Change log for openssl-ibmca package in Ubuntu
| 1 → 37 of 37 results | First • Previous • Next • Last |
openssl-ibmca (2.4.0-0ubuntu2) mantic; urgency=medium * Add selected commits/patches as requested here: LP: #2027809 - d/p/lp-2027809-engine-Only-register-those-algos-specified-with-defa.patch To set the ENGINE_FLAGS_NO_REGISTER_ALL flag during IBMCA engine initialization to avoid unconditional registration of all algorithms. - d/p/lp-2027809-provider-rsa-Check-RSA-keys-with-p-q-at-key-generati.patch To check and correct RSA keys where p < q (privileged form) right after key generation or during import, so that p > q is assured whenever the key is used afterwards, and no ica_rsa_crt() correction is applied later on. - d/p/lp-2027809-provider-Support-importing-of-RSA-keys-with-just-ME-.patch To let an RSA key also contain the private key components in ME format, and use ica_rsa_mod_expo() only if the ME components are available. - d/p/lp-2027809-provider-RSA-Fix-get_params-to-retrieve-max-size-bit.patch To ensure (and fix) that the RSA key management's get_params() function is able to return the values for max-size, bits, and security-bits (if at least the public key is available). - d/p/lp-2027809-provider-Default-debug-directory-to-tmp-but-make-it-.patch To change the default log directory from /var/log/ibmca/ to /tmp which is world-writable anyway, and to avoid making /var/log/ibmca/ world- writable, which can cause security issues, since it's not known under which user an application runs that uses the provider. With that a world-writable directory under /var is avoided. -- Frank Heimes <email address hidden> Thu, 27 Jul 2023 16:38:43 +0200
Available diffs
- diff from 2.4.0-0ubuntu1 to 2.4.0-0ubuntu2 (11.7 KiB)
openssl-ibmca (1.4.1-0ubuntu1.2) bionic; urgency=medium * Fix IBMCA engine security vulnerability LP: #2015454 by adding: - d/p/lp-2015454-engine-Enable-RSA-blinding-and-offload-blinding-setu.patch -- Frank Heimes <email address hidden> Thu, 13 Apr 2023 09:23:22 +0200
Available diffs
openssl-ibmca (2.1.0-0ubuntu1.20.04.2) focal; urgency=medium * Fix IBMCA engine security vulnerability LP: #2015454 by adding: - d/p/lp-2015454-engine-Enable-RSA-blinding-and-offload-blinding-setu.patch -- Frank Heimes <email address hidden> Wed, 12 Apr 2023 21:46:00 +0200
Available diffs
openssl-ibmca (2.2.3-0ubuntu1.1) jammy; urgency=medium * Fix IBMCA engine security vulnerability LP: #2015454 by adding: - d/p/lp-2015454-engine-Enable-RSA-blinding-and-offload-blinding-setu.patch -- Frank Heimes <email address hidden> Wed, 12 Apr 2023 20:33:30 +0200
Available diffs
openssl-ibmca (2.3.0-0ubuntu1.1) kinetic; urgency=medium * Fix IBMCA provider security vulnerability LP: #2015333 by adding: - d/p/lp-2015333-provider-RSA-cipher-Tolerate-implicit-rejection-opti.patch - d/p/lp-2015333-provider-RSA-cipher-Fix-copy-paste-error.patch - d/p/lp-2015333-provider-Make-ibmca_rsa_check_pkcs1_tls_padding-cons.patch - d/p/lp-2015333-provider-Make-ibmca_rsa_check_pkcs1_padding-constant.patch - d/p/lp-2015333-provider-Make-ibmca_rsa_check_oaep_mgf1_padding-cons.patch - d/p/lp-2015333-provider-Add-support-for-implicit-rejection.patch - d/p/lp-2015333-provider-Support-RSA-blinding.patch - d/p/lp-2015333-provider-Perform-mod-expo-for-blinding-setup-via-lib.patch * Fix IBMCA engine security vulnerability LP: #2015454 by adding: - d/p/lp-2015333-engine-Enable-RSA-blinding-and-offload-blinding-setu.patch -- Frank Heimes <email address hidden> Wed, 12 Apr 2023 17:11:30 +0200
Available diffs
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
openssl-ibmca (2.4.0-0ubuntu1) lunar; urgency=medium * New upstream release. LP: #2015333 and LP: #2015454 -- Frank Heimes <email address hidden> Tue, 11 Apr 2023 19:51:12 +0200
Available diffs
- diff from 2.3.1-0ubuntu1 to 2.4.0-0ubuntu1 (33.7 KiB)
openssl-ibmca (2.3.1-0ubuntu1) lunar; urgency=medium * New upstream release. LP: #2004529 * Remove patch d/p/lp-1959763-Adjust-to-new-libica.patch because it's now included in upstream v2.3.1. * Remove patch d/p/lp-1959763-Support-tests-in-remote-builds.patch because it's now included in upstream v2.3.1. * Remove patch d/p/lp-1959763-provider-Adapt-keymgmt_match-implementations.patch because it's now included in upstream v2.3.1. * Remove patch d/p/lp-1959763-tests-skip-tests-if-libica-does-not-support.patch because it's now included in upstream v2.3.1. * Remove patch d/p/lp-1959763-Provider-Fix-parallel-test-runs.patch because it's now included in upstream v2.3.1. * Remove no longer needed dh-autoreconf at line Build-Depends: in d/control to solve lintian warning: openssl-ibmca source: useless-autoreconf-build-depends (does not need to satisfy dh-autoreconf:any) -- Frank Heimes <email address hidden> Wed, 01 Feb 2023 17:23:55 +0100
Available diffs
- diff from 2.3.0-0ubuntu1 to 2.3.1-0ubuntu1 (15.1 KiB)
| Superseded in lunar-release |
| Published in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
openssl-ibmca (2.3.0-0ubuntu1) kinetic; urgency=medium * New upstream release. LP: #1959763 - update d/p/openssl-config.patch since code moved from src to src/engine - update d/p/testconf-openssl3.patch since code moved from test to test/engine and context adjustment in test/engine/Makefile.am - remove d/p/e59cce5-Fix-compilation-for-OpenSSL-3.0.patch since this patch/commit is incl. in the new upstream version - due to the refactoring (engine/provider) path adjustments needed in d/rules and d/openssl-ibmca.install - add ibmca-provider-opensslconfig to d/rules and d/openssl-ibmca.install - modify d/rules to configure for engine and provider using full libica - expand d/examples with openssl.cnf.provider.sample - add d/p/lp-1959763-Adjust-to-new-libica.patch to be compliiant with latest libica - add d/p/lp-1959763-Support-tests-in-remote-builds.patch to make tests more decent - add d/p/lp-1959763-provider-Adapt-keymgmt_match-implementations.patch to adapt the provider's match functions - add d/p/lp-1959763-tests-skip-tests-if-libica-does-not-support.patch skip tests if unsupported by libica - add d/p/lp-1959763-Provider-Fix-parallel-test-runs.patch without this esp. the provider tests will not properly work -- Frank Heimes <email address hidden> Fri, 05 Aug 2022 16:37:13 +0200
Available diffs
- diff from 2.2.3-0ubuntu1 to 2.3.0-0ubuntu1 (262.5 KiB)
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
openssl-ibmca (2.2.3-0ubuntu1) jammy; urgency=medium * New upstream release. LP: #1967141 * The difference between 2.2.2 and 2.2.3 includes just these two fixes: - "PKEY: Fix usage of ECX keys" - "use correct libica for ibmca_mechaList_test" Rather than adding these as quilt patches, raising the package to the bugfix-only version that incl. them is preferable. * For "PKEY: Fix usage of ECX keys" a backport of "Fix compilation for OpenSSL 3.0" was needed: d/p/e59cce5-Fix-compilation-for-OpenSSL-3.0.patch * For convenience reasons a generated sample config is now included in the package, but also the optional configuration generator Perl script 'ibmca-engine-opensslconfig'. * d/control: add dh-autoreconf to Build-Depends to work around a Lintian regression on missing-build-dependency-for-dh-addon -- Frank Heimes <email address hidden> Wed, 30 Mar 2022 19:19:00 +0100
Available diffs
openssl-ibmca (2.2.2-0ubuntu1) jammy; urgency=medium * New upstream release. LP: #1960004 * compatibility to libica4 is now included * d/control modified to depend on libica4 * removed d/p/disable-3des-ecb-test.patch since the tests got fixed upstream * d/p/openssl-witness.cnf needed to be refreshed * d/p/testconf-openssl3.patch added initialization and refreshed -- Frank Heimes <email address hidden> Fri, 04 Feb 2022 09:54:15 +0100
Available diffs
openssl-ibmca (2.2.1-0ubuntu1) jammy; urgency=medium * New upstream release. LP: #1958419 [Simon Chopin] * d/p/testconf-openssl3.patch: fix the test suite against OpenSSL 3.0 * d/p/disable-3des-ecb-test.patch: Temporarily disable a failing test * d/rules: make the build fail if the tests fail -- Frank Heimes <email address hidden> Thu, 20 Jan 2022 15:44:47 +0100
Available diffs
openssl-ibmca (2.2.0-0ubuntu2) jammy; urgency=medium * No-change rebuild against openssl3 -- Simon Chopin <email address hidden> Tue, 07 Dec 2021 15:45:01 +0100
Available diffs
- diff from 2.2.0-0ubuntu1 to 2.2.0-0ubuntu2 (341 bytes)
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
openssl-ibmca (2.2.0-0ubuntu1) impish; urgency=medium * New upstream release. LP: #1929052 -- Matthieu Clemenceau <email address hidden> Fri, 18 Jun 2021 12:02:24 -0500
Available diffs
- diff from 2.1.2-0ubuntu1 to 2.2.0-0ubuntu1 (55.6 KiB)
openssl-ibmca (2.1.0-0ubuntu1.20.04.1) focal; urgency=medium
* Fixed application crashes while initializing OpenSSL configuration twice
(LP: #1926960)
-- Matthieu Clemenceau <email address hidden> Wed, 02 Jun 2021 14:49:46 -0500
Available diffs
openssl-ibmca (2.1.1-0ubuntu1.20.10.1) groovy; urgency=medium
* Fixed application crashes while initializing OpenSSL configuration twice
(LP: #1926960)
-- Matthieu Clemenceau <email address hidden> Wed, 02 Jun 2021 14:41:49 -0500
Available diffs
openssl-ibmca (2.1.1-0ubuntu1.21.04.1) hirsute; urgency=medium
* Fixed application crashes while initializing OpenSSL configuration twice
(LP: #1926960)
-- Matthieu Clemenceau <email address hidden> Wed, 02 Jun 2021 14:41:49 -0500
Available diffs
openssl-ibmca (2.1.2-0ubuntu1) impish; urgency=medium * New upstream release. LP: #1926584. -- Steve Langasek <email address hidden> Thu, 29 Apr 2021 08:41:11 -0700
Available diffs
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
openssl-ibmca (2.1.1-0ubuntu1) groovy; urgency=medium * New upstream release. LP: #1884763 -- Dimitri John Ledkov <email address hidden> Wed, 26 Aug 2020 20:14:28 +0100
Available diffs
| Superseded in groovy-release |
| Published in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to Release) |
openssl-ibmca (2.1.0-0ubuntu1) eoan; urgency=medium * New upstream release LP: #1836865 -- Dimitri John Ledkov <email address hidden> Mon, 07 Oct 2019 11:30:34 +0100
Available diffs
openssl-ibmca (2.0.3-0ubuntu1) eoan; urgency=medium * New upstream release LP: #1826198 -- Dimitri John Ledkov <email address hidden> Tue, 30 Apr 2019 12:34:27 +0100
Available diffs
| Superseded in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
openssl-ibmca (2.0.2-0ubuntu2) disco; urgency=medium * Rework error string init and exit. LP: #1819487 -- Dimitri John Ledkov <email address hidden> Mon, 18 Mar 2019 15:03:08 +0000
Available diffs
openssl-ibmca (1.4.1-0ubuntu1.1) bionic; urgency=medium
* Cherrypick upstream hw accelerated crypto perfomance fix to prefer
RSA-CRT, instead of RSA-ME. LP: #1806483
-- Dimitri John Ledkov <email address hidden> Tue, 12 Feb 2019 13:56:35 +0000
Available diffs
openssl-ibmca (2.0.0-0ubuntu2.1) cosmic; urgency=medium
* Cherrypick upstream hw accelerated crypto perfomance fix to prefer
RSA-CRT, instead of RSA-ME. LP: #1806483
-- Dimitri John Ledkov <email address hidden> Tue, 12 Feb 2019 13:49:47 +0000
Available diffs
openssl-ibmca (1.3.0-0ubuntu2.16.04.2) xenial; urgency=medium
* Apply upstream patch to resolve crashes when libssl attempts to
initialise engine a few times too many. LP: #1543455
-- Dimitri John Ledkov <email address hidden> Tue, 24 Jul 2018 16:21:15 +0100
Available diffs
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
openssl-ibmca (2.0.0-0ubuntu2) cosmic; urgency=medium
* Disable test-suite, as it appears to fail on launchpad builders, yet
passes locally when uncontained.
Available diffs
- diff from 1.4.1-0ubuntu1 to 2.0.0-0ubuntu2 (51.9 KiB)
- diff from 2.0.0-0ubuntu1 to 2.0.0-0ubuntu2 (500 bytes)
| Superseded in cosmic-proposed |
openssl-ibmca (2.0.0-0ubuntu1) cosmic; urgency=medium * New upstream release. LP: #1776209 * Update debian/copyright to Apache-2 -- Dimitri John Ledkov 🌈 <email address hidden> Thu, 14 Jun 2018 12:10:32 +0100
Available diffs
- diff from 1.4.1-0ubuntu1 to 2.0.0-0ubuntu1 (51.7 KiB)
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
openssl-ibmca (1.4.1-0ubuntu1) bionic; urgency=medium * New upstream release * Update watch file to point at github * Build against openssl1.1 with openssl1.1 engine paths LP: #1747626 -- Dimitri John Ledkov <email address hidden> Fri, 23 Feb 2018 18:06:36 +0000
Available diffs
openssl-ibmca (1.4.0-0ubuntu2) bionic; urgency=high * No change rebuild against openssl1.1. -- Dimitri John Ledkov <email address hidden> Tue, 06 Feb 2018 17:54:51 +0000
Available diffs
- diff from 1.4.0-0ubuntu1 to 1.4.0-0ubuntu2 (331 bytes)
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
openssl-ibmca (1.4.0-0ubuntu1) artful; urgency=medium * New upstream release * Drop patches applied upstream -- Dimitri John Ledkov <email address hidden> Thu, 28 Sep 2017 11:13:14 -0400
Available diffs
- diff from 1.3.0-0ubuntu5 to 1.4.0-0ubuntu1 (338.4 KiB)
openssl-ibmca (1.3.0-0ubuntu5) artful; urgency=medium
* Apply upstream patch to resolve crashes when libssl attempts to
initialise engine a few times too many. LP: #1543455
-- Dimitri John Ledkov <email address hidden> Wed, 26 Jul 2017 08:48:51 +0100
Available diffs
- diff from 1.3.0-0ubuntu4 to 1.3.0-0ubuntu5 (818 bytes)
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
openssl-ibmca (1.3.0-0ubuntu4) zesty; urgency=medium * Build against libica.so.3. -- Dimitri John Ledkov <email address hidden> Wed, 30 Nov 2016 10:24:29 +0000
Available diffs
- diff from 1.3.0-0ubuntu3 to 1.3.0-0ubuntu4 (836 bytes)
openssl-ibmca (1.3.0-0ubuntu2.16.04.1) xenial; urgency=medium
* Attempt to dlopen libica.so.2 by default, libica.so (or ctrl provided one)
when the default fails. LP: #1605511
* Add depends on libica2.
-- Dimitri John Ledkov <email address hidden> Tue, 04 Oct 2016 15:25:59 +0100
Available diffs
openssl-ibmca (1.3.0-0ubuntu2.16.10.1) yakkety; urgency=medium
* Attempt to dlopen libica.so.2 by default, libica.so (or ctrl provided one)
when the default fails. LP: #1605511
* Add depends on libica2.
-- Dimitri John Ledkov <email address hidden> Tue, 04 Oct 2016 15:25:59 +0100
Available diffs
openssl-ibmca (1.3.0-0ubuntu3) zesty; urgency=medium
* Attempt to dlopen libica.so.2, if libica.so (or ctrl provided one)
fails. LP: #1605511
* Add depends on libica2.
-- Dimitri John Ledkov <email address hidden> Tue, 04 Oct 2016 15:25:59 +0100
Available diffs
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Published in xenial-release |
| Deleted in xenial-proposed (Reason: moved to release) |
openssl-ibmca (1.3.0-0ubuntu2) xenial; urgency=medium * Correct license information. LP: 1543682 * Add watch file. * Resolves LP: #1538864
Available diffs
| Superseded in xenial-proposed |
openssl-ibmca (1.3.0-0ubuntu1) xenial; urgency=medium * Initial release. -- Dimitri John Ledkov <email address hidden> Fri, 05 Feb 2016 06:16:50 +0000
| 1 → 37 of 37 results | First • Previous • Next • Last |
