lp:ubuntu/oneiric/openssl
- Get this branch:
- bzr branch lp:ubuntu/oneiric/openssl
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 61. By Marc Deslauriers
-
The previous change moved the notification to major upgrades only, but
in fact, we do want the sysadmin to be notified when security updates
are installed, without having services automatically restarted.
(LP: #244250) - 60. By Anders Kaseorg
-
Only issue a restart required notification on important upgrades, and
not other actions such as reconfiguration or initial installation.
(LP: #244250) - 59. By Loïc Minier
-
Unapply patch c_rehash-multi and comment it out in the series as it breaks
parsing of certificates with CRLF line endings and other cases (see
Debian #642314 for discussion), it also changes the semantics of c_rehash
directories by requiring applications to parse hash link targets as files
containing potentially *multiplecertificates rather than exactly one.
LP: #855454. - 58. By Steve Beattie
-
* Resynchronise with Debian, fixes CVE-2011-1945, CVE-2011-3207 and
CVE-2011-3210 (LP: #850608). Remaining changes:
- debian/libssl1. 0.0.postinst:
+ Display a system restart required notification bubble on libssl1.0.0
upgrade.
+ Use a different priority for libssl1.0.0/restart- services depending
on whether a desktop, or server dist-upgrade is being performed.
- debian/{libssl1. 0.0-udeb. dirs, control, rules}: Create
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
in Debian).
- debian/{libcrypto1. 0.0-udeb. dirs, libssl1.0.0.dirs, libssl1.0.0.files,
rules}: Move runtime libraries to /lib, for the benefit of
wpasupplicant.
- debian/patches/ aesni.patch: Backport Intel AES-NI support, now from
http://rt.openssl. org/Ticket/ Display. html?id= 2065 rather than the
0.9.8 variant.
- debian/patches/ Bsymbolic- functions. patch: Link using
-Bsymbolic-functions.
- debian/patches/ perlpath- quilt.patch: Don't change perl #! paths under
.pc.
- debian/rules:
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
+ Don't build for processors no longer supported: i486, i586 (on
i386), v8 (on sparc).
+ Fix Makefile to properly clean up libs/ dirs in clean target.
+ Replace duplicate files in the doc directory with symlinks.
* debian/libssl1. 0.0.postinst: only display restart notification on
servers (LP: #244250) - 55. By Colin Watson
-
* Resynchronise with Debian (LP: #675566). Remaining changes:
- debian/libssl1. 0.0.postinst:
+ Display a system restart required notification bubble on libssl1.0.0
upgrade.
+ Use a different priority for libssl1.0.0/restart- services depending
on whether a desktop, or server dist-upgrade is being performed.
- debian/{libssl1. 0.0-udeb. dirs, control, rules}: Create
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
in Debian).
- debian/{libcrypto1. 0.0-udeb. dirs, libssl1.0.0.dirs, libssl1.0.0.files,
rules}: Move runtime libraries to /lib, for the benefit of
wpasupplicant.
- debian/patches/ aesni.patch: Backport Intel AES-NI support, now from
http://rt.openssl. org/Ticket/ Display. html?id= 2065 rather than the
0.9.8 variant.
- debian/patches/ Bsymbolic- functions. patch: Link using
-Bsymbolic-functions.
- debian/patches/ perlpath- quilt.patch: Don't change perl #! paths under
.pc.
- debian/rules:
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
+ Don't build for processors no longer supported: i486, i586 (on
i386), v8 (on sparc).
+ Fix Makefile to properly clean up libs/ dirs in clean target.
+ Replace duplicate files in the doc directory with symlinks.
* Update architectures affected by Bsymbolic-functions. patch.
* Drop debian/patches/ no-sslv2. patch; Debian now adds the 'no-ssl2'
configure option, which compiles out SSLv2 support entirely, so this is
no longer needed.
* Drop openssl-doc in favour of the libssl-doc package introduced by
Debian. Add Conflicts/Replaces until the next LTS release. - 54. By Artur Rona
-
* Merge from debian unstable. Remaining changes: (LP: #718205)
- d/libssl0.9.8.postinst:
+ Display a system restart required notification bubble
on libssl0.9.8 upgrade.
+ Use a different priority for libssl0.9.8/restart- services
depending on whether a desktop, or server dist-upgrade
is being performed.
- d/{libssl0.9.8-udeb. dirs, control, rules}: Create
libssl0.9.8-udeb, for the benefit of wget-udeb (no wget-udeb
package in Debian).
- d/{libcrypto0.9.8-udeb. dirs, libssl0.9.8.dirs, libssl0.9.8.files,
rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant.
- d/{control, openssl-doc.docs, openssl.docs, openssl.dirs}:
+ Ship documentation in openssl-doc, suggested by the package.
(Closes: #470594)
- d/p/aesni.patch: Backport Intel AES-NI support from
http://rt.openssl. org/Ticket/ Display. html?id= 2067 (refreshed)
- d/p/Bsymbolic-functions. patch: Link using -Bsymbolic- functions.
- d/p/perlpath-quilt.patch: Don't change perl #! paths under .pc.
- d/p/no-sslv2.patch: Disable SSLv2 to match NSS and GnuTLS.
The protocol is unsafe and extremely deprecated. (Closes: #589706)
- d/rules:
+ Disable SSLv2 during compile. (Closes: #589706)
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
(Closes: #465248)
+ Don't build for processors no longer supported: i486, i586
(on i386), v8 (on sparc).
+ Fix Makefile to properly clean up libs/ dirs in clean target.
(Closes: #611667)
+ Replace duplicate files in the doc directory with symlinks.
* This upload fixed CVE: (LP: #718208)
- CVE-2011-0014 - 52. By Artur Rona
-
* Merge from debian unstable. Remaining changes: (LP: #693902)
- debian/patches/ Bsymbolic- functions. patch: Link using
-Bsymbolic-functions.
- Use a different priority for libssl0.9.8/restart- services
depending on whether a desktop, or server dist-upgrade is being
performed.
- Display a system restart required notification bubble on libssl0.9.8
upgrade.
- Don't build for processors no longer supported: i486, i586
(on i386), v8 (on sparc).
- Create libssl0.9.8-udeb, for the benefit of wget-udeb (no
wget-udeb package in Debian).
- Replace duplicate files in the doc directory with symlinks.
- Move runtime libraries to /lib, for the benefit of wpasupplicant.
- Ship documentation in openssl-doc, suggested by the package.
(Closes: #470594)
- Use host compiler when cross-building. Patch from Neil Williams.
(Closes: #465248).
- Don't run 'make test' when cross-building.
- debian/patches/ aesni.patch: Backport Intel AES-NI support from
http://rt.openssl. org/Ticket/ Display. html?id= 2067 (refreshed)
- debian/patches/ perlpath- quilt.patch: Don't change perl #! paths
under .pc.
- debian/patches/ no-sslv2. patch: disable SSLv2 to match NSS
and GnuTLS. The protocol is unsafe and extremely deprecated.
(Closes: #589706)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/precise/openssl