Last commit made on 2008-04-22
Get this branch:
git clone -b ubuntu/hardy https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

25bfffe... by Luke Yelavich on 2008-04-22

Import patches-unapplied version 0.9.8g-4ubuntu3 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: 47340de722ffb33bc20f48e1ff8786a7a2d61f02

New changelog entries:
  * Use a different priority for libssl0.9.8/restart-services depending on whether
    a desktop, or server dist-upgrade is being performed. (LP: #91814)
  * Display a system restart required notification bubble on libssl0.9.8 upgrade.

47340de... by Martin Pitt on 2008-03-11

Import patches-unapplied version 0.9.8g-4ubuntu2 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: 6330bd7ef41132fea6f02c86fcebd69589c3257e

New changelog entries:
  * Ship documentation in new openssl-doc package, since it is very large and
    not terribly useful for the casual desktop user.

6330bd7... by Matthias Klose on 2008-01-29

Import patches-unapplied version 0.9.8g-4ubuntu1 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: f2cbbd30d6245ba151bda002606612896bcb692c

New changelog entries:
  * Merge from unstable; remaining changes:
    - Configure: Add support for lpia.
    - Replace duplicate files in the doc directory with symlinks.
    - Link using -Bsymbolic-functions.
  * Fix aes ige test speed not to overwrite it's buffer and
    cause segfauls. Thanks to Tim Hudson (Closes: #459619)
  * Mark some strings in the templates as non translatable.
    Patch from Christian Perrier <email address hidden> (Closes: #450418)
  * Update Dutch debconf translation (Closes: #451290)
  * Update French debconf translation (Closes: #451375)
  * Update Catalan debconf translation (Closes: #452694)
  * Update Basque debconf translation (Closes: #457285)
  * Update Finnish debconf translation (Closes: #458261)

f2cbbd3... by Matthias Klose on 2007-12-04

Import patches-unapplied version 0.9.8g-3ubuntu1 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: 536eef067229a4ae95986ad4b2df96b926523c87

New changelog entries:
  * Merge with Debian; remaining changes:
    - Configure: Add support for lpia.
    - Replace duplicate files in the doc directory with symlinks.
  * aes-586.pl: push %ebx on the stack before we put some things on the
    stack and call a function, giving AES_decrypt() wrong values to work
    with. (Closes: #449200)
  * Avoid text relocations on i386 caused by the assembler versions:
    - x86unix.pl: Create a function_begin_B_static to create a
      static/local assembler function.
    - aes-586.pl: Use the function_begin_B_static for _x86_AES_decrypt
      so that it doesn't get exported and doesn't have any (text) relocations.
    - aes-586.pl: Set up ebx to point to the GOT and call AES_set_encrypt_key
      via the PLT to avoid a relocation.
    - x86unix.pl: Call the init function via the PLT, avoiding a relocation
      in case of a PIC object.
    - cbc.pl: Call functions via the PLT.
    - desboth.pl: Call DES_encrypt2 via the PLT.
  * CA.sh should use the v3_ca extention when called with -newca
    (Closes: #428051)
  * Use -Wa,--noexecstack for all arches in Debian. (Closes: #430583)
  * Convert the failure message when services fail restart to a debconf
  * To restart a service, just restart, instead of stop and start.
    Hopefully fixes #444946
  * Also remove igetest from the test dir in the clean target.
    (Closes: #424362)
  * New upstream release
    - Fixes version number not to say it's a development version.
  * New upstream release
    - Fixes DTLS issues, also fixes CVE-2007-4995 (Closes: #335703, #439737)
    - Proper inclusion of opensslconf.h in pq_compat.h (Closes: #408686)
    - New function SSL_set_SSL_CTX: bump shlibs.
  * Remove build dependency on gcc > 4.2
  * Remove the openssl preinst, it looks like a workaround
    for a change in 0.9.2b where config files got moved. (Closes: #445095)
  * Update debconf translations:
    - Vietnamese (Closes: #426988)
    - Danish (Closes: #426774)
    - Slovak (Closes: #440723)
    - Finnish (Closes: #444258)
  * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers().
    (Closes: #444435)
  * Add postgresql-8.2 to the list of services to check.
  * Fix another case of the "if this code is reached, the program will abort"
    (Closes: #429740)
  * Temporary force to build with gcc >= 4.2
  * Fix problems with gcc-4.2 (Closes: #429740)
  * Stop using -Bsymbolic to create the shared library.
  * Make x86_64cpuid.pl use PIC.
  * Add fix for CVE-2007-3108 (Closes: #438142)

536eef0... by Matthias Klose on 2007-10-04

Import patches-unapplied version 0.9.8e-5ubuntu3 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: ef1a78d79eb6bce2cb9a9cdc3841005e33390e63

New changelog entries:
  * Replace duplicate files in the doc directory with symlinks.

ef1a78d... by Kees Cook on 2007-09-28

Import patches-unapplied version 0.9.8e-5ubuntu2 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 4205ad546b70c56e6d3cd1048fa53fa2a61353cf

New changelog entries:
  [ Jamie Strandboge ]
  * SECURITY UPDATE: off-by-one error in SSL_get_shared_ciphers() results in
    buffer overflow
  * ssl/ssl_lib.c: applied upstream patch from openssl CVS thanks to
    Stephan Hermann
  * References:
    Fixes LP: #146269
  * Modify Maintainer value to match the DebianMaintainerField
  [ Kees Cook ]
  * SECURITY UPDATE: side-channel attacks via BN_from_montgomery function.
  * crypto/bn/bn_mont.c: upstream patch from openssl CVS thanks to Debian.
  * References

4205ad5... by Matthias Klose on 2007-07-31

Import patches-unapplied version 0.9.8e-5ubuntu1 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: f172a9fc8be095f9646f2c087b7827031ce3db2f

New changelog entries:
  * Configure: Add support for lpia.
  * Explicitely build using gcc-4.1 (PR other/31359).

f172a9f... by Kurt Roeckx on 2007-05-15

Import patches-unapplied version 0.9.8e-5 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 3ba8d0ec2c1bdf5464cabe017bb0fd01b3a901a7

New changelog entries:
  [ Christian Perrier ]
  * Debconf templates proofread and slightly rewritten by
    the debian-l10n-english team as part of the Smith Review Project.
    Closes: #418584
  * Debconf templates translations:
    - Arabic. Closes: #418669
    - Russian. Closes: #418670
    - Galician. Closes: #418671
    - Swedish. Closes: #418679
    - Korean. Closes: #418755
    - Czech. Closes: #418768
    - Basque. Closes: #418784
    - German. Closes: #418785
    - Traditional Chinese. Closes: #419915
    - Brazilian Portuguese. Closes: #419959
    - French. Closes: #420429
    - Italian. Closes: #420461
    - Japanese. Closes: #420482
    - Catalan. Closes: #420833
    - Dutch. Closes: #420925
    - Malayalam. Closes: #420986
    - Portuguese. Closes: #421032
    - Romanian. Closes: #421708
  [ Kurt Roeckx ]
  * Remove the Provides for the udeb. Patch from Frans Pop. (Closes: #419608)
  * Updated Spanish debconf template. (Closes: #421336)
  * Do the header changes, changing those defines into real functions,
    and bump the shlibs to match.
  * Update Japanese debconf translation. (Closes: #422270)

3ba8d0e... by Kurt Roeckx on 2007-03-10

Import patches-unapplied version 0.9.8e-4 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 20d2ab7db063d6a3a9d7ea109f67a2ebcd83c8ae

New changelog entries:
  * openssl should depend on libssl0.9.8 0.9.8e-1 since it
    uses some of the defines that changed to functions.
    Other things build against libssl or libcrypto shouldn't
    have this problem since they use the old headers.
    (Closes: #414283)
  * Add nagios-nrpe-server to the list of services to be checked
    (Closes: #391188)
  * EVP_CIPHER_CTX_key_length() should return the set key length in the
    EVP_CIPHER_CTX structure which may not be the same as the underlying
    cipher key length for variable length ciphers.
    From upstream CVS. (Closes: #412979)
  * Undo include changes that change defines into real functions,
    but keep the new functions in the library.
  * New upstream release
    - Inludes security fixes for CVE-2006-2937, CVE-2006-2940,
      CVE-2006-3738, CVE-2006-4343 (Closes: #408902)
    - s_client now properly works with SMTP. Also added support
      for IMAP. (closes: #221689)
    - Load padlock modules (Closes: #345656, #368476)
  * Add clamav-freshclam and clamav-daemon to the list of service that
    need to be restarted. (Closes: #391191)
  * Add armel support. Thanks to Guillem Jover <email address hidden>
    for the patch. (Closes: #407196)
  * Add Portuguese translations. Thanks to Carlos Lisboa. (Closes: 408157)
  * Add Norwegian translations. Thanks to Bjørn Steensrud
    <email address hidden> (Closes: #412326)

20d2ab7... by Kurt Roeckx on 2006-11-30

Import patches-unapplied version 0.9.8c-4 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: c1d2d17be519b41526d5f68261a06ded06fef958

New changelog entries:
  * Add German debconf translation. Thanks to
    Johannes Starosta <email address hidden> (Closes: #388108)
  * Make c_rehash look for both .pem and .crt files. Also make it support
    files in DER format. Patch by "Yauheni Kaliuta" <email address hidden>
    (Closes: #387089)
  * Use & instead of && to check a flag in the X509 policy checking.
    Patch from upstream cvs. (Closes: #397151)
  * Also restart slapd for security updates (Closes: #400221)
  * Add Romanian debconf translation. Thanks to
    stan ioan-eugen <email address hidden> (Closes: #393507)