import dotnet6.0-6.0.129-2.el9_4

c9 imports/c9/dotnet6.0-6.0.129-2.el9_4
MSVSphere Packaging Team 6 months ago
parent 2c7cd9bbc9
commit 07abdc3c61

@ -1 +1 @@
c7a7b8fdb6f58198a88ac194e8d6ce69d0a81d36 SOURCES/dotnet-v6.0.129.tar.gz 50c5c031356e8cc4f362aecdfe819bfcf9581c2a SOURCES/dotnet-v6.0.129.tar.gz

@ -1,34 +0,0 @@
From d7805229ffe6906cd0832c0482b963caf4b4fd82 Mon Sep 17 00:00:00 2001
From: Tom Deseyn <tom.deseyn@gmail.com>
Date: Wed, 28 Feb 2024 14:08:15 +0100
Subject: [PATCH] Allow certificate validation with SHA-1 signatures.
RHEL OpenSSL builds disable SHA-1 signatures. This causes certificate
validation to fail when using the X509_V_FLAG_CHECK_SS_SIGNATURE flag
with a chain where the last certificate uses a SHA-1 signature.
This removes X509_V_FLAG_CHECK_SS_SIGNATURE flag to have the default
OpenSSL behavior for certificate validation.
---
.../libs/System.Security.Cryptography.Native/pal_x509.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_x509.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_x509.c
index 04c6ba06cd..2cd3413dae 100644
--- a/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_x509.c
+++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_x509.c
@@ -272,11 +272,6 @@ int32_t CryptoNative_X509StoreCtxInit(X509_STORE_CTX* ctx, X509_STORE* store, X5
{
int32_t val = X509_STORE_CTX_init(ctx, store, x509, extraStore);
- if (val != 0)
- {
- X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_CHECK_SS_SIGNATURE);
- }
-
return val;
}
--
2.43.2

@ -60,7 +60,7 @@
Name: dotnet6.0 Name: dotnet6.0
Version: %{sdk_rpm_version} Version: %{sdk_rpm_version}
Release: 1%{?dist} Release: 2%{?dist}
Summary: .NET Runtime and SDK Summary: .NET Runtime and SDK
License: MIT and ASL 2.0 and BSD and LGPLv2+ and CC-BY and CC0 and MS-PL and EPL-1.0 and GPL+ and GPLv2 and ISC and OFL and zlib License: MIT and ASL 2.0 and BSD and LGPLv2+ and CC-BY and CC0 and MS-PL and EPL-1.0 and GPL+ and GPLv2 and ISC and OFL and zlib
URL: https://github.com/dotnet/ URL: https://github.com/dotnet/
@ -86,15 +86,8 @@ Source11: dotnet.sh.in
Patch100: runtime-arm64-lld-fix.patch Patch100: runtime-arm64-lld-fix.patch
# Mono still has a dependency on (now unbuildable) ILStrip which was removed from CoreCLR: https://github.com/dotnet/runtime/pull/60315 # Mono still has a dependency on (now unbuildable) ILStrip which was removed from CoreCLR: https://github.com/dotnet/runtime/pull/60315
Patch101: runtime-mono-remove-ilstrip.patch Patch101: runtime-mono-remove-ilstrip.patch
# https://github.com/dotnet/runtime/pull/95218#issuecomment-1842799422 # https://github.com/dotnet/runtime/pull/95217#issuecomment-1842799362
Patch102: runtime-re-enable-implicit-rejection.patch Patch102: runtime-re-enable-implicit-rejection.patch
# We disable checking the signature of the last certificate in a chain
# if the certificate is supposedly self-signed. A side effect of not
# checking the self-signature of such a certificate is that disabled
# or unsupported message digests used for the signature are not
# treated as fatal errors. https://issues.redhat.com/browse/RHEL-25254
Patch103: runtime-openssl-sha1.patch
# Disable apphost, needed for s390x # Disable apphost, needed for s390x
Patch500: fsharp-no-apphost.patch Patch500: fsharp-no-apphost.patch
@ -385,7 +378,6 @@ pushd src/runtime
%patch100 -p1 %patch100 -p1
%patch101 -p1 %patch101 -p1
%patch102 -p1 %patch102 -p1
%patch103 -p1
popd popd
pushd src/fsharp pushd src/fsharp
@ -620,33 +612,25 @@ rm -rf %{buildroot}%{_libdir}/dotnet/packs/NETStandard.Library.Ref/2.1.0
%changelog %changelog
* Tue Apr 02 2024 Omair Majid <omajid@redhat.com> - 6.0.129-1 * Tue Apr 09 2024 Omair Majid <omajid@redhat.com> - 6.0.129-2
- Update to .NET SDK 6.0.129 and Runtime 6.0.29 - Update to .NET SDK 6.0.129 and Runtime 6.0.29
- Resolves: RHEL-31197 - Resolves: RHEL-31198
* Wed Mar 06 2024 Tom Deseyn <tom.deseyn@gmail.com> - 6.0.128-2
- We disable checking the signature of the last certificate in a chain
if the certificate is supposedly self-signed. A side effect of not
checking the self-signature of such a certificate is that disabled
or unsupported message digests used for the signature are not
treated as fatal errors.
- Resolves: RHEL-28359
* Thu Feb 29 2024 Omair Majid <omajid@redhat.com> - 6.0.128-1 * Tue Mar 19 2024 Omair Majid <omajid@redhat.com> - 6.0.128-2
- Update to .NET SDK 6.0.128 and Runtime 6.0.28 - Update to .NET SDK 6.0.128 and Runtime 6.0.28
- Resolves: RHEL-27540 - Resolves: RHEL-27541
* Thu Feb 01 2024 Omair Majid <omajid@redhat.com> - 6.0.127-1 * Wed Feb 14 2024 Omair Majid <omajid@redhat.com> - 6.0.127-2
- Update to .NET SDK 6.0.127 and Runtime 6.0.27 - Update to .NET SDK 6.0.127 and Runtime 6.0.27
- Resolves: RHEL-23787 - Resolves: RHEL-23785
* Wed Dec 20 2023 Omair Majid <omajid@redhat.com> - 6.0.126-1 * Mon Jan 15 2024 Omair Majid <omajid@redhat.com> - 6.0.126-2
- Update to .NET SDK 6.0.126 and Runtime 6.0.26 - Update to .NET SDK 6.0.126 and Runtime 6.0.26
- Resolves: RHEL-19807 - Resolves: RHEL-19801
* Thu Nov 02 2023 Omair Majid <omajid@redhat.com> - 6.0.125-1 * Mon Dec 11 2023 Omair Majid <omajid@redhat.com> - 6.0.125-2
- Update to .NET SDK 6.0.125 and Runtime 6.0.25 - Update to .NET SDK 6.0.125 and Runtime 6.0.25
- Resolves: RHEL-15359 - Resolves: RHEL-15349
* Tue Oct 24 2023 Omair Majid <omajid@redhat.com> - 6.0.124-2 * Tue Oct 24 2023 Omair Majid <omajid@redhat.com> - 6.0.124-2
- Update to .NET SDK 6.0.124 and Runtime 6.0.24 - Update to .NET SDK 6.0.124 and Runtime 6.0.24

Loading…
Cancel
Save