soname that upstream never had
- disable_sslv3_test.patch: Fixed upstream
- libdoc-manpgs-pod-spell.patch: Fixed upstream (Closes: #813191)
- Rewrite debian-targets.patch to work with the new configuration system.
- Update other patches to apply
- Update list of install docs
- Use DESTDIR instead of INSTALL_PREFIX
- Clean up more files
- Remove the configure option enable-tlsext no-ssl2 since they're no
longer supported.
* Add upstream snapshot:
- Add d2i-tests.tar to get new binary test files.
* Don't build i686 optimized version anymore on i386, it's now the default.
(Closes: #823774)
openssl (1.0.2h-1) unstable; urgency=high
* New upstream version
- Fixes CVE-2016-2107
- Fixes CVE-2016-2105
- Fixes CVE-2016-2106
- Fixes CVE-2016-2109
- Fixes CVE-2016-2176
openssl (1.0.2g-2) unstable; urgency=medium
* Use assembler of arm64 (Closes: #794326)
Patch from Riku Voipio <email address hidden>
* Add a udeb for libssl, based on similar changes done in Ubuntu
starting in version 0.9.8o-4ubuntu1 (Closes: #802591)
Patch from Margarita Manterola <email address hidden>
* Add support for nios2 (Closes: #816239)
Based on patch from Marek Vasut <email address hidden>
* Update Spanish translation from Manuel "Venturi" Porras Peralta
<email address hidden> (Closes: #773601)
* Don't build an i586 optimized version anymore, the default
already targets that. Patch from Sven Joachim <email address hidden>
(Closes: #759811)
openssl (1.0.2g-1) unstable; urgency=high
* New upstream version
* Fix CVE-2016-0797
* Fix CVE-2016-0798
* Fix CVE-2016-0799
* Fix CVE-2016-0702
* Fix CVE-2016-0705
* Disable EXPORT and LOW ciphers: The DROWN attack (CVE-2016-0800)
makes use of those, and SLOTH attack (CVE-2015-7575) can make use of them
too.
openssl (1.0.2f-2) unstable; urgency=high
* New upstream version.
- Fixes CVE-2016-0701
- Not affected by CVE-2015-3197 because SSLv2 is disabled.
openssl (1.0.2e-1) unstable; urgency=high
* New upstream release
- Fix CVE-2015-3193
- Fix CVE-2015-3194
- Fix CVE-2015-3195
- Fix CVE-2015-3196
* Remove all symlinks during clean
* Run make depend after configure
* Remove openssl_button.* from the doc package
openssl (1.0.2d-3) unstable; urgency=medium
* Upload to unstable
openssl (1.0.2d-2) experimental; urgency=medium
* Build with no-ssl3-method to remove all SSLv3 support. This results in
the functions SSLv3_method(), SSLv3_server_method() and
SSLv3_client_method() being removed from libssl. Change the soname as
result of that and also changes name of the binary package.
(Closes: #768476)
* Enable rfc3779 and cms support (Closes: #630790)
* Fix cross compilation for mips architectures. (Closes: #782492)
openssl (1.0.2d-1) unstable; urgency=high
* New upstream version
- Fixes CVE-2015-1793
openssl (1.0.2c-1) unstable; urgency=medium
* New upstream version
- Fixes ABI (Closes: #788511)
openssl (1.0.2b-1) unstable; urgency=high
* New upstream version
- Fix CVE-2015-4000
- Fix CVE-2015-1788
- Fix CVE-2015-1789
- Fix CVE-2015-1790
- Fix CVE-2015-1792
- Fix CVE-2015-1791
* Update c_rehash-compat.patch to make it apply to the new version.
* Remove openssl-pod-misspell.patch applied upstream
openssl (1.0.2a-1) unstable; urgency=medium
* New upstrema version
- Fix CVE-2015-0286
- Fix CVE-2015-0287
- Fix CVE-2015-0289
- Fix CVE-2015-0293 (not affected, SSLv2 disabled)
- Fix CVE-2015-0209
- Fix CVE-2015-0288
- Fix CVE-2015-0291
- Fix CVE-2015-0290
- Fix CVE-2015-0207
- Fix CVE-2015-0208
- Fix CVE-2015-1787
- Fix CVE-2015-0285
* Temporary enable SSLv3 methods again, but they will go away.
* Don't set TERMIO anymore, use the default TERMIOS instead.
openssl (1.0.2-1) experimental; urgency=medium
* New upstream release
- Fixes CVE-2014-3571
- Fixes CVE-2015-0206
- Fixes CVE-2014-3569
- Fixes CVE-2014-3572
- Fixes CVE-2015-0204
- Fixes CVE-2015-0205
- Fixes CVE-2014-8275
- Fixes CVE-2014-3570
- Drop git_snapshot.patch
* Drop gnu_source.patch, dgst_hmac.patch, stddef.patch,
no_ssl3_method.patch: applied upstream
* Update patches to apply
openssl (1.0.2~beta3-1) experimental; urgency=low
* New usptream beta version
* Add git snapshot
* Merge changes between 1.0.1h-3 and 1.0.1j-1:
- Disables SSLv3 because of CVE-2014-3566
* Drop patch rehash-crt.patch: partially applied upstream.
c_rehash now doesn't support files in DER format anymore.
* Drop patch rehash_pod.patch: applied upstream
* Update c_rehash-compat.patch to apply to new upstream version. This
undoes upstream's "-old" option and creates both the new and old again.
It now also does it for CRLs.
* Drop defaults.patch, applied upstream
* dgst_hmac.patch updated to apply to upstream version.
* engines-path.patch updated to apply to upstream version.
* Update list of exported symbols
* Update symbols files to require beta3
* Enable unit tests
* Add patch to add support for the no-ssl3-method option that completly
disable SSLv3 and pass the option. This drops the following functions
from the library: SSLv3_method, SSLv3_server_method and
SSLv3_client_method
* Build using OPENSSL_NO_BUF_FREELISTS
openssl (1.0.2~beta2-1) experimental; urgency=medium
* New usptream beta version
- Fix CVE-2014-0224
- Fix CVE-2014-0221
- Fix CVE-2014-0195
- Fix CVE-2014-3470
- Fix CVE-2014-0198
- Fix CVE-2010-5298
- Fix CVE-2014-0160
- Fix CVE-2014-0076
* Merge changes between 1.0.1f-1 and 1.0.1h-3:
- postinst: Updated check for restarting services
* libdoc-manpgs-pod-spell.patch and openssl-pod-misspell.patch
partially applied upstream
* Drop fix-pod-errors.patch, applied upstream.
* Add support for ppc64le (Closes: #745657)
* Add support for OpenRISC (Closes: #736772)
openssl (1.0.2~beta1-1) experimental; urgency=medium
* New upstream beta version
- Update list of symbols that should be exported and adjust the symbols
file. This also removes a bunch of duplicate symbols in the linker
file.
- Fix additional pod errors
- Following patches have been applied upstream and are removed:
libssl-misspell.patch, pod_req_misspell2.patch,
pod_pksc12.misspell.patch, pod_s_server.misspell.patch,
pod_x509setflags.misspell.patch, pod_ec.misspell.patch,
pkcs12-doc.patch, req_bits.patch
- Following patches have been partially applied upstream:
libdoc-manpgs-pod-spell.patch, openssl-pod-misspell.patch
- Remove openssl_fix_for_x32.patch, different patch applied upstream.
* Add support for cross compiling (Closes: #465248)
-- Ondřej Surý <email address hidden> Thu, 06 Jul 2017 13:48:05 +0200
Available diffs
- diff from 1.0.2l-0~ubuntu14.04.1+deb.sury.org+ubuntu14.04+1 to 1.1.0f-2~ubuntu14.04.1+deb.sury.org+1 (pending)
Builds
Built packages
-
libcrypto1.1-udeb
Secure Sockets Layer toolkit - libcrypto udeb
-
libssl-dev
Secure Sockets Layer toolkit - development files
-
libssl-doc
Secure Sockets Layer toolkit - development documentation
-
libssl1.1
Secure Sockets Layer toolkit - shared libraries
-
libssl1.1-udeb
ssl shared library - udeb
-
openssl
Secure Sockets Layer toolkit - cryptographic utility
Package files