Ubuntu
openssl package

lp://staging/~ubuntu-branches/ubuntu/precise/openssl/precise-201203301638

  1. Precise (12.04)
  2. precise-201203301638
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp://staging/~ubuntu-branches/ubuntu/precise/openssl/precise-201203301638
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Development

Recent revisions

70. By Colin Watson

add .pc/tls12_workarounds.patch/Configure to deconfuse package importer

69. By Colin Watson

releasing version 1.0.1-2ubuntu3

68. By Colin Watson

* Temporarily work around TLS 1.2 failures as suggested by upstream
  (LP #965371):
  - Use client version when deciding whether to send supported signature
    algorithms extension.
  - Experimental workaround to large client hello issue: if
    OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients
    only.
  - Compile with -DOPENSSL_NO_TLS1_2_CLIENT.
  This fixes most of the reported problems, but does not fix the case of
  servers that reject version numbers they don't support rather than
  trying to negotiate a lower version (e.g. www.mediafire.com).

67. By Adam Conrad

* Remove compat symlinks from /usr/lib to /lib, as they cause
  some serious issued with symbol generation, and are not needed.
* Bump version passed to dh_makeshlibs to 1.0.1 for new symbols.

66. By Colin Watson

releasing version 1.0.1-2ubuntu1

65. By Colin Watson

note FFe bug, LP: #958430

64. By Colin Watson

merge from Debian 1.0.1-2

63. By Marc Deslauriers

* Resynchronise with Debian. Remaining changes:
  - debian/libssl1.0.0.postinst:
    + Display a system restart required notification on libssl1.0.0
      upgrade on servers.
    + Use a different priority for libssl1.0.0/restart-services depending
      on whether a desktop, or server dist-upgrade is being performed.
  - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
    libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
    in Debian).
  - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
    rules}: Move runtime libraries to /lib, for the benefit of
    wpasupplicant.
  - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
    http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
    0.9.8 variant.
  - debian/patches/Bsymbolic-functions.patch: Link using
    -Bsymbolic-functions.
  - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
    .pc.
  - debian/rules:
    + Don't run 'make test' when cross-building.
    + Use host compiler when cross-building. Patch from Neil Williams.
    + Don't build for processors no longer supported: i586 (on i386)
    + Fix Makefile to properly clean up libs/ dirs in clean target.
    + Replace duplicate files in the doc directory with symlinks.
  - Unapply patch c_rehash-multi and comment it out in the series as it
    breaks parsing of certificates with CRLF line endings and other cases
    (see Debian #642314 for discussion), it also changes the semantics of
    c_rehash directories by requiring applications to parse hash link
    targets as files containing potentially *multiple* certificates
    rather than exactly one.

62. By Marc Deslauriers

* Resynchronise with Debian. Remaining changes:
  - debian/libssl1.0.0.postinst:
    + Display a system restart required notification on libssl1.0.0
      upgrade on servers.
    + Use a different priority for libssl1.0.0/restart-services depending
      on whether a desktop, or server dist-upgrade is being performed.
  - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
    libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
    in Debian).
  - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
    rules}: Move runtime libraries to /lib, for the benefit of
    wpasupplicant.
  - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
    http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
    0.9.8 variant.
  - debian/patches/Bsymbolic-functions.patch: Link using
    -Bsymbolic-functions.
  - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
    .pc.
  - debian/rules:
    + Don't run 'make test' when cross-building.
    + Use host compiler when cross-building. Patch from Neil Williams.
    + Don't build for processors no longer supported: i586 (on i386)
    + Fix Makefile to properly clean up libs/ dirs in clean target.
    + Replace duplicate files in the doc directory with symlinks.
  - Unapply patch c_rehash-multi and comment it out in the series as it
    breaks parsing of certificates with CRLF line endings and other cases
    (see Debian #642314 for discussion), it also changes the semantics of
    c_rehash directories by requiring applications to parse hash link
    targets as files containing potentially *multiple* certificates
    rather than exactly one.

61. By Marc Deslauriers

The previous change moved the notification to major upgrades only, but
in fact, we do want the sysadmin to be notified when security updates
are installed, without having services automatically restarted.
(LP: #244250)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/precise/openssl
This branch contains Public information 
Everyone can see this information.

Subscribers