Sat Jan 24 01:01:54 2015 UTC ()
Apply following update to suse131_openssl, bump PKGREVISION.

   openSUSE Security Update: Security update for openssl
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2015:0130-1
Rating:             important
References:         #911399 #912014 #912015 #912018 #912292 #912293
                    #912294 #912296
Cross-References:   CVE-2014-3569 CVE-2014-3570 CVE-2014-3571
                    CVE-2014-3572 CVE-2014-8275 CVE-2015-0204
                    CVE-2015-0205 CVE-2015-0206
Affected Products:
                    openSUSE 13.2
                    openSUSE 13.1
______________________________________________________________________________

   An update that fixes 8 vulnerabilities is now available.

Description:

   openssl was updated to 1.0.1k to fix various security issues and bugs.

   More information can be found in the openssl advisory:
   http://openssl.org/news/secadv_20150108.txt

   Following issues were fixed:

   * CVE-2014-3570 (bsc#912296): Bignum squaring (BN_sqr) may have produced
     incorrect results on some platforms, including x86_64.

   * CVE-2014-3571 (bsc#912294): Fixed crash in dtls1_get_record whilst in
     the listen state where you get two separate reads performed - one for
     the header and one for the body of the handshake record.

   * CVE-2014-3572 (bsc#912015): Don't accept a handshake using an ephemeral
     ECDH ciphersuites with the server key exchange message omitted.

   * CVE-2014-8275 (bsc#912018): Fixed various certificate fingerprint issues.

   * CVE-2015-0204 (bsc#912014): Only allow ephemeral RSA keys in export
     ciphersuites

   * CVE-2015-0205 (bsc#912293): A fixwas added to prevent use of DH client
     certificates without sending certificate verify message.

   * CVE-2015-0206 (bsc#912292): A memory leak was fixed in
     dtls1_buffer_record.

References:

   http://support.novell.com/security/cve/CVE-2014-3569.html
   http://support.novell.com/security/cve/CVE-2014-3570.html
   http://support.novell.com/security/cve/CVE-2014-3571.html
   http://support.novell.com/security/cve/CVE-2014-3572.html
   http://support.novell.com/security/cve/CVE-2014-8275.html
   http://support.novell.com/security/cve/CVE-2015-0204.html
   http://support.novell.com/security/cve/CVE-2015-0205.html
   http://support.novell.com/security/cve/CVE-2015-0206.html
   https://bugzilla.suse.com/show_bug.cgi?id=911399
   https://bugzilla.suse.com/show_bug.cgi?id=912014
   https://bugzilla.suse.com/show_bug.cgi?id=912015
   https://bugzilla.suse.com/show_bug.cgi?id=912018
   https://bugzilla.suse.com/show_bug.cgi?id=912292
   https://bugzilla.suse.com/show_bug.cgi?id=912293
   https://bugzilla.suse.com/show_bug.cgi?id=912294
   https://bugzilla.suse.com/show_bug.cgi?id=912296


(obache)
diff -r1.13 -r1.14 pkgsrc/emulators/suse131_openssl/Makefile
diff -r1.12 -r1.13 pkgsrc/emulators/suse131_openssl/distinfo
cvs diff -r1.13 -r1.14 pkgsrc/emulators/suse131_openssl/Makefile (expand / switch to unified diff)

--- pkgsrc/emulators/suse131_openssl/Makefile 2014/11/24 10:47:45 1.13
+++ pkgsrc/emulators/suse131_openssl/Makefile 2015/01/24 01:01:54 1.14
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: Makefile,v 1.13 2014/11/24 10:47:45 obache Exp $ 1# $NetBSD: Makefile,v 1.14 2015/01/24 01:01:54 obache Exp $
2 2
3PKGNAME= suse_openssl-${SUSE_VERSION} 3PKGNAME= suse_openssl-${SUSE_VERSION}
4PKGREVISION= 11 4PKGREVISION= 12
5CATEGORIES= emulators 5CATEGORIES= emulators
6RPMUPDPKGS+= libopenssl1_0_0-1.0.1j-11.59.1.${SUSE_ARCH} 6RPMUPDPKGS+= libopenssl1_0_0-1.0.1k-11.64.2.${SUSE_ARCH}
7 7
8MAINTAINER= pkgsrc-users@NetBSD.org 8MAINTAINER= pkgsrc-users@NetBSD.org
9COMMENT= Linux compatibility package for OpenSSL 9COMMENT= Linux compatibility package for OpenSSL
10 10
11EMUL_MODULES.linux= base 11EMUL_MODULES.linux= base
12 12
13.include "../../emulators/suse131_linux/Makefile.common" 13.include "../../emulators/suse131_linux/Makefile.common"
14.include "../../mk/bsd.pkg.mk" 14.include "../../mk/bsd.pkg.mk"
cvs diff -r1.12 -r1.13 pkgsrc/emulators/suse131_openssl/distinfo (expand / switch to unified diff)

--- pkgsrc/emulators/suse131_openssl/distinfo 2014/11/24 10:47:45 1.12
+++ pkgsrc/emulators/suse131_openssl/distinfo 2015/01/24 01:01:54 1.13
@@ -1,8 +1,8 @@ @@ -1,8 +1,8 @@
1$NetBSD: distinfo,v 1.12 2014/11/24 10:47:45 obache Exp $ 1$NetBSD: distinfo,v 1.13 2015/01/24 01:01:54 obache Exp $
2 2
3SHA1 (suse131/libopenssl1_0_0-1.0.1j-11.59.1.i586.rpm) = da5698935ddd9aec3ef30eac423ac447db5a787c 3SHA1 (suse131/libopenssl1_0_0-1.0.1k-11.64.2.i586.rpm) = f5e5231bd256363f501f12fb3b9253ddb44e091e
4RMD160 (suse131/libopenssl1_0_0-1.0.1j-11.59.1.i586.rpm) = d426aad6f6a218e937b8ad544e09429fdf5c408e 4RMD160 (suse131/libopenssl1_0_0-1.0.1k-11.64.2.i586.rpm) = bb5770f3f44cd0a3313243cd7dce80675bd38e33
5Size (suse131/libopenssl1_0_0-1.0.1j-11.59.1.i586.rpm) = 769059 bytes 5Size (suse131/libopenssl1_0_0-1.0.1k-11.64.2.i586.rpm) = 770010 bytes
6SHA1 (suse131/libopenssl1_0_0-1.0.1j-11.59.1.x86_64.rpm) = db1f917a9b55bd4e6eb9b067d6ca2e5f11ca9c9f 6SHA1 (suse131/libopenssl1_0_0-1.0.1k-11.64.2.x86_64.rpm) = e57577dea61a189f9d481f486818db2f0e5cbb9d
7RMD160 (suse131/libopenssl1_0_0-1.0.1j-11.59.1.x86_64.rpm) = 3505534e244ccc91109ca90cf18f04a572834718 7RMD160 (suse131/libopenssl1_0_0-1.0.1k-11.64.2.x86_64.rpm) = f094e603beacb01cfe2eacf3caca83fcbbf17a07
8Size (suse131/libopenssl1_0_0-1.0.1j-11.59.1.x86_64.rpm) = 819451 bytes 8Size (suse131/libopenssl1_0_0-1.0.1k-11.64.2.x86_64.rpm) = 820981 bytes