Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openssl-1_1 for openSUSE:Factory
checked in at 2023-03-29 23:26:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openssl-1_1 (Old)
and /work/SRC/openSUSE:Factory/.openssl-1_1.new.31432 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssl-1_1"
Wed Mar 29 23:26:47 2023 rev:43 rq:1074722 version:1.1.1t
Changes:
--------
--- /work/SRC/openSUSE:Factory/openssl-1_1/openssl-1_1.changes 2023-02-14
16:45:10.466354371 +0100
+++ /work/SRC/openSUSE:Factory/.openssl-1_1.new.31432/openssl-1_1.changes
2023-03-29 23:27:00.375401720 +0200
@@ -1,0 +2,7 @@
+Fri Mar 24 15:53:47 UTC 2023 - Otto Hollmann <otto.hollm...@suse.com>
+
+- Security Fix: [CVE-2023-0464, bsc#1209624]
+ * Excessive Resource Usage Verifying X.509 Policy Constraints
+ * Add openssl-CVE-2023-0464.patch
+
+-------------------------------------------------------------------
New:
----
openssl-CVE-2023-0464.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openssl-1_1.spec ++++++
--- /var/tmp/diff_new_pack.taNlBM/_old 2023-03-29 23:27:01.299406061 +0200
+++ /var/tmp/diff_new_pack.taNlBM/_new 2023-03-29 23:27:01.307406099 +0200
@@ -132,6 +132,8 @@
Patch79: openssl-1_1-Fix-AES-GCM-on-Power-8-CPUs.patch
#PATCH-FIX-OPENSUSE bsc#1205042 Set OpenSSL 3.0 as the default openssl
Patch80: openssl-1_1-openssl-config.patch
+# PATCH-FIX-UPSTREAM: bsc#1209624, CVE-2023-0464 Excessive Resource Usage
Verifying X.509 Policy Constraints
+Patch81: openssl-CVE-2023-0464.patch
BuildRequires: pkgconfig
BuildRequires: pkgconfig(zlib)
Requires: libopenssl1_1 = %{version}-%{release}
++++++ openssl-CVE-2023-0464.patch ++++++
++++ 815 lines (skipped)
