update openssl-1.1.1f to openssl-1.1.1l

2021-12-08 15:37:52 +08:00 · 2021-12-08 15:37:52 +08:00 · c7cbaedc4b
commit c7cbaedc4b
parent fb7d89de14
4 changed files with 469 additions and 607 deletions
--- a/openssl-1.1.1-build.patch
+++ b/openssl-1.1.1-build.patch
@ -1,28 +1,7 @@
-#diff -up openssl-1.1.1-pre8/Configurations/unix-Makefile.tmpl.build openssl-1.1.1-pre8/Configurations/unix-Makefile.tmpl
-#--- openssl-1.1.1-pre8/Configurations/unix-Makefile.tmpl.build	2018-06-20 16:48:09.000000000 +0200
-#+++ openssl-1.1.1-pre8/Configurations/unix-Makefile.tmpl	2018-07-16 17:15:38.108831031 +0200
-#@@ -680,7 +680,7 @@ uninstall_runtime:
-# install_man_docs:
-# 	@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
-# 	@$(ECHO) "*** Installing manpages"
-#-	$(PERL) $(SRCDIR)/util/process_docs.pl \
-#+	TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
-# 		--destdir=$(DESTDIR)$(MANDIR) --type=man --suffix=$(MANSUFFIX)
-# 
-# uninstall_man_docs:
-#@@ -692,7 +692,7 @@ uninstall_man_docs:
-# install_html_docs:
-# 	@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
-# 	@$(ECHO) "*** Installing HTML manpages"
-#-	$(PERL) $(SRCDIR)/util/process_docs.pl \
-#+	TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
-# 		--destdir=$(DESTDIR)$(HTMLDIR) --type=html
-# 
-# uninstall_html_docs:
-diff -up openssl-1.1.1-pre8/Configurations/10-main.conf.build openssl-1.1.1-pre8/Configurations/10-main.conf
--- openssl-1.1.1-pre8/Configurations/10-main.conf.build	2018-06-20 16:48:09.000000000 +0200
-+++ openssl-1.1.1-pre8/Configurations/10-main.conf	2018-07-16 17:17:10.312045203 +0200
-@@ -693,6 +693,7 @@ my %targets = (
+diff -up openssl-1.1.1f/Configurations/10-main.conf.build openssl-1.1.1f/Configurations/10-main.conf
+--- openssl-1.1.1f/Configurations/10-main.conf.build	2020-03-31 14:17:45.000000000 +0200
+++ openssl-1.1.1f/Configurations/10-main.conf	2020-04-07 16:42:10.920546387 +0200
+@@ -678,6 +678,7 @@ my %targets = (
         cxxflags         => add("-m64"),
         lib_cppflags     => add("-DL_ENDIAN"),
         perlasm_scheme   => "linux64le",
@ -30,7 +9,7 @@ diff -up openssl-1.1.1-pre8/Configurations/10-main.conf.build openssl-1.1.1-pre8
     },
 
     "linux-armv4" => {
-@@ -733,6 +734,7 @@ my %targets = (
+@@ -718,6 +719,7 @@ my %targets = (
     "linux-aarch64" => {
         inherit_from     => [ "linux-generic64", asm("aarch64_asm") ],
         perlasm_scheme   => "linux64",
@ -38,3 +17,24 @@ diff -up openssl-1.1.1-pre8/Configurations/10-main.conf.build openssl-1.1.1-pre8
     },
     "linux-arm64ilp32" => {  # https://wiki.linaro.org/Platform/arm64-ilp32
         inherit_from     => [ "linux-generic32", asm("aarch64_asm") ],
+diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build openssl-1.1.1f/Configurations/unix-Makefile.tmpl
+--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build	2020-04-07 16:42:10.920546387 +0200
+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl	2020-04-07 16:44:23.539142108 +0200
+@@ -823,7 +823,7 @@ uninstall_runtime_libs:
+ install_man_docs:
+ 	@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
+ 	@$(ECHO) "*** Installing manpages"
+-	$(PERL) $(SRCDIR)/util/process_docs.pl \
+	TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
+ 		"--destdir=$(DESTDIR)$(MANDIR)" --type=man --suffix=$(MANSUFFIX)
+ 
+ uninstall_man_docs:
+@@ -835,7 +835,7 @@ uninstall_man_docs:
+ install_html_docs:
+ 	@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
+ 	@$(ECHO) "*** Installing HTML manpages"
+-	$(PERL) $(SRCDIR)/util/process_docs.pl \
+	TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
+ 		"--destdir=$(DESTDIR)$(HTMLDIR)" --type=html
+ 
+ uninstall_html_docs:
--- a/openssl-1.1.1-fips.patch
+++ b/openssl-1.1.1-fips.patch
--- a/openssl-1.1.1l.tar.gz
+++ b/openssl-1.1.1l.tar.gz
--- a/openssl.spec
+++ b/openssl.spec
@ -1,31 +1,31 @@
 %define soversion 1.1
 Name:        openssl
 Epoch:       1
-Version:     1.1.1f
-Release:     9
+Version:     1.1.1l
+Release:     1
 Summary:     Cryptography and SSL/TLS Toolkit
 License:     OpenSSL and SSLeay
 URL:         https://www.openssl.org/
-Source0:     https://www.openssl.org/source/old/1.1.1/%{name}-%{version}.tar.gz
+Source0:     https://www.openssl.org/source/%{name}-%{version}.tar.gz
 Source1:     Makefile.certificate
 Patch1:      openssl-1.1.1-build.patch
 Patch2:      openssl-1.1.1-fips.patch
-Patch3:      CVE-2020-1967.patch
-Patch4:      CVE-2020-1971-0001-DirectoryString-is-a-CHOICE-type-and-therefore-uses-.patch
-Patch5:      CVE-2020-1971-0002-Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch
-Patch6:      CVE-2020-1971-0003-Check-that-multi-strings-CHOICE-types-don-t-use-impl.patch
-Patch7:      CVE-2020-1971-0004-Complain-if-we-are-attempting-to-encode-with-an-inva.patch
-Patch8:      CVE-2020-1971-0005-Add-a-test-for-GENERAL_NAME_cmp.patch
-Patch9:      CVE-2020-1971-0006-Add-a-test-for-encoding-decoding-using-an-invalid-AS.patch
-Patch10:     CVE-2021-23840.patch
-Patch11:     CVE-2021-23841.patch
-Patch12:     CVE-2021-3449.patch
-Patch13:     CVE-2021-3711-0001-Check-the-plaintext-buffer-is-large-enough-when-decr.patch
-Patch14:     CVE-2021-3711-0002-Correctly-calculate-the-length-of-SM2-plaintext-give.patch
-Patch15:     CVE-2021-3711-0003-Extend-tests-for-SM2-decryption.patch
-Patch16:     CVE-2021-3712-0001-Fix-a-read-buffer-overrun-in-X509_aux_print.patch
-Patch17:     CVE-2021-3712-0002-Fix-EC_GROUP_new_from_ecparameters-to-check-the-base.patch
-Patch18:     bugfix-Don-t-Overflow-when-printing-Thawte-Strong-Extranet-.patch
+#Patch3:      CVE-2020-1967.patch
+#Patch4:      CVE-2020-1971-0001-DirectoryString-is-a-CHOICE-type-and-therefore-uses-.patch
+#Patch5:      CVE-2020-1971-0002-Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch
+#Patch6:      CVE-2020-1971-0003-Check-that-multi-strings-CHOICE-types-don-t-use-impl.patch
+#Patch7:      CVE-2020-1971-0004-Complain-if-we-are-attempting-to-encode-with-an-inva.patch
+#Patch8:      CVE-2020-1971-0005-Add-a-test-for-GENERAL_NAME_cmp.patch
+#Patch9:      CVE-2020-1971-0006-Add-a-test-for-encoding-decoding-using-an-invalid-AS.patch
+#Patch10:     CVE-2021-23840.patch
+#Patch11:     CVE-2021-23841.patch
+#Patch12:     CVE-2021-3449.patch
+#Patch13:     CVE-2021-3711-0001-Check-the-plaintext-buffer-is-large-enough-when-decr.patch
+#Patch14:     CVE-2021-3711-0002-Correctly-calculate-the-length-of-SM2-plaintext-give.patch
+#Patch15:     CVE-2021-3711-0003-Extend-tests-for-SM2-decryption.patch
+#Patch16:     CVE-2021-3712-0001-Fix-a-read-buffer-overrun-in-X509_aux_print.patch
+#Patch17:     CVE-2021-3712-0002-Fix-EC_GROUP_new_from_ecparameters-to-check-the-base.patch
+#Patch18:     bugfix-Don-t-Overflow-when-printing-Thawte-Strong-Extranet-.patch

 BuildRequires: gcc perl make lksctp-tools-devel coreutils util-linux zlib-devel

@ -202,6 +202,9 @@ make test || :
 %{_pkgdocdir}/html/

 %changelog
+* Wed Dec 8 2021 lujie42 <lujie42@huawei.com> - 1:1.1.1l-1
+- update openssl-1.1.1f to openssl-1.1.1l
+
 * Fri Sep 24 2021 openEuler Buildteam <buildteam@openeuler.org> - 1:1.1.1f-9
 - bugfix Overflow when printing Thawte Strong Extranet

@ -220,7 +223,7 @@ make test || :
 * Wed Mar 10 2021 openEuler Buildteam <buildteam@openeuler.org> - 1:1.1.1f-4
 - fix CVE-2021-23840 and CVE-2021-23841

-* Mon Jan 19 2021 openEuler Buildteam <buildteam@openeuler.org> - 1:1.1.1f-3
+* Tue Jan 19 2021 openEuler Buildteam <buildteam@openeuler.org> - 1:1.1.1f-3
 - fix CVE-2020-1971

 * Fri Sep 11 2020 Liquor <lirui130@huawei.com> - 1:1.1.1f-2