ubuntu/+source/openssl:ubuntu/oneiric

Last commit made on 2011-10-05
Get this branch:
git clone -b ubuntu/oneiric https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/oneiric
Repository:
lp:ubuntu/+source/openssl

Recent commits

c8a539e... by Marc Deslauriers on 2011-10-04

Import patches-unapplied version 1.0.0e-2ubuntu4 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: a79ab0f819ac70b12dd0d8afcff0630c8ca45257

New changelog entries:
  * The previous change moved the notification to major upgrades only, but
    in fact, we do want the sysadmin to be notified when security updates
    are installed, without having services automatically restarted.
    (LP: #244250)

a79ab0f... by Anders Kaseorg on 2011-10-04

Import patches-unapplied version 1.0.0e-2ubuntu3 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 6fa771d3f568bb62efa7f646268e018a9295db6a

New changelog entries:
  * Only issue a restart required notification on important upgrades, and
    not other actions such as reconfiguration or initial installation.
    (LP: #244250)

6fa771d... by Loïc Minier on 2011-09-27

Import patches-unapplied version 1.0.0e-2ubuntu2 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: f9621ec40f5083f72b5bacf303926a625ff21374

New changelog entries:
  * Unapply patch c_rehash-multi and comment it out in the series as it breaks
    parsing of certificates with CRLF line endings and other cases (see
    Debian #642314 for discussion), it also changes the semantics of c_rehash
    directories by requiring applications to parse hash link targets as files
    containing potentially *multiple* certificates rather than exactly one.
    LP: #855454.

f9621ec... by Steve Beattie on 2011-09-15

Import patches-unapplied version 1.0.0e-2ubuntu1 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 6862a2acd21bc2707b43339c7ae5cd9f34cc2826

New changelog entries:
  * Resynchronise with Debian, fixes CVE-2011-1945, CVE-2011-3207 and
    CVE-2011-3210 (LP: #850608). Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification bubble on libssl1.0.0
        upgrade.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
      http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
      0.9.8 variant.
    - debian/patches/Bsymbolic-functions.patch: Link using
      -Bsymbolic-functions.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building. Patch from Neil Williams.
      + Don't build for processors no longer supported: i486, i586 (on
        i386), v8 (on sparc).
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
  * debian/libssl1.0.0.postinst: only display restart notification on
    servers (LP: #244250)

6862a2a... by Kurt Roeckx on 2011-09-10

Import patches-unapplied version 1.0.0e-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2ed4d285ebd0c4d6e16ba2b3628f12017bd81ae4

New changelog entries:
  * Add a missing $(DEB_HOST_MULTIARCH)

2ed4d28... by Kurt Roeckx on 2011-09-10

Import patches-unapplied version 1.0.0e-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: de3e310739af5259d72b392c6a776c4a7c47f802

New changelog entries:
  * New upstream version
    - Fix bug where CRLs with nextUpdate in the past are sometimes accepted
      by initialising X509_STORE_CTX properly. (CVE-2011-3207)
    - Fix SSL memory handling for (EC)DH ciphersuites, in particular
      for multi-threaded use of ECDH. (CVE-2011-3210)
    - Add protection against ECDSA timing attacks (CVE-2011-1945)
  * Block DigiNotar certifiates. Patch from
    Raphael Geissert <email address hidden>
  * Generate hashes for all certs in a file (Closes: #628780, #594524)
    Patch from Klaus Ethgen <email address hidden>
  * Add multiarch support (Closs: #638137)
    Patch from Steve Langasek / Ubuntu
  * Symbols from the gost engine were removed because it didn't have
    a linker file. Thanks to Roman I Khimov <email address hidden>
    (Closes: #631503)
  * Add support for s390x. Patch from Aurelien Jarno <email address hidden>
    (Closes: #641100)
  * Add build-arch and build-indep targets to the rules file.

de3e310... by Kurt Roeckx on 2011-06-13

Import patches-unapplied version 1.0.0d-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6110248857e6b5814d3d6ad377820312e5e9a557

New changelog entries:
  * Make it build on sparc64. Patch from Aurelien Jarno. (Closes: #626060)
  * Apply patches from Scott Schaefer <email address hidden> to
    fix various pod and spelling errors. (Closes: #622820, #605561)
  * Add missing symbols for the engines (Closes: #623038)
  * More spelling fixes from Scott Schaefer (Closes: #395424)
  * Patch from Scott Schaefer to better document pkcs12 password options
    (Closes: #462489)
  * Document dgst -hmac option. Patch by Thorsten Glaser <email address hidden>
    (Closes: #529586)

6110248... by Kurt Roeckx on 2011-04-13

Import patches-unapplied version 1.0.0d-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0638c6bafb9739f48964d070732fc0a86a6402fc

New changelog entries:
  * Make c_rehash also generate the old subject hash. Gnutls applications
    seem to require it. (Closes: #611102)

0638c6b... by Kurt Roeckx on 2011-04-02

Import patches-unapplied version 1.0.0d-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9a76d074d88291c25aaf87a3fe10e08bfe904474

New changelog entries:
  * New upstream version
    - Fixes CVE-2011-0014
  * Make libssl-doc Replaces/Breaks with old libssl-dev packages
    (Closes: #607609)
  * Only export the symbols we should, instead of all.
  * Add symbol file.
  * Upload to unstable

9a76d07... by Kurt Roeckx on 2010-12-19

Import patches-unapplied version 1.0.0c-2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 8d20ae96765f2aec310173bfff03ef3af120a326

New changelog entries:
  * Set $ in front of {sparcv9_asm} so that the sparc v9 variant builds.
  * Always define _GNU_SOURCE, not only for Linux.
  * Drop SSL2 support (Closes: #589706)