|
|
|
@ -15,7 +15,7 @@
|
|
|
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
|
|
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
|
|
|
Name: openssl
|
|
|
|
Name: openssl
|
|
|
|
Version: 3.0.1
|
|
|
|
Version: 3.0.1
|
|
|
|
Release: 1%{?dist}
|
|
|
|
Release: 2%{?dist}
|
|
|
|
Epoch: 1
|
|
|
|
Epoch: 1
|
|
|
|
# We have to remove certain patented algorithms from the openssl source
|
|
|
|
# We have to remove certain patented algorithms from the openssl source
|
|
|
|
# tarball with the hobble-openssl script which is included below.
|
|
|
|
# tarball with the hobble-openssl script which is included below.
|
|
|
|
@ -72,7 +72,7 @@ Patch46: 0046-FIPS-permitsha1-hmac.patch
|
|
|
|
|
|
|
|
|
|
|
|
License: ASL 2.0
|
|
|
|
License: ASL 2.0
|
|
|
|
URL: http://www.openssl.org/
|
|
|
|
URL: http://www.openssl.org/
|
|
|
|
BuildRequires: gcc
|
|
|
|
BuildRequires: gcc g++
|
|
|
|
BuildRequires: coreutils, perl-interpreter, sed, zlib-devel, /usr/bin/cmp
|
|
|
|
BuildRequires: coreutils, perl-interpreter, sed, zlib-devel, /usr/bin/cmp
|
|
|
|
BuildRequires: lksctp-tools-devel
|
|
|
|
BuildRequires: lksctp-tools-devel
|
|
|
|
BuildRequires: /usr/bin/rename
|
|
|
|
BuildRequires: /usr/bin/rename
|
|
|
|
@ -210,7 +210,7 @@ export HASHBANGPERL=/usr/bin/perl
|
|
|
|
--system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \
|
|
|
|
--system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \
|
|
|
|
zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \
|
|
|
|
zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \
|
|
|
|
enable-cms enable-md2 enable-rc5 enable-ktls enable-fips\
|
|
|
|
enable-cms enable-md2 enable-rc5 enable-ktls enable-fips\
|
|
|
|
no-mdc2 no-ec2m no-sm2 no-sm4 \
|
|
|
|
no-mdc2 no-ec2m no-sm2 no-sm4 enable-buildtest-c++\
|
|
|
|
shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\""'
|
|
|
|
shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\""'
|
|
|
|
|
|
|
|
|
|
|
|
# Do not run this in a production package the FIPS symbols must be patched-in
|
|
|
|
# Do not run this in a production package the FIPS symbols must be patched-in
|
|
|
|
@ -396,6 +396,10 @@ install -m644 %{SOURCE9} \
|
|
|
|
%ldconfig_scriptlets libs
|
|
|
|
%ldconfig_scriptlets libs
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
%changelog
|
|
|
|
|
|
|
|
* Thu Jan 20 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-2
|
|
|
|
|
|
|
|
- Add enable-buildtest-c++ to the configure options.
|
|
|
|
|
|
|
|
- Related: rhbz#1990814
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jan 18 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-1
|
|
|
|
* Tue Jan 18 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-1
|
|
|
|
- Rebase to upstream version 3.0.1
|
|
|
|
- Rebase to upstream version 3.0.1
|
|
|
|
- Fixes CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
|
|
|
|
- Fixes CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
|
|
|
|
|
Sahana Prasad
3 years ago