rpms/openssl/F-11 openssl-0.9.8n-cve-2010-0742.patch, NONE, 1.1 openssl-1.0.0-timezone.patch, NONE, 1.1 openssl.spec, 1.132, 1.133

Tomáš Mráz tmraz at fedoraproject.org
Wed Jun 2 09:03:07 UTC 2010 

Author: tmraz

Update of /cvs/pkgs/rpms/openssl/F-11
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv22600

Modified Files:
	openssl.spec 
Added Files:
	openssl-0.9.8n-cve-2010-0742.patch 
	openssl-1.0.0-timezone.patch 
Log Message:
* Wed Jun  2 2010 Tomas Mraz <tmraz at redhat.com> 0.9.8n-2
- fix CVE-2010-0742
- set UTC timezone on pod2man run (#578842)


openssl-0.9.8n-cve-2010-0742.patch:
 cms_asn1.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- NEW FILE openssl-0.9.8n-cve-2010-0742.patch ---
diff -up openssl-0.9.8n/crypto/cms/cms_asn1.c.originfo openssl-0.9.8n/crypto/cms/cms_asn1.c
--- openssl-0.9.8n/crypto/cms/cms_asn1.c.originfo	2008-04-04 01:03:44.000000000 +0200
+++ openssl-0.9.8n/crypto/cms/cms_asn1.c	2010-06-02 10:56:41.000000000 +0200
@@ -130,8 +130,8 @@ ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
 } ASN1_NDEF_SEQUENCE_END(CMS_SignedData)
 
 ASN1_SEQUENCE(CMS_OriginatorInfo) = {
-	ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0),
-	ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1)
+	ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0),
+	ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
 } ASN1_SEQUENCE_END(CMS_OriginatorInfo)
 
 ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {

openssl-1.0.0-timezone.patch:
 Makefile.org |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- NEW FILE openssl-1.0.0-timezone.patch ---
diff -up openssl-1.0.0/Makefile.org.timezone openssl-1.0.0/Makefile.org
--- openssl-1.0.0/Makefile.org.timezone	2010-03-30 11:08:40.000000000 +0200
+++ openssl-1.0.0/Makefile.org	2010-04-06 12:49:21.000000000 +0200
@@ -609,7 +609,7 @@ install_docs:
 		sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
 		(cd `$(PERL) util/dirname.pl $$i`; \
-		sh -c "$$pod2man \
+		sh -c "TZ=UTC $$pod2man \
 			--section=$$sec --center=OpenSSL \
 			--release=$(VERSION) `basename $$i`") \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
@@ -626,7 +626,7 @@ install_docs:
 		sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
 		(cd `$(PERL) util/dirname.pl $$i`; \
-		sh -c "$$pod2man \
+		sh -c "TZ=UTC $$pod2man \
 			--section=$$sec --center=OpenSSL \
 			--release=$(VERSION) `basename $$i`") \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \


Index: openssl.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssl/F-11/openssl.spec,v
retrieving revision 1.132
retrieving revision 1.133
diff -u -p -r1.132 -r1.133
--- openssl.spec	25 Mar 2010 12:20:03 -0000	1.132
+++ openssl.spec	2 Jun 2010 09:03:07 -0000	1.133
@@ -23,7 +23,7 @@
 Summary: A general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 0.9.8n
-Release: 1%{?dist}
+Release: 2%{?dist}
 # We remove certain patented algorithms from the openssl source tarball
 # with the hobble-openssl script which is included below.
 Source: openssl-%{version}-usa.tar.bz2
@@ -42,6 +42,7 @@ Patch4: openssl-0.9.8m-enginesdir.patch
 Patch5: openssl-0.9.8a-no-rpath.patch
 Patch6: openssl-0.9.8b-test-use-localhost.patch
 Patch7: openssl-0.9.8k-shlib-version.patch
+Patch8: openssl-1.0.0-timezone.patch
 # Bug fixes
 Patch22: openssl-0.9.8k-x509-name-cmp.patch
 Patch23: openssl-0.9.8m-default-paths.patch
@@ -64,6 +65,7 @@ Patch49: openssl-0.9.8j-fips-no-pairwise
 Patch50: openssl-0.9.8j-fips-rng-seed.patch
 Patch51: openssl-0.9.8m-multi-crl.patch
 # Backported fixes including security fixes
+Patch60: openssl-0.9.8n-cve-2010-0742.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -125,6 +127,7 @@ from other formats to the formats used b
 %patch5 -p1 -b .no-rpath
 %patch6 -p1 -b .use-localhost
 %patch7 -p1 -b .shlib-version
+%patch8 -p1 -b .timezone
 
 %patch22 -p1 -b .name-cmp
 %patch23 -p1 -b .default-paths
@@ -147,6 +150,7 @@ from other formats to the formats used b
 %patch50 -p1 -b .rng-seed
 %patch51 -p1 -b .multi-crl
 
+%patch60 -p1 -b .originfo
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`
 
@@ -404,6 +408,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipsca
 %postun -p /sbin/ldconfig
 
 %changelog
+* Wed Jun  2 2010 Tomas Mraz <tmraz at redhat.com> 0.9.8n-2
+- fix CVE-2010-0742
+- set UTC timezone on pod2man run (#578842)
+
 * Thu Mar 25 2010 Tomas Mraz <tmraz at redhat.com> 0.9.8n-1
 - fix CVE-2010-0740

More information about the scm-commits mailing list