[ubuntu/jammy-proposed] openssl 3.0.0-1ubuntu1 (Accepted)

Simon Chopin simon.chopin at canonical.com
Mon Nov 22 15:34:13 UTC 2021


openssl (3.0.0-1ubuntu1) jammy; urgency=medium

  * Manual merge of version 3.0.0-1 from Debian experimental, remaining
    changes:
    - Replace duplicate files in the doc directory with symlinks.
    - debian/libssl1.1.postinst:
      + Display a system restart required notification on libssl1.1
        upgrade on servers, unless needrestart is available.
      + Use a different priority for libssl1.1/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
      + Skip services restart & reboot notification if needrestart is in-use.
      + Bump version check to to 1.1.1.
      + Import libraries/restart-without-asking template as used by above.
    - Revert "Enable system default config to enforce TLS1.2 as a
      minimum" & "Increase default security level from 1 to 2".
    - Reword the NEWS entry, as applicable on Ubuntu.
    - Set OPENSSL_TLS_SECURITY_LEVEL=2 as compiled-in minimum security
      level. Change meaning of SECURITY_LEVEL=2 to prohibit TLS versions
      below 1.2 and update documentation. Previous default of 1, can be set
      by calling SSL_CTX_set_security_level(), SSL_set_security_level() or
      using ':@SECLEVEL=1' CipherString value in openssl.cfg.
    - Add support for building with noudeb build profile.
  * d/p/Don-t-create-an-ECX-key-with-short-keys.patch:
    Backported from upstream to fix a regression with short keys (LP: #1946213)
  * d/p/Add-null-digest-implementation-to-the-default-provid.patch:
    Backported from upstream to fix a compatibility issue with 1.1.1l
  * Manually call dh_installdirs to fix build failure
  * Drop some Ubuntu patches merged upstream
    + The s390x series (00xx) has been applied upstream
    + The lp-1927161 Intel CET series has been applied upstream
    + CVE-2021-3449 has been fixed upstream
    + CVE-2021-3450 doesn't apply to 3.0 branch
  * Refresh and adapt the remaining patches

openssl (3.0.0-1) experimental; urgency=medium

  * Import 3.0.0.
  * Add avr32, patch by Vineet Gupta (Closes: #989442).

openssl (3.0.0~~beta2-1) experimental; urgency=medium

  * Import 3.0.0-beta2.

openssl (3.0.0~~beta1-1) experimental; urgency=medium

  * Import 3.0.0-beta1.
  * Use HARNESS_VERBOSE again (otherwise the test suite might killed since no
    progress is visible).

openssl (3.0.0~~alpha16-1) experimental; urgency=medium

  * Import 3.0.0-alpha16.
  * Use VERBOSE_FAILURE to log only failures in the build log.

openssl (3.0.0~~alpha15-1) experimental; urgency=medium

  * Import 3.0.0-alpha15.

openssl (3.0.0~~alpha13-2) experimental; urgency=medium

  * Add a proposed patch from upstream to skip negativ errno number in the
    testsuite to pass the testsute on hurd.
  * Always link against libatomic.

openssl (3.0.0~~alpha13-1) experimental; urgency=medium

  * Import 3.0.0-alpha13.
  * Move configuration.h to architecture specific include folder. Patch from
    Antonio Terceiro (Closes: #985555).
  * Enable LFS. Thanks to Dan Nicholson for debugging (Closes: #923479).
  * drop `lsof', the testsuite is not using it anymore.
  * Enable ktls.

openssl (3.0.0~~alpha4-1) experimental; urgency=medium

  * Import 3.0.0-alpha4.
  * Add `lsof' which is needed by the test suite.
  * Add ossl-modules to libcrypto's udeb.

openssl (3.0.0~~alpha3-1) experimental; urgency=medium

  * Import 3.0.0-alpha3
  * Install the .so files only in the -dev package (Closes: #962548).

openssl (3.0.0~~alpha1-1) experimental; urgency=medium

  * Import 3.0.0-alpha1 (Closes: #934836).

Date: Mon, 20 Sep 2021 18:09:50 +0200
Changed-By: Simon Chopin <simon.chopin at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Julian Andres Klode <julian.klode at canonical.com>
https://launchpad.net/ubuntu/+source/openssl/3.0.0-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 20 Sep 2021 18:09:50 +0200
Source: openssl
Built-For-Profiles: noudeb
Architecture: source
Version: 3.0.0-1ubuntu1
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Simon Chopin <simon.chopin at canonical.com>
Closes: 923479 934836 962548 985555 989442
Launchpad-Bugs-Fixed: 1946213
Changes:
 openssl (3.0.0-1ubuntu1) jammy; urgency=medium
 .
   * Manual merge of version 3.0.0-1 from Debian experimental, remaining
     changes:
     - Replace duplicate files in the doc directory with symlinks.
     - debian/libssl1.1.postinst:
       + Display a system restart required notification on libssl1.1
         upgrade on servers, unless needrestart is available.
       + Use a different priority for libssl1.1/restart-services depending
         on whether a desktop, or server dist-upgrade is being performed.
       + Skip services restart & reboot notification if needrestart is in-use.
       + Bump version check to to 1.1.1.
       + Import libraries/restart-without-asking template as used by above.
     - Revert "Enable system default config to enforce TLS1.2 as a
       minimum" & "Increase default security level from 1 to 2".
     - Reword the NEWS entry, as applicable on Ubuntu.
     - Set OPENSSL_TLS_SECURITY_LEVEL=2 as compiled-in minimum security
       level. Change meaning of SECURITY_LEVEL=2 to prohibit TLS versions
       below 1.2 and update documentation. Previous default of 1, can be set
       by calling SSL_CTX_set_security_level(), SSL_set_security_level() or
       using ':@SECLEVEL=1' CipherString value in openssl.cfg.
     - Add support for building with noudeb build profile.
   * d/p/Don-t-create-an-ECX-key-with-short-keys.patch:
     Backported from upstream to fix a regression with short keys (LP: #1946213)
   * d/p/Add-null-digest-implementation-to-the-default-provid.patch:
     Backported from upstream to fix a compatibility issue with 1.1.1l
   * Manually call dh_installdirs to fix build failure
   * Drop some Ubuntu patches merged upstream
     + The s390x series (00xx) has been applied upstream
     + The lp-1927161 Intel CET series has been applied upstream
     + CVE-2021-3449 has been fixed upstream
     + CVE-2021-3450 doesn't apply to 3.0 branch
   * Refresh and adapt the remaining patches
 .
 openssl (3.0.0-1) experimental; urgency=medium
 .
   * Import 3.0.0.
   * Add avr32, patch by Vineet Gupta (Closes: #989442).
 .
 openssl (3.0.0~~beta2-1) experimental; urgency=medium
 .
   * Import 3.0.0-beta2.
 .
 openssl (3.0.0~~beta1-1) experimental; urgency=medium
 .
   * Import 3.0.0-beta1.
   * Use HARNESS_VERBOSE again (otherwise the test suite might killed since no
     progress is visible).
 .
 openssl (3.0.0~~alpha16-1) experimental; urgency=medium
 .
   * Import 3.0.0-alpha16.
   * Use VERBOSE_FAILURE to log only failures in the build log.
 .
 openssl (3.0.0~~alpha15-1) experimental; urgency=medium
 .
   * Import 3.0.0-alpha15.
 .
 openssl (3.0.0~~alpha13-2) experimental; urgency=medium
 .
   * Add a proposed patch from upstream to skip negativ errno number in the
     testsuite to pass the testsute on hurd.
   * Always link against libatomic.
 .
 openssl (3.0.0~~alpha13-1) experimental; urgency=medium
 .
   * Import 3.0.0-alpha13.
   * Move configuration.h to architecture specific include folder. Patch from
     Antonio Terceiro (Closes: #985555).
   * Enable LFS. Thanks to Dan Nicholson for debugging (Closes: #923479).
   * drop `lsof', the testsuite is not using it anymore.
   * Enable ktls.
 .
 openssl (3.0.0~~alpha4-1) experimental; urgency=medium
 .
   * Import 3.0.0-alpha4.
   * Add `lsof' which is needed by the test suite.
   * Add ossl-modules to libcrypto's udeb.
 .
 openssl (3.0.0~~alpha3-1) experimental; urgency=medium
 .
   * Import 3.0.0-alpha3
   * Install the .so files only in the -dev package (Closes: #962548).
 .
 openssl (3.0.0~~alpha1-1) experimental; urgency=medium
 .
   * Import 3.0.0-alpha1 (Closes: #934836).
Checksums-Sha1:
 0668f9b124af80b083f131b3056da7883fb6f5a2 2739 openssl_3.0.0-1ubuntu1.dsc
 3be896f1b33bc01af874ccca701a6f700af9de20 14978663 openssl_3.0.0.orig.tar.gz
 ee0426134a2ea5e04a67d6fe4a5ef185a4606df4 833 openssl_3.0.0.orig.tar.gz.asc
 c91d1dd15a0e9e12c205d0de8de24dffb9f5e8d3 100332 openssl_3.0.0-1ubuntu1.debian.tar.xz
 0384b7f32d3b6ccaa3c6c36d7e5635ee8043883e 7325 openssl_3.0.0-1ubuntu1_source.buildinfo
Checksums-Sha256:
 df66e36b84796265fa747130c937abc582c4ef039fa2a84faf049b458574060a 2739 openssl_3.0.0-1ubuntu1.dsc
 59eedfcb46c25214c9bd37ed6078297b4df01d012267fe9e9eee31f61bc70536 14978663 openssl_3.0.0.orig.tar.gz
 de8a23ef13e666957ac8aeb435155fbed921814af3a710ab70984ba0c4fa1614 833 openssl_3.0.0.orig.tar.gz.asc
 2ab1ee6d43439954863543657ed8dd074d4470205e058c714c8a484b51e937df 100332 openssl_3.0.0-1ubuntu1.debian.tar.xz
 9be11d4fbb00b24723bda063cead8387759a6b4e89983cb3e20a8132d9dae2cd 7325 openssl_3.0.0-1ubuntu1_source.buildinfo
Files:
 4983ae06aa2ef40419932f0f881db43c 2739 utils optional openssl_3.0.0-1ubuntu1.dsc
 43c5ab628b7ab899d7cd4a4c7fe4067f 14978663 utils optional openssl_3.0.0.orig.tar.gz
 02e779b8fdf865d054faa8e8a7b19a29 833 utils optional openssl_3.0.0.orig.tar.gz.asc
 b874ae8d557462ff549f7d19caa1100b 100332 utils optional openssl_3.0.0-1ubuntu1.debian.tar.xz
 66d1df821033644abe8ef79682b523e8 7325 utils optional openssl_3.0.0-1ubuntu1_source.buildinfo
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at alioth-lists.debian.net>


More information about the jammy-changes mailing list