From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from ptx.hi.pengutronix.de ([2001:6f8:1178:2:5054:ff:fec0:8e10] ident=Debian-exim) by metis.ext.pengutronix.de with esmtp (Exim 4.72) (envelope-from ) id 1XFfb7-0001Di-KW for ptxdist@pengutronix.de; Fri, 08 Aug 2014 10:32:25 +0200 Received: from mol by ptx.hi.pengutronix.de with local (Exim 4.80) (envelope-from ) id 1XFfb7-0005Ir-J5 for ptxdist@pengutronix.de; Fri, 08 Aug 2014 10:32:25 +0200 Date: Fri, 8 Aug 2014 10:32:25 +0200 From: Michael Olbrich Message-ID: <20140808083225.GN28454@pengutronix.de> References: <1407415261-16377-1-git-send-email-bernhard@bwalle.de> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="IJpNTDwzlM2Ie8A6" Content-Disposition: inline In-Reply-To: <1407415261-16377-1-git-send-email-bernhard@bwalle.de> Subject: Re: [ptxdist] [PATCH] openssl: version bump 1.0.1h -> 1.0.1i Reply-To: ptxdist@pengutronix.de List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ptxdist-bounces@pengutronix.de Errors-To: ptxdist-bounces@pengutronix.de To: ptxdist@pengutronix.de --IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Aug 07, 2014 at 02:41:01PM +0200, Bernhard Walle wrote: > Fixes CVE-2014-3508. > Thanks, applied. I've regenerated the patches (no real changes). I've attached the script I use for this in case anyone is interested. Btw, if you run git send-email with '-M' then the patch is smaller and much better to read. Michael > Signed-off-by: Bernhard Walle > --- > patches/openssl-1.0.1h/0001-ca.patch | 31 ---- > patches/openssl-1.0.1h/0002-debian-targets.patch | 80 --------- > patches/openssl-1.0.1h/0003-engines-path.patch | 92 ---------- > patches/openssl-1.0.1h/0004-no-rpath.patch | 24 --- > patches/openssl-1.0.1h/0005-no-symbolic.patch | 24 --- > patches/openssl-1.0.1h/0006-pic.patch | 189 --------------------- > patches/openssl-1.0.1h/0007-valgrind.patch | 31 ---- > patches/openssl-1.0.1h/0008-rehash-crt.patch | 44 ----- > patches/openssl-1.0.1h/0009-shared-lib-ext.patch | 25 --- > patches/openssl-1.0.1h/0010-stddef.patch | 23 --- > patches/openssl-1.0.1h/0011-block_diginotar.patch | 66 ------- > .../0012-block_digicert_malaysia.patch | 30 ---- > .../0013-Change-default-bit-size-and-digest.patch | 131 -------------- > .../openssl-1.0.1h/0014-openssl_fix_for_x32.patch | 50 ------ > patches/openssl-1.0.1h/series | 17 -- > patches/openssl-1.0.1i/0001-ca.patch | 31 ++++ > patches/openssl-1.0.1i/0002-debian-targets.patch | 80 +++++++++ > patches/openssl-1.0.1i/0003-engines-path.patch | 92 ++++++++++ > patches/openssl-1.0.1i/0004-no-rpath.patch | 24 +++ > patches/openssl-1.0.1i/0005-no-symbolic.patch | 24 +++ > patches/openssl-1.0.1i/0006-pic.patch | 189 +++++++++++++++++++++ > patches/openssl-1.0.1i/0007-valgrind.patch | 31 ++++ > patches/openssl-1.0.1i/0008-rehash-crt.patch | 44 +++++ > patches/openssl-1.0.1i/0009-shared-lib-ext.patch | 25 +++ > patches/openssl-1.0.1i/0010-stddef.patch | 23 +++ > patches/openssl-1.0.1i/0011-block_diginotar.patch | 66 +++++++ > .../0012-block_digicert_malaysia.patch | 30 ++++ > .../0013-Change-default-bit-size-and-digest.patch | 131 ++++++++++++++ > .../openssl-1.0.1i/0014-openssl_fix_for_x32.patch | 50 ++++++ > patches/openssl-1.0.1i/series | 17 ++ > rules/openssl.make | 4 +- > 31 files changed, 859 insertions(+), 859 deletions(-) > delete mode 100644 patches/openssl-1.0.1h/0001-ca.patch > delete mode 100644 patches/openssl-1.0.1h/0002-debian-targets.patch > delete mode 100644 patches/openssl-1.0.1h/0003-engines-path.patch > delete mode 100644 patches/openssl-1.0.1h/0004-no-rpath.patch > delete mode 100644 patches/openssl-1.0.1h/0005-no-symbolic.patch > delete mode 100644 patches/openssl-1.0.1h/0006-pic.patch > delete mode 100644 patches/openssl-1.0.1h/0007-valgrind.patch > delete mode 100644 patches/openssl-1.0.1h/0008-rehash-crt.patch > delete mode 100644 patches/openssl-1.0.1h/0009-shared-lib-ext.patch > delete mode 100644 patches/openssl-1.0.1h/0010-stddef.patch > delete mode 100644 patches/openssl-1.0.1h/0011-block_diginotar.patch > delete mode 100644 patches/openssl-1.0.1h/0012-block_digicert_malaysia.patch > delete mode 100644 patches/openssl-1.0.1h/0013-Change-default-bit-size-and-digest.patch > delete mode 100644 patches/openssl-1.0.1h/0014-openssl_fix_for_x32.patch > delete mode 100644 patches/openssl-1.0.1h/series > create mode 100644 patches/openssl-1.0.1i/0001-ca.patch > create mode 100644 patches/openssl-1.0.1i/0002-debian-targets.patch > create mode 100644 patches/openssl-1.0.1i/0003-engines-path.patch > create mode 100644 patches/openssl-1.0.1i/0004-no-rpath.patch > create mode 100644 patches/openssl-1.0.1i/0005-no-symbolic.patch > create mode 100644 patches/openssl-1.0.1i/0006-pic.patch > create mode 100644 patches/openssl-1.0.1i/0007-valgrind.patch > create mode 100644 patches/openssl-1.0.1i/0008-rehash-crt.patch > create mode 100644 patches/openssl-1.0.1i/0009-shared-lib-ext.patch > create mode 100644 patches/openssl-1.0.1i/0010-stddef.patch > create mode 100644 patches/openssl-1.0.1i/0011-block_diginotar.patch > create mode 100644 patches/openssl-1.0.1i/0012-block_digicert_malaysia.patch > create mode 100644 patches/openssl-1.0.1i/0013-Change-default-bit-size-and-digest.patch > create mode 100644 patches/openssl-1.0.1i/0014-openssl_fix_for_x32.patch > create mode 100644 patches/openssl-1.0.1i/series -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | --IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=openssl-apply-debian #!/bin/bash set -e set -x blacklist=" config-hurd.patch man-dir.patch man-section.patch rehash_pod.patch version-script.patch gnu_source.patch c_rehash-compat.patch dgst_hmac.patch fix-pod-errors.patch " start="$(pwd)" src="$(pwd)/$1" deb="$(pwd)/$2" tmp="$(mktemp -d)" cd "$tmp" tar xf "$src" openssl="$(ls -d openssl-*)" tar xf "$deb" patches=debian/patches for patch in $blacklist; do sed -i "s/\(${patch}\)/#\1/" ${patches}/series done cd "$openssl" git init git add * git commit -m "base" git tag base git quiltimport --patches=../$patches/ --author "Michael Olbrich " git filter-branch --msg-filter "cat | grep -v '^==*$' && echo '\nImported from $(basename $deb)\n\nSigned-off-by: Michael Olbrich '" base...master #for patch in $(cat ../$patches/series | grep -v '^#'); do # patch=../$patches/$patch # name=$(basename $patch) # name=${name%.patch} # git apply $patch # git add * # git commit -m "debian $name # #Applied $(basename $patch) from $(basename $deb)" -a -s #done git format-patch --no-signature -N base mkdir "$start/$openssl" mv 0*.patch "$start/$openssl/" cd "$start" rm -rf "$tmp" cd "$start/$openssl/" sed -i 1d 0*.patch ls 0*.patch > series --IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ptxdist mailing list ptxdist@pengutronix.de --IJpNTDwzlM2Ie8A6--