Last commit made on 2013-07-15
Get this branch:
git clone -b applied/ubuntu/saucy-proposed https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

b7c6246... by Matthias Klose on 2013-07-15

Import patches-applied version 1.0.1e-3ubuntu1 to applied/ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 69eaa408f2f7d2ab39f2dcd8f6a791581621b078
Unapplied parent: 77e6a559eef0c18800e934435a64a2b004e2da30

New changelog entries:
  * Merge with Debian, remaining changes.
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building. Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates rather
      than exactly one.
    - debian/patches/tls12_workarounds.patch: Workaround large client hello
      issues when TLS 1.1 and lower is in use
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
    - debian/patches/ubuntu_deb676533_arm_asm.patch: Enable arm assembly
    - debian/patches/arm64-support: Add basic arm64 support (no assembler)
    - debian/rules: Enable optimized 64bit elliptic curve code contributed
      by Google.
  * debian/patches/tls12_workarounds.patch: updated to also disable TLS 1.2
    in test suite since we disable it in the client.
  * Disable compression to avoid CRIME systemwide (CVE-2012-4929).
  * Dropped changes:
    - debian/patches/ubuntu_deb676533_arm_asm.patch, applied in Debian.

77e6a55... by Matthias Klose on 2013-07-15

Only enable zlib if OPENSSL_DEFAULT_ZLIB is defined in the

Gbp-Pq: openssl-1.0.1e-env-zlib.patch.

7a5df5b... by Matthias Klose on 2013-07-15

Add arm64 support

Gbp-Pq: arm64-support.

c124a48... by Matthias Klose on 2013-07-15

Work around TLS 1.2 failures for some broken servers that

Gbp-Pq: tls12_workarounds.patch.

af6ff26... by Matthias Klose on 2013-07-15


No DEP3 Subject or Description header found

Gbp-Pq: perlpath-quilt.patch.

140dd40... by Matthias Klose on 2013-07-15


No DEP3 Subject or Description header found

Gbp-Pq: openssl_fix_for_x32.patch.

fd0775b... by Matthias Klose on 2013-07-15

Fix for SSL_get_certificate

Gbp-Pq: get_certificate.patch.

6a0bbb9... by Matthias Klose on 2013-07-15

Check DTLS_BAD_VER for version number.

Gbp-Pq: dtls_version.patch.

7de084c... by Matthias Klose on 2013-07-15

e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms.

Gbp-Pq: aesni-mac.patch.

2affadf... by Matthias Klose on 2013-07-15

x86cpuid.pl: make it work with older CPUs.

Gbp-Pq: cpuid.patch.