Latest upstream release: 1.0.1l Current version/release in Fedora Rawhide: 1.0.1k-2.fc22 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Soon this service will be implemented by a new system: https://release-monitoring.org/ It will require to manage monitored projects via a new web interface. Please make yourself familiar with the new system to ease the transition.
Latest upstream release: 1.0.2a Current version/release in rawhide: 1.0.1k-6.fc23 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring
tmraz's openssl-1.0.2a-1.fc23 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=630139
tmraz's openssl-1.0.2a-2.fc23 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=631397
tmraz's openssl-1.0.2a-3.fc23 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=635373
pbrobinson's openssl-1.0.2a-4.fc23 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=635432
Latest upstream release: 1.0.2b Current version/release in rawhide: 1.0.2a-4.fc23 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.
Failed to kick off scratch build. list index out of range
Latest upstream release: 1.0.2c Current version/release in rawhide: 1.0.2a-4.fc23 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.
tmraz's openssl-1.0.2c-1.fc23 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=646126
ausil's openssl-1.0.2c-2.fc23 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=655043
tmraz's openssl-1.0.2c-3.fc23 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=667301
Latest upstream release: 1.0.2e Current version/release in rawhide: 1.0.2d-3.fc24 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.
please update.. OpenSSL Security Advisory [3 Dec 2015] BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193) ================================================================== Severity: Moderate There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. This issue affects OpenSSL version 1.0.2. OpenSSL 1.0.2 users should upgrade to 1.0.2e This issue was reported to OpenSSL on August 13 2015 by Hanno Böck. The fix was developed by Andy Polyakov of the OpenSSL development team. Certificate verify crash with missing PSS parameter (CVE-2015-3194) =================================================================== Severity: Moderate The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. This issue affects OpenSSL versions 1.0.2 and 1.0.1. OpenSSL 1.0.2 users should upgrade to 1.0.2e OpenSSL 1.0.1 users should upgrade to 1.0.1q This issue was reported to OpenSSL on August 27 2015 by Loïc Jonas Etienne (Qnective AG). The fix was developed by Dr. Stephen Henson of the OpenSSL development team. X509_ATTRIBUTE memory leak (CVE-2015-3195) ========================================== Severity: Moderate When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. This issue affects OpenSSL versions 1.0.2 and 1.0.1, 1.0.0 and 0.9.8. OpenSSL 1.0.2 users should upgrade to 1.0.2e OpenSSL 1.0.1 users should upgrade to 1.0.1q OpenSSL 1.0.0 users should upgrade to 1.0.0t OpenSSL 0.9.8 users should upgrade to 0.9.8zh This issue was reported to OpenSSL on November 9 2015 by Adam Langley (Google/BoringSSL) using libFuzzer. The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
tmraz's openssl-1.0.2e-1.fc24 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=703221
tmraz's openssl-1.0.2e-2.fc24 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=703814
tmraz's openssl-1.0.2e-3.fc24 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=704145
tmraz's openssl-1.0.2e-5.fc24 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=711491
Latest upstream release: 1.0.2g Current version/release in rawhide: 1.0.2f-2.fc24 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.
tmraz's openssl-1.0.2g-1.fc25 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=740492
tmraz's openssl-1.0.2g-2.fc25 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=740752
spot's openssl-1.0.2g-3.fc25 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=742845
tmraz's openssl-1.0.2g-4.fc25 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=749572
Latest upstream release: 1.1.0 Current version/release in rawhide: 1.0.2h-3.fc26 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2566/
Patching or scratch build for openssl-1.0.2h failed.
Created attachment 1194719 [details] Rebase-helper rebase-helper-debug.log log file. See for details and report the eventual error to rebase-helper https://github.com/phracek/rebase-helper/issues.
Patches were not touched. All were applied properly
Latest upstream release: 1.1.0a Current version/release in rawhide: 1.0.2h-3.fc26 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2566/
Created attachment 1203716 [details] Rebase-helper rebase-helper-debug.log log file. See for details and report the eventual error to rebase-helper https://github.com/phracek/rebase-helper/issues.
Latest upstream release: 1.1.0b Current version/release in rawhide: 1.0.2j-1.fc26 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2566/
Patching or scratch build for openssl-1.0.2j failed.
Created attachment 1205545 [details] Rebase-helper rebase-helper-debug.log log file. See for details and report the eventual error to rebase-helper https://github.com/phracek/rebase-helper/issues.
tmraz's openssl-1.1.0b-1.fc26 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=808591
tmraz's openssl-1.1.0b-2.fc26 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=809049
tmraz's openssl-1.1.0b-3.fc26 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=810489
tmraz's openssl-1.1.0b-4.fc26 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=815065
Latest upstream release: 1.1.0c Current version/release in rawhide: 1.1.0b-4.fc26 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2566/
Rebase helper failed. See logs and attachments in this bugzilla RAN: '/usr/bin/git clone http://pkgs.fedoraproject.org/cgit/rpms/openssl.git /var/tmp/thn-rhsqo0na' STDOUT: Cloning into '/var/tmp/thn-rhsqo0na'... STDERR: error: garbage at end of loose object '55caf883fc88fb705071125e0ca4311649ef0b3f' fatal: loose object 55caf883fc88fb705071125e0ca4311649ef0b3f (stored in /var/tmp/thn-rhsqo0na/.git/objects/55/caf883fc88fb705071125e0ca4311649ef0b3f) is corrupt
Failed to kick off scratch build. [Errno 2] No such file or directory: '/var/tmp/thn-bzP7js'
tmraz's openssl-1.1.0c-1.fc26 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=817079
tmraz's openssl-1.1.0c-2.fc26 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=819430
tmraz's openssl-1.1.0c-4.fc26 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=822163
tmraz's openssl-1.1.0c-5.fc26 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=828881
Latest upstream release: 1.1.0e Current version/release in rawhide: 1.1.0d-3.fc26 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2566/
An unexpected error occured creating the scratch build: please report this issue to the-new-hotness issue tracker at https://github.com/fedora-infra/the-new-hotness/issues
tmraz's openssl-1.1.0e-1.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=865069
Latest upstream release: 1.1.0f Current version/release in rawhide: 1.1.0e-1.fc27 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2566/
One or more of the specfile's Sources is not a valid URL so we cannot automatically build the new version for you.Please use a URL in your Source declarations if possible.
tmraz's openssl-1.1.0f-1.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=900359
tmraz's openssl-1.1.0f-2.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=903211
tmraz's openssl-1.1.0f-3.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=908369
tmraz's openssl-1.1.0f-5.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=911734
ppisar's openssl-1.1.0f-6.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=918234
tmraz's openssl-1.1.0f-7.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=919456
releng's openssl-1.1.0f-8.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=934013
releng's openssl-1.1.0f-9.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=949165
Latest upstream release: 1.1.0h Current version/release in rawhide: 1.1.0g-6.fc29 URL: http://www.openssl.org/source/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2566/
Latest upstream release: 1.1.1b Current version/release in rawhide: 1.1.1a-2.fc30 URL: https://www.openssl.org/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2566/
openssl-1.1.1b-2.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-84af83fe15
openssl-1.1.1b-2.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-84af83fe15
openssl-1.1.1b-2.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.