From 24d43fe451d3f4fa6b15665cfa3353f4c08a5f5d Mon Sep 17 00:00:00 2001 From: Karen Arutyunov Date: Thu, 6 Jul 2023 10:41:20 +0300 Subject: Release version 1.1.1+21 Upgrade to 1.1.1u. That in particular fixes CVE-2023-0464 CVE-2023-0465 CVE-2023-0466 CVE-2023-2650. Update .gitignore files --- libcrypto/.gitignore | 1 + .../downstream/crypto/bn_conf/i686-linux.h | 28 --- .../downstream/crypto/dso_conf/i686-linux.h | 17 -- libcrypto/libcrypto/downstream/crypto/platform.h | 9 +- .../downstream/openssl/opensslconf/i686-linux.h | 188 --------------------- libcrypto/manifest | 6 +- 6 files changed, 9 insertions(+), 240 deletions(-) delete mode 100644 libcrypto/libcrypto/downstream/crypto/bn_conf/i686-linux.h delete mode 100644 libcrypto/libcrypto/downstream/crypto/dso_conf/i686-linux.h delete mode 100644 libcrypto/libcrypto/downstream/openssl/opensslconf/i686-linux.h (limited to 'libcrypto') diff --git a/libcrypto/.gitignore b/libcrypto/.gitignore index 6435b97..1c363a0 100644 --- a/libcrypto/.gitignore +++ b/libcrypto/.gitignore @@ -12,6 +12,7 @@ *.pcm *.ifc *.so +*.dylib *.dll *.a *.lib diff --git a/libcrypto/libcrypto/downstream/crypto/bn_conf/i686-linux.h b/libcrypto/libcrypto/downstream/crypto/bn_conf/i686-linux.h deleted file mode 100644 index 16d6e93..0000000 --- a/libcrypto/libcrypto/downstream/crypto/bn_conf/i686-linux.h +++ /dev/null @@ -1,28 +0,0 @@ -/* WARNING: do not edit! */ -/* Generated by Makefile from ../include/crypto/bn_conf.h.in */ -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef OSSL_CRYPTO_BN_CONF_H -# define OSSL_CRYPTO_BN_CONF_H - -/* - * The contents of this file are not used in the UEFI build, as - * both 32-bit and 64-bit builds are supported from a single run - * of the Configure script. - */ - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -#undef SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#define THIRTY_TWO_BIT - -#endif diff --git a/libcrypto/libcrypto/downstream/crypto/dso_conf/i686-linux.h b/libcrypto/libcrypto/downstream/crypto/dso_conf/i686-linux.h deleted file mode 100644 index 2c3b479..0000000 --- a/libcrypto/libcrypto/downstream/crypto/dso_conf/i686-linux.h +++ /dev/null @@ -1,17 +0,0 @@ -/* WARNING: do not edit! */ -/* Generated by Makefile from ../include/crypto/dso_conf.h.in */ -/* - * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef OSSL_CRYPTO_DSO_CONF_H -# define OSSL_CRYPTO_DSO_CONF_H -# define DSO_DLFCN -# define HAVE_DLFCN_H -# define DSO_EXTENSION ".so" -#endif diff --git a/libcrypto/libcrypto/downstream/crypto/platform.h b/libcrypto/libcrypto/downstream/crypto/platform.h index 8dd6690..5dc4c7f 100644 --- a/libcrypto/libcrypto/downstream/crypto/platform.h +++ b/libcrypto/libcrypto/downstream/crypto/platform.h @@ -48,20 +48,21 @@ # error arm64 architecture is not supported for this OS # endif # elif defined(__i386__) /* POSIX i386 */ -# if defined(__linux__) -# include "i686-linux.h" /* - * i686 architecture is not currently supported for FreeBSD and Mac OS. + * i686 architecture is not currently supported for POSIX. */ +# error i686 architecture is not supported for this OS /* +# if defined(__linux__) +# include "i686-linux.h" # elif defined(__FreeBSD__) # include "i686-freebsd.h" # elif defined(__APPLE__) # include "i686-macos.h" -*/ # else # error i686 architecture is not supported for this OS # endif +*/ # else # error unknown architecture # endif diff --git a/libcrypto/libcrypto/downstream/openssl/opensslconf/i686-linux.h b/libcrypto/libcrypto/downstream/openssl/opensslconf/i686-linux.h deleted file mode 100644 index cf638d4..0000000 --- a/libcrypto/libcrypto/downstream/openssl/opensslconf/i686-linux.h +++ /dev/null @@ -1,188 +0,0 @@ -/* - * WARNING: do not edit! - * Generated by Makefile from ../include/openssl/opensslconf.h.in - * - * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_ALGORITHM_DEFINES -# error OPENSSL_ALGORITHM_DEFINES no longer supported -#endif - -/* - * OpenSSL was configured with the following options: - */ - -#ifndef OPENSSL_NO_MDC2 -# define OPENSSL_NO_MDC2 -#endif -#ifndef OPENSSL_THREADS -# define OPENSSL_THREADS -#endif -#ifndef OPENSSL_RAND_SEED_OS -# define OPENSSL_RAND_SEED_OS -#endif -#ifndef OPENSSL_NO_ASAN -# define OPENSSL_NO_ASAN -#endif -#ifndef OPENSSL_NO_ASM -# define OPENSSL_NO_ASM -#endif -#ifndef OPENSSL_NO_CRYPTO_MDEBUG -# define OPENSSL_NO_CRYPTO_MDEBUG -#endif -#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE -# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE -#endif -#ifndef OPENSSL_NO_DEVCRYPTOENG -# define OPENSSL_NO_DEVCRYPTOENG -#endif -#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 -# define OPENSSL_NO_EC_NISTP_64_GCC_128 -#endif -#ifndef OPENSSL_NO_EGD -# define OPENSSL_NO_EGD -#endif -#ifndef OPENSSL_NO_EXTERNAL_TESTS -# define OPENSSL_NO_EXTERNAL_TESTS -#endif -#ifndef OPENSSL_NO_FUZZ_AFL -# define OPENSSL_NO_FUZZ_AFL -#endif -#ifndef OPENSSL_NO_FUZZ_LIBFUZZER -# define OPENSSL_NO_FUZZ_LIBFUZZER -#endif -#ifndef OPENSSL_NO_HEARTBEATS -# define OPENSSL_NO_HEARTBEATS -#endif -#ifndef OPENSSL_NO_MSAN -# define OPENSSL_NO_MSAN -#endif -#ifndef OPENSSL_NO_SCTP -# define OPENSSL_NO_SCTP -#endif -#ifndef OPENSSL_NO_SSL_TRACE -# define OPENSSL_NO_SSL_TRACE -#endif -#ifndef OPENSSL_NO_UBSAN -# define OPENSSL_NO_UBSAN -#endif -#ifndef OPENSSL_NO_UNIT_TEST -# define OPENSSL_NO_UNIT_TEST -#endif -#ifndef OPENSSL_NO_STATIC_ENGINE -# define OPENSSL_NO_STATIC_ENGINE -#endif - - -/* - * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers - * don't like that. This will hopefully silence them. - */ -#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy; - -/* - * Applications should use -DOPENSSL_API_COMPAT= to suppress the - * declarations of functions deprecated in or before . Otherwise, they - * still won't see them if the library has been built to disable deprecated - * functions. - */ -#ifndef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f; -# ifdef __GNUC__ -# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0) -# undef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); -# endif -# elif defined(__SUNPRO_C) -# if (__SUNPRO_C >= 0x5130) -# undef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); -# endif -# endif -#endif - -#ifndef OPENSSL_FILE -# ifdef OPENSSL_NO_FILENAMES -# define OPENSSL_FILE "" -# define OPENSSL_LINE 0 -# else -# define OPENSSL_FILE __FILE__ -# define OPENSSL_LINE __LINE__ -# endif -#endif - -#ifndef OPENSSL_MIN_API -# define OPENSSL_MIN_API 0 -#endif - -#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API -# undef OPENSSL_API_COMPAT -# define OPENSSL_API_COMPAT OPENSSL_MIN_API -#endif - -/* - * Do not deprecate things to be deprecated in version 1.2.0 before the - * OpenSSL version number matches. - */ -#if OPENSSL_VERSION_NUMBER < 0x10200000L -# define DEPRECATEDIN_1_2_0(f) f; -#elif OPENSSL_API_COMPAT < 0x10200000L -# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_1_2_0(f) -#endif - -#if OPENSSL_API_COMPAT < 0x10100000L -# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_1_1_0(f) -#endif - -#if OPENSSL_API_COMPAT < 0x10000000L -# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_1_0_0(f) -#endif - -#if OPENSSL_API_COMPAT < 0x00908000L -# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_0_9_8(f) -#endif - -/* Generate 80386 code? */ -#undef I386_ONLY - -#undef OPENSSL_UNISTD -#define OPENSSL_UNISTD - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -/* - * The following are cipher-specific, but are part of the public API. - */ -#if !defined(OPENSSL_SYS_UEFI) -# define BN_LLONG -/* Only one for the following should be defined */ -# undef SIXTY_FOUR_BIT_LONG -# undef SIXTY_FOUR_BIT -# define THIRTY_TWO_BIT -#endif - -#define RC4_INT unsigned int - -#ifdef __cplusplus -} -#endif diff --git a/libcrypto/manifest b/libcrypto/manifest index e808514..52d59d8 100644 --- a/libcrypto/manifest +++ b/libcrypto/manifest @@ -3,11 +3,11 @@ name: libcrypto # Note: remember to update doc-url below! # -version: 1.1.1+20 -upstream-version: 1.1.1t +version: 1.1.1+21 +upstream-version: 1.1.1u project: openssl -#priority: security +priority: security summary: C library providing general cryptography and X.509 support license: OpenSSL ; OpenSSL and Original SSLeay Licenses. topics: C, x.509, cryptography -- cgit v1.1