openssl (1.0.2a-1ubuntu1) wily; urgency=medium
* Merge with Debian, remaining changes.
- debian/libssl1.0.0.postinst:
+ Display a system restart required notification on libssl1.0.0
upgrade on servers.
+ Use a different priority for libssl1.0.0/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
- debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
in Debian).
- debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
rules}: Move runtime libraries to /lib, for the benefit of
wpasupplicant.
- debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
.pc.
- debian/rules:
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
+ Don't build for processors no longer supported: i586 (on i386)
+ Fix Makefile to properly clean up libs/ dirs in clean target.
+ Replace duplicate files in the doc directory with symlinks.
- debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
- debian/rules: Enable optimized 64bit elliptic curve code contributed
by Google.
* Dropped patches included in new version:
- ppc64-support.patch, CVE-2014-0076.patch, CVE-2014-0160.patch,
CVE-2010-5298.patch, CVE-2014-0198.patch, CVE-2014-0195.patch,
CVE-2014-0221.patch, CVE-2014-0224-1.patch, CVE-2014-0224-2.patch,
CVE-2014-3470.patch, CVE-2014-0224-3.patch,
CVE-2014-0224-regression.patch, CVE-2014-0224-regression2.patch,
CVE-2014-3505.patch, CVE-2014-3506.patch, CVE-2014-3507.patch,
CVE-2014-3508.patch, CVE-2014-3509.patch, CVE-2014-3510.patch,
CVE-2014-3511.patch, CVE-2014-3512.patch, CVE-2014-5139.patch,
power8-optimisations.patch, tls_fallback_scsv_support.patch,
CVE-2014-3513.patch, CVE-2014-3567.patch, CVE-2014-3568.patch,
CVE-2014-3569.patch, CVE-2014-3570.patch, CVE-2014-3571-1.patch,
CVE-2014-3571-2.patch, CVE-2014-3572.patch, CVE-2014-8275.patch,
CVE-2015-0204.patch, CVE-2015-0205.patch, CVE-2015-0206.patch,
CVE-2015-0209.patch, CVE-2015-0286.patch, CVE-2015-0287.patch,
CVE-2015-0288.patch, CVE-2015-0289.patch, CVE-2015-0292.patch,
CVE-2015-0293.patch, CVE-2015-0209-2.patch, CVE-2015-0293-2.patch
openssl (1.0.2a-1) unstable; urgency=medium
* New upstrema version
- Fix CVE-2015-0286
- Fix CVE-2015-0287
- Fix CVE-2015-0289
- Fix CVE-2015-0293 (not affected, SSLv2 disabled)
- Fix CVE-2015-0209
- Fix CVE-2015-0288
- Fix CVE-2015-0291
- Fix CVE-2015-0290
- Fix CVE-2015-0207
- Fix CVE-2015-0208
- Fix CVE-2015-1787
- Fix CVE-2015-0285
* Temporary enable SSLv3 methods again, but they will go away.
* Don't set TERMIO anymore, use the default TERMIOS instead.
openssl (1.0.2-1) experimental; urgency=medium
* New upstream release
- Fixes CVE-2014-3571
- Fixes CVE-2015-0206
- Fixes CVE-2014-3569
- Fixes CVE-2014-3572
- Fixes CVE-2015-0204
- Fixes CVE-2015-0205
- Fixes CVE-2014-8275
- Fixes CVE-2014-3570
- Drop git_snapshot.patch
* Drop gnu_source.patch, dgst_hmac.patch, stddef.patch,
no_ssl3_method.patch: applied upstream
* Update patches to apply
openssl (1.0.2~beta3-1) experimental; urgency=low
* New usptream beta version
* Add git snapshot
* Merge changes between 1.0.1h-3 and 1.0.1j-1:
- Disables SSLv3 because of CVE-2014-3566
* Drop patch rehash-crt.patch: partially applied upstream.
c_rehash now doesn't support files in DER format anymore.
* Drop patch rehash_pod.patch: applied upstream
* Update c_rehash-compat.patch to apply to new upstream version. This
undoes upstream's "-old" option and creates both the new and old again.
It now also does it for CRLs.
* Drop defaults.patch, applied upstream
* dgst_hmac.patch updated to apply to upstream version.
* engines-path.patch updated to apply to upstream version.
* Update list of exported symbols
* Update symbols files to require beta3
* Enable unit tests
* Add patch to add support for the no-ssl3-method option that completly
disable SSLv3 and pass the option. This drops the following functions
from the library: SSLv3_method, SSLv3_server_method and
SSLv3_client_method
* Build using OPENSSL_NO_BUF_FREELISTS
openssl (1.0.2~beta2-1) experimental; urgency=medium
* New usptream beta version
- Fix CVE-2014-0224
- Fix CVE-2014-0221
- Fix CVE-2014-0195
- Fix CVE-2014-3470
- Fix CVE-2014-0198
- Fix CVE-2010-5298
- Fix CVE-2014-0160
- Fix CVE-2014-0076
* Merge changes between 1.0.1f-1 and 1.0.1h-3:
- postinst: Updated check for restarting services
* libdoc-manpgs-pod-spell.patch and openssl-pod-misspell.patch
partially applied upstream
* Drop fix-pod-errors.patch, applied upstream.
* Add support for ppc64le (Closes: #745657)
* Add support for OpenRISC (Closes: #736772)
openssl (1.0.2~beta1-1) experimental; urgency=medium
* New upstream beta version
- Update list of symbols that should be exported and adjust the symbols
file. This also removes a bunch of duplicate symbols in the linker
file.
- Fix additional pod errors
- Following patches have been applied upstream and are removed:
libssl-misspell.patch, pod_req_misspell2.patch,
pod_pksc12.misspell.patch, pod_s_server.misspell.patch,
pod_x509setflags.misspell.patch, pod_ec.misspell.patch,
pkcs12-doc.patch, req_bits.patch
- Following patches have been partially applied upstream:
libdoc-manpgs-pod-spell.patch, openssl-pod-misspell.patch
- Remove openssl_fix_for_x32.patch, different patch applied upstream.
* Add support for cross compiling (Closes: #465248)
-- Marc Deslauriers <email address hidden> Tue, 12 May 2015 11:36:12 -0400