Пакет openssl10: Specfile

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
%def_enable tsget
%def_disable tools
%def_disable devel

Name: openssl10
Version: 1.0.2u
Release: alt1.p9.2

Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
License: OpenSSL
Group: System/Base
Url: https://www.openssl.org/source/

# git://git.altlinux.org/gears/o/openssl10.git
Source: openssl-%version.tar
Source1: openssl-config
Source2: Makefile.certificate
Source3: make-dummy-cert
Source4: cc.sh

Patch01: openssl-owl-alt-issetugid.patch
Patch02: openssl-alt-krb5.patch
Patch03: openssl-alt-config.patch
Patch04: openssl-alt-fips_premain_dso.patch
Patch05: openssl-gosta-pkcs12-fix.patch
Patch06: openssl-rh-alt-soversion.patch
Patch07: openssl-rh-enginesdir.patch
Patch08: openssl-rh-no-rpath.patch
Patch09: openssl-rh-test-use-localhost.patch
Patch11: openssl-rh-pod2man-timezone.patch
Patch12: openssl-rh-perlpath.patch
Patch13: openssl-rh-default-paths.patch
Patch14: openssl-rh-issuer-hash.patch
Patch15: openssl-rh-X509_load_cert_file.patch
Patch16: openssl-rh-version-add-engines.patch
Patch18: openssl-rh-ipv6-apps.patch
Patch19: openssl-rh-env-zlib.patch
Patch21: openssl-rh-algo-doc.patch
Patch22: openssl-rh-apps-dgst.patch
Patch23: openssl-rh-xmpp-starttls.patch
Patch24: openssl-rh-chil-fixes.patch
Patch25: openssl-alt-secure-getenv.patch
Patch27: openssl-rh-padlock64.patch
Patch30: openssl-rh-disable-sslv2v3.patch
Patch84: openssl-rh-trusted-first-doc.patch
Patch87: openssl-rh-cc-reqs.patch
Patch90: openssl-rh-enc-fail.patch
Patch92: openssl-rh-system-cipherlist.patch

Patch100: openssl-fix-CVE-2020-1971.patch
Patch101: openssl-fix-CVE-2022-0778.patch

%define shlib_soversion 10
%define openssldir /var/lib/ssl
%define old_openssldir %_libdir/ssl
%def_disable compat
%def_without krb

BuildRequires: /usr/bin/pod2man bc zlib-devel
%if_enabled tsget
BuildRequires: perl-WWW-Curl
%endif

%package -n libcrypto%shlib_soversion
Summary: OpenSSL libcrypto shared library
Group: System/Legacy libraries
Provides: libcrypto = %version-%release
# due to openssl.cnf
Conflicts: libcrypto7, libssl7, libssl6 < 0.9.8d-alt6
# due to openssldir migration
Conflicts: openssl < 0:0.9.8d-alt1
# due to runtime openssl version check
Conflicts: openssh-common < 5.9p1-alt5
Requires: ca-certificates

%package -n libssl%shlib_soversion
Summary: OpenSSL libssl shared library
Group: System/Legacy libraries
Provides: libssl = %version
%{?_with_krb:Provides: openssl-krb = %version-%release}
Requires: libcrypto%shlib_soversion = %version-%release

%package -n libssl-devel
Summary: OpenSSL include files and development libraries
Group: Development/C
Provides: openssl-devel = %version
Obsoletes: openssl-devel < %version
Requires: libssl%shlib_soversion = %version-%release
%{?_with_krb:Requires: libkrb5-devel}
# due to /usr/bin/openssl-config
Conflicts: openssl < %version-%release, openssl > %version-%release
# manpage clash: crypto(3).
Conflicts: erlang <= 0:R9C.0-alt2
%{?_with_krb:Provides: openssl-krb-devel = %version-%release}

%package -n libssl-devel-static
Summary: OpenSSL static libraries
Group: Development/C
Provides: openssl-devel-static = %version
Obsoletes: openssl-devel-static < %version
Requires: libssl-devel = %version-%release
%{?_with_krb:Provides: openssl-krb-devel-static = %version-%release}

%package -n openssl
Summary: OpenSSL tools
Group: System/Base
Provides: %openssldir
# due to /usr/bin/openssl-config
Conflicts: libssl-devel < %version-%release, libssl-devel > %version-%release
Requires: libssl%shlib_soversion = %version-%release
%{?_with_krb:BuildRequires: libkrb5-devel}

%package -n openssl-doc
Summary: OpenSSL documentation and demos
Group: Development/C
Requires: openssl = %version-%release
BuildArch: noarch

%package -n openssl-engines
Summary: OpenSSL ENGINE interface modules
Group: System/Libraries
Requires: libssl%shlib_soversion = %version-%release

%package -n tsget
Summary: Time Stamping HTTP/HTTPS client
Group: Security/Networking 
BuildArch: noarch
Requires: libssl%shlib_soversion = %version-%release

%description
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

%description -n libcrypto%shlib_soversion
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

This package contains the OpenSSL libcrypto shared library.

%description -n libssl%shlib_soversion
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

This package contains the OpenSSL libssl shared library.

%description -n libssl-devel
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

This package contains the OpenSSL include files and development libraries
required when building OpenSSL-based applications.

%description -n libssl-devel-static
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

This package contains static libraries required when developing
OpenSSL-based statically linked applications.

%description -n openssl
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

This package contains the base OpenSSL cryptography and SSL/TLS tools.

%description -n openssl-doc
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

This package contains the OpenSSL cryptography and SSL/TLS extra
documentation and demos required when developing applications.

%description -n openssl-engines
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

With OpenSSL 0.9.6, a new component was added to support alternative
cryptography implementations, most commonly for interfacing with external
crypto devices (eg. accelerator cards).  This component is called ENGINE,
and its presence in OpenSSL 0.9.6 (and subsequent bug-fix releases) caused
a little confusion as 0.9.6** releases were rolled in two versions,
a "standard" and an "engine" version.  In development for 0.9.7, the
ENGINE code has been merged into the main branch and is present in
the standard releases from 0.9.7 forwards.

There are currently following built-in ENGINE implementations:
- 4758cca: IBM 4758 CCA hardware support;
- aep: Aep hardware support;
- atalla: Atalla hardware support;
- chil: CHIL hardware support;
- cswift: CryptoSwift hardware support;
- gost: GOST (Russian cryptography standard) implementation;
- nuron: Nuron hardware support;
- padlock: VIA PadLock ACE support;
- sureware: SureWare hardware support;
- ubsec: UBSEC hardware support.

In addition, dynamic binding to external ENGINE implementations is
provided by a special ENGINE called "dynamic".

%description -n tsget
The tsget command can be used for sending a time stamp request, as
specified in RFC 3161, to a time stamp server over HTTP or HTTPS and
storing the time stamp response in a file.  This tool cannot be used for
creating the requests and verifying responses, you can use the OpenSSL
ts(1) command to do that.  tsget can send several requests to the server
without closing the TCP connection if more than one requests are specified
on the command line.

%prep
%setup -n openssl-%version
%patch01 -p1
%patch02 -p1
%patch03 -p1
%patch04 -p1
%patch05 -p1
%patch06 -p1
%patch07 -p1
%patch08 -p1
%patch09 -p1

%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch18 -p1
%patch19 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1

%patch24 -p1

%patch25 -p1
%patch27 -p1
%patch30 -p1
%patch84 -p1
%patch87 -p1
%patch90 -p1
%patch92 -p1

%patch100 -p1
%patch101 -p1

find -type f -name \*.orig -delete

# Correct shared library name.
sed -i 's/@SHLIB_SOVERSION@/%shlib_soversion/g' Configure Makefile.*
sed -i 's/\\\$(SHLIB_MAJOR)\.\\\$(SHLIB_MINOR)/\\$(VERSION)/g' Configure
sed -i 's/\$(SHLIB_MAJOR)\.\$(SHLIB_MINOR)/\$(VERSION)/g' Makefile.org
sed -i 's/\(^#define[[:space:]]\+SHLIB_VERSION_NUMBER[[:space:]]\+\).*/\1"%version"/' crypto/opensslv.h

# Correct compilation options.
%add_optflags -fno-strict-aliasing -fno-strict-overflow -Wa,--noexecstack -Werror=implicit-function-declaration
sed -i 's/-O\([0-9s]\>\)\?\( -fomit-frame-pointer\)\?\( -m.86\)\?/\\\$(RPM_OPT_FLAGS)/' \
	Configure

# Be more verbose.
sed -i 's/^\([[:space:]]\+\)@[[:space:]]*/\1/' Makefile*

%build
ADD_ARGS=%_os-%_arch
%ifarch %ix86
	ADD_ARGS=linux-elf
%ifarch i386
	ADD_ARGS="$ADD_ARGS 386"
%endif
%endif
%ifarch %arm
ADD_ARGS=linux-generic32
%endif
%ifarch x32
ADD_ARGS=linux-x32
%endif
%ifarch s390x
ADD_ARGS=linux64-s390x
%endif
%ifarch mips mipsel
ADD_ARGS=linux-mips32
%endif
%ifarch mips64 mips64el
ADD_ARGS=linux64-mips64
%endif
%ifarch riscv64 %e2k
ADD_ARGS=linux-generic64
%endif

if echo 'extern __uint128_t i;' |
   gcc %optflags -Werror -c -o/dev/null -xc -; then
	ADD_ARGS="enable-ec_nistp_64_gcc_128 $ADD_ARGS"
fi

./Configure shared \
	--prefix=%prefix \
	--libdir=%_lib \
	--openssldir=%openssldir \
	--enginesdir=%_libdir/openssl/engines \
	--system-ciphers-file=%_sysconfdir/openssl/cipher-list.conf \
%if_with krb
	--with-krb5-flavor=MIT \
	--with-krb5-dir=%prefix \
%endif
	enable-md2 \
	enable-rfc3779 \
	enable-ssl2 \
	zlib \
	$ADD_ARGS

# SMP-incompatible build.
make

# Make soname symlinks.
/sbin/ldconfig -nv .

# Save library timestamps for later check.
touch -r libcrypto.so.%version libcrypto-stamp
touch -r libssl.so.%version libssl-stamp

LD_LIBRARY_PATH=`pwd` make rehash

%install
# The make_install macro doesn't work here.
make install \
	CC=%_sourcedir/cc.sh \
	INSTALL_PREFIX=%buildroot \
	MANDIR=%_mandir

# Fail if one of shared libraries was rebuit.
if [ libcrypto.so.%version -nt libcrypto-stamp -o \
     libssl.so.%version -nt libssl-stamp ]; then
	echo 'Shared library was rebuilt by "make install".'
	exit 1
fi

# Fail if the openssl binary is statically linked against OpenSSL at this
# stage (which could happen if "make install" caused anything to rebuild).
LD_LIBRARY_PATH=`pwd` ldd %buildroot%_bindir/openssl |tee openssl.libs
grep -qw libssl openssl.libs
grep -qw libcrypto openssl.libs

# Install openssl-config script.
install -pDm755 %_sourcedir/openssl-config %buildroot%_bindir/openssl-config
subst -p 's,%%version,%version,g;s,%%openssldir,%openssldir,g' \
	%buildroot%_bindir/openssl-config

# Relocate shared libraries from %_libdir/ to /lib/.
mkdir -p %buildroot{/%_lib,%_libdir/openssl,%_sbindir}
for f in %buildroot%_libdir/*.so; do
	t=$(readlink "$f") || continue
	ln -snf ../../%_lib/"$t" "$f"
done
mv %buildroot%_libdir/*.so.* %buildroot/%_lib/

# Relocate engines.
mv %buildroot%_libdir/engines %buildroot%_libdir/openssl/

# Relocate openssl.cnf from %%openssldir/ to %_sysconfdir/openssl/.
mkdir -p %buildroot%_sysconfdir/openssl
mv %buildroot%openssldir/openssl.cnf %buildroot%_sysconfdir/openssl/
ln -s -r %buildroot%_sysconfdir/openssl/openssl.cnf %buildroot%openssldir/

# Rename some man pages, fix references.
for f in passwd.1 err.3 rand.3 threads.3 config.5; do
	name="${f%%.*}"
	sect="${f##*.}"
	NAME=`printf %%s "$name" |tr '[:lower:]' '[:upper:]'`
	sed -i "s/\\<$NAME $sect\\>/SSL&/" %buildroot%_mandir/man"$sect/$f"
	mv -v %buildroot%_mandir/man"$sect"/{,ssl}"$f"
	find %buildroot%_mandir -type f -print0 |
		xargs -r0 grep -FZl "\\fI$name\\fR\\|($sect)" -- |
		xargs -r0 subst -p "s/\\\\fI$name\\\\fR\\\\|($sect)/\\\\fIssl$name\\\\fR\\\\|($sect)/" --
	find %buildroot%_mandir -type l |while read link; do
		[ "$(readlink -n "$link")" = "$f" ] || continue
		ln -sfv "ssl$f" "$link"
	done
done
ln -s sslconfig.5 %buildroot%_mandir/man5/openssl.cnf.5

# Make backwards-compatibility symlink to ssleay.
ln -snf openssl %buildroot%_bindir/ssleay

# Install a makefile for generating keys and self-signed certs,
# and a script for generating them on the fly.
install -pDm644 %_sourcedir/Makefile.certificate \
	%buildroot%openssldir/certs/Makefile
install -pDm644 %_sourcedir/make-dummy-cert \
	%buildroot%openssldir/certs/make-dummy-cert

ln -s -r %buildroot%_datadir/ca-certificates/ca-bundle.crt \
	%buildroot%openssldir/cert.pem

mv %buildroot%openssldir/misc/CA{.sh,}
rm %buildroot%openssldir/misc/CA.pl

%if_enabled tsget
mv %buildroot%openssldir/misc/tsget %buildroot%_sbindir/
%else
rm %buildroot%openssldir/misc/tsget
%endif

%define docdir %_docdir/openssl-%version
mkdir -p %buildroot%docdir
install -pm644 CHANGES* LICENSE NEWS README* engines/ccgost/README.gost \
	%buildroot%docdir/
bzip2 -9 %buildroot%docdir/CHANGES*
cp -a demos doc %buildroot%docdir/
rm -rf %buildroot%docdir/doc/{apps,crypto,ssl}

# Create default cipher-list.conf from SSL_DEFAULT_CIPHER_LIST
#sed -n -r 's,^#.*SSL_DEFAULT_CIPHER_LIST[[:space:]]+"([^"]+)",\1,p' \
#	ssl/ssl.h > %%buildroot%%_sysconfdir/openssl/cipher-list.conf

# To match libcrypto1.1 1.1.1b-alt1
echo "ALL:!COMPLEMENTOFDEFAULT:!eNULL" > \
	%buildroot%_sysconfdir/openssl/cipher-list.conf

%check
LD_LIBRARY_PATH=%buildroot/%_lib make test

%if_enabled compat
%pre -n openssl
[ $1 -gt 1 ] || exit 0
if [ ! -e %_sysconfdir/openssl -a ! -L %_sysconfdir/openssl -a -e %old_openssldir/openssl.cnf ]; then
	mkdir -p %_sysconfdir/openssl &&
	cp -a %old_openssldir/openssl.cnf %_sysconfdir/openssl/
fi
if [ ! -e %openssldir -a ! -L %openssldir -a -d %old_openssldir ]; then
	cp -a %old_openssldir %openssldir
fi
%endif #compat

%files -n libcrypto%shlib_soversion
/%_lib/libcrypto*
%config(noreplace) %_sysconfdir/openssl/openssl.cnf
%dir %_sysconfdir/openssl/
%dir %openssldir
%openssldir/*.cnf
%openssldir/*.pem
%dir %docdir
%docdir/[A-Z]*

%files -n libssl%shlib_soversion
%config(noreplace) %_sysconfdir/openssl/cipher-list.conf
%dir %_sysconfdir/openssl/
/%_lib/libssl*

%if_enabled devel
%files -n libssl-devel
%_bindir/openssl-config
%_libdir/*.so
%_libdir/pkgconfig/*
%_includedir/*

%files -n libssl-devel-static
%_libdir/*.a
%endif

%if_enabled tools
%files -n openssl
%_bindir/*
%dir %openssldir
%openssldir/misc
%openssldir/certs
%dir %attr(700,root,root) %openssldir/private
%_mandir/man[157]/*
%if_enabled tsget
%exclude %_man1dir/tsget.*
%exclude %_man1dir/openssl-tsget.*
%endif

%files -n openssl-doc
%dir %docdir
%docdir/[a-z]*
%_man3dir/*

%files -n openssl-engines
%_libdir/openssl

%if_enabled tsget
%files -n tsget
%_sbindir/tsget
%_man1dir/tsget.*
%_man1dir/openssl-tsget.*
%endif
%endif

%changelog
* Tue Mar 15 2022 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2u-alt1.p9.2
- Backported upstream security fix (fixes CVE-2022-0778).

* Wed Dec 09 2020 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2u-alt1.p9.1
- Updated to 1.0.2u (fixes CVE-2019-1547, CVE-2019-1551, CVE-2019-1552,
  CVE-2019-1563)
- Backported upstream fix for GENERAL_NAME_cmp (fixes CVE-2020-1971).

* Wed Apr 17 2019 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2r-alt3
- Fixed build on mips64, mips64el architectures.
- Added support of build on riscv64 and e2k architectures.

* Thu Mar 21 2019 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2r-alt2
- Synced openssl.cnf with libcrypto1.1 1.1.1b-alt1.

* Wed Mar 20 2019 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2r-alt1
- Updated to 1.0.2r (fixes CVE-2019-1559).
- Synced cipher-list.conf with libcrypto1.1 1.1.1b-alt1.

* Wed Dec 19 2018 Dmitry V. Levin <ldv@altlinux.org> 1.0.2q-alt1
- 1.0.2p -> 1.0.2q (fixes CVE-2018-5407 and CVE-2018-0734).
- Disabled krb5 support.

* Tue Aug 28 2018 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2p-alt2
- Rebuilt as openssl 1.1.0 legacy libraries.

* Thu Aug 16 2018 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2p-alt1
- Updated to 1.0.2p (fixes CVE-2018-0732 and CVE-2018-0737).

* Tue Mar 27 2018 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2o-alt1
- Updated to v1.0.2o (fixes CVE-2018-0739).

* Thu Dec 07 2017 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2n-alt1
- Updated to v1.0.2n (fixes CVE-2017-3737, CVE-2017-3738).
- Added --disable tsget knob.
- Added support of s390x and mips* architectures.

* Sat Nov 04 2017 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2m-alt1
- Updated to v1.0.2m (fixes CVE-2017-3735, CVE-2017-3736).

* Thu Jan 26 2017 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2k-alt1
- Updated to v1.0.2k (fixes CVE-2016-7055, CVE-2017-3731, CVE-2017-3732).

* Mon Sep 26 2016 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2j-alt1
- Updated to v1.0.2j (fixes CVE-2016-6309).

* Thu Sep 22 2016 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2i-alt1
- Updated to 1.0.2i (fixes CVE-2016-2177, CVE-2016-2179,
  CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183,
  CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306).

* Wed Jun 08 2016 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2h-alt2
- Backported upstream fix for CVE-2016-2178.

* Tue May 03 2016 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2h-alt1
- Updated to 1.0.2h (fixes CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
  CVE-2016-2109 CVE-2016-2176).

* Tue Mar 01 2016 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2g-alt1
- Updated to 1.0.2g (fixes CVE-2016-0701 CVE-2016-0702
  CVE-2016-0705 CVE-2016-0797 CVE-2016-0798
  CVE-2016-0799 CVE-2016-0800).
- Added default ciphers to system profile.

* Thu Jan 28 2016 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2f-alt1
- Updated to 1.0.2f (fixes CVE-2015-3197 CVE-2016-0701).

* Tue Jan 12 2016 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2e-alt2
- libcrypto10: added conflict: libcrypto7, libssl7
  (due to openssl.cnf; ALT#31671).

* Mon Dec 28 2015 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.2e-alt1
- Updated to 1.0.2e.
- Updated patches from Fedora openssl-1.0.2e-4.
- Added support of system profile for default cipher list.
- Disabled support of updating from openssl <= 0.9.6g-alt2.
- Updated openssl-alt-config.patch:
  + [ CA_default ] default_md = sha1 -> sha256.
  + [ req ] default_md = sha1 -> sha256.
  + [ tsa_config1 ] digests = md5, sha1 -> sha1, sha256, sha384, sha512.

* Thu Dec 17 2015 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.1q-alt1
- Updated to 1.0.1q (CVE-2015-1788 CVE-2015-3196 CVE-2015-3195
  CVE-2015-3194).

* Thu Jul 09 2015 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.1k-alt4
- Fixed CVE-2015-1793.

* Mon Jun 15 2015 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.1k-alt3
- Fixed CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792,
  CVE-2015-0209, CVE-2015-4000.

* Thu Mar 19 2015 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.1k-alt2
- Fixed CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288,
  CVE-2015-0289, CVE-2015-0293.

* Mon Jan 12 2015 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.1k-alt1
- Updated to 1.0.1k (fixes CVE-2014-3571, CVE-2015-0206, CVE-2014-3569,
  CVE-2014-3572, CVE-2015-0204, CVE-2015-0205, CVE-2014-8275,
  CVE-2014-3570) (closes: 30644).

* Mon Jan 05 2015 Dmitry V. Levin <ldv@altlinux.org> 1.0.1j-alt2
- Build with enable-ec_nistp_64_gcc_128 on architectures where
  gcc supports __uint128_t (closes: #30625).

* Thu Oct 30 2014 Gleb F-Malinovskiy <glebfm@altlinux.org> 1.0.1j-alt1
- Updated to 1.0.1j (fixes CVE-2014-3512, CVE-2014-3511, CVE-2014-3510,
  CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509,
  CVE-2014-5139,  CVE-2014-3508, CVE-2014-3513, CVE-2014-3567,
  CVE-2014-3566, CVE-2014-3568).
- Updated patches from Fedora openssl-1.0.1j-2.
- kssl.h: include <krb5/krb5.h> instead of <krb5/krb5/krb5.h> (ldv@).

* Thu Jun 05 2014 Dmitry V. Levin <ldv@altlinux.org> 1.0.1h-alt1
- Updated to 1.0.1h (fixes CVE-2014-0224, CVE-2014-022, CVE-2014-019,
  CVE-2014-347, and CVE-2010-5298).

* Mon Apr 07 2014 Dmitry V. Levin <ldv@altlinux.org> 1.0.1g-alt1
- Updated to 1.0.1g (fixes CVE-2014-0076 and CVE-2014-0160).

* Tue Feb 04 2014 Dmitry V. Levin <ldv@altlinux.org> 1.0.1f-alt2
- Made 3DES strength to be 128 bits instead of 168 (RH#1056616).
- Dropped delusive compatibility with alien libssl packages.

* Mon Jan 06 2014 Dmitry V. Levin <ldv@altlinux.org> 1.0.1f-alt1
- Updated to 1.0.1f
  (fixes CVE-2013-4353, CVE-2013-6449, and CVE-2013-6450).

* Wed Apr 10 2013 Dmitry V. Levin <ldv@altlinux.org> 1.0.1e-alt1
- Updated to OpenSSL_1_0_1e-21-g0e9dd38.
- Updated patches from Fedora openssl-1.0.1e-4.
- Changed section where tests are run from %%build to %%check.

* Wed Feb 27 2013 Dmitry V. Levin <ldv@altlinux.org> 1.0.0k-alt1
- Updated to OpenSSL_1_0_0k-15-g0e05f88
  (fixes CVE-2013-0166 and CVE-2013-0169).

* Sat May 12 2012 Dmitry V. Levin <ldv@altlinux.org> 1.0.0j-alt1
- Updated to 1.0.0j (fixes CVE-2012-2333).

* Thu Apr 19 2012 Dmitry V. Levin <ldv@altlinux.org> 1.0.0i-alt1
- Updated to 1.0.0i (fixes CVE-2012-2110).

* Fri Mar 23 2012 Dmitry V. Levin <ldv@altlinux.org> 1.0.0h-alt1
- Updated to 1.0.0h (fixes CVE-2012-0050, CVE-2012-0884 and other bugs).

* Fri Jan 13 2012 Dmitry V. Levin <ldv@altlinux.org> 1.0.0f-alt1
- Updated to 1.0.0f (fixes multiple CVEs).

* Mon Sep 12 2011 Dmitry V. Levin <ldv@altlinux.org> 1.0.0e-alt1
- Updated to 1.0.0e (fixes CVE-2011-3207).

* Tue Mar 15 2011 Alexey Tourbin <at@altlinux.ru> 1.0.0d-alt2
- In pkgconfig files, moved -ldl -lz to Libs.private.

* Wed Feb 09 2011 Dmitry V. Levin <ldv@altlinux.org> 1.0.0d-alt1
- Updated to 1.0.0d (fixes CVE-2011-0014).

* Tue Feb 01 2011 Dmitry V. Levin <ldv@altlinux.org> 1.0.0c-alt1
- Updated to 1.0.0c (fixes CVE-2010-4180).

* Tue Nov 16 2010 Dmitry V. Levin <ldv@altlinux.org> 1.0.0b-alt1
- Updated to 1.0.0b (fixes CVE-2010-2939 and CVE-2010-3864).

* Sat Oct 02 2010 Dmitry V. Levin <ldv@altlinux.org> 1.0.0a-alt2
- Hardened conflict with incompatible libssl6 (closes: #24195).

* Fri Oct 01 2010 Dmitry V. Levin <ldv@altlinux.org> 1.0.0a-alt1
- Updated to 1.0.0a.
- Merged with FC openssl-1.0.0a-3.

* Thu Sep 30 2010 Dmitry V. Levin <ldv@altlinux.org> 0.9.8o-alt2
- openssl.cnf: Updated from openssl-1.0.0a, merged with FC.

* Wed Sep 29 2010 Dmitry V. Levin <ldv@altlinux.org> 0.9.8o-alt1
- Updated to 0.9.8o (fixes CVE-2010-0742).
- Fixed ssl/dtls1.h ABI breakage introduced in 0.9.8m.
- Fixed 0.9.8m build regression on architectures where %%_lib != lib.

* Thu Mar 25 2010 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8n-alt1
- Updated to 0.9.8n (fixes CVE-2010-0740 and CVE-2010-0433).

* Fri Feb 26 2010 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8m-alt1
- Updated to 0.9.8m with security fixes and improvements, including:
  + CVE-2009-3245, CVE-2008-1678
  + CVE-2009-1377, CVE-2009-1378, CVE-2009-1379
  + CVE-2009-1387 (closes: #20280)
  + CVE-2009-4355 (closes: #22817, #23037)
  + patch for Cisco VPN client DTLS

* Fri Jan 15 2010 Dmitry V. Levin <ldv@altlinux.org> 0.9.8l-alt6
- Relocated backwards compatibility symlinks from /%_lib to %_libdir.
- Fixed backwards compatibility Provides on x86-64.

* Fri Jan 15 2010 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8l-alt5
- Added extra symlinks and Provides for backwards compatibility
  with Mandriva's openssl.

* Fri Jan 08 2010 Dmitry V. Levin <ldv@altlinux.org> 0.9.8l-alt4
- Built for target linux-generic32 on ARM.
- Applied upstream crypto/{md5,sha1} build fixes (by Evgeny Sinelnikov
  and Kirill A. Shutemov).
- Applied upstream compatibility patch for Cisco VPN client DTLS
  (closes: #22615).

* Sat Nov 07 2009 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8l-alt1
- Updated to 0.9.8l with security fixes and improvements.
- Includes CVE-2009-3555

* Wed May 27 2009 Dmitry V. Levin <ldv@altlinux.org> 0.9.8k-alt4
- Relocated %_sysconfdir/openssl and %openssldir from
  libssl7 subpackage to libcrypto7 subpackage.

* Wed May 27 2009 Dmitry V. Levin <ldv@altlinux.org> 0.9.8k-alt3
- Packaged libcrypto shared library into separate subpackage
  to break dependency loop (closes: #20175).
- Packaged doc subpackage as noarch.
- Fixed backwards compatibility symlink added in previous build.

* Thu May 21 2009 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8k-alt2
- Added extra symlinks for backwards compatibility with Fedora's libssl8.
- Backported security updates from 0.9.8l:
  CVE-2009-1377, CVE-2009-1378, CVE-2009-1379

* Wed Mar 25 2009 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8k-alt1
- Updated to new 0.9.8k includes security fixes and improvements
- Includes CVE-2009-0789, CVE-2009-0591, CVE-2009-0590

* Thu Jan 08 2009 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8j-alt1
- Updated to 0.9.8j includes properly check EVP_VerifyFinal() and
  similar return values (CVE-2008-5077)

* Tue Dec 09 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8i-alt3
- Added patch with pkcs12 fix for '-name' option

* Wed Nov 19 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8i-alt2
- Rebuilt without obsolete %post/%postun calls

* Wed Nov 05 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8i-alt1
- Updated to 0.9.8i

* Wed Nov 05 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8h-alt4
- Fixed KRB5 cipher crash for FQDN not equal SPN's FQDN at keytab.
  Resolved with fixing checks at kssl_keytab_is_available()

* Sun Aug 10 2008 Dmitry V. Levin <ldv@altlinux.org> 0.9.8h-alt3
- Updated dependencies (Alexey Tourbin).
- Added workaround for krb5.h inclusion.

* Sat Aug 09 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8h-alt2
- Fixed patches
+ At openssl-0.9.8g-rh-alt-soversion.patch SHLIB_SOVERSION set to 7
+ openssl-0.9.8g-rh-shlib-version.patch changed to openssl-0.9.8h-alt-shlib-version.patch

* Fri Aug 01 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8h-alt1
- Updated to new release
- Removed old fixes

* Fri Aug 01 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8g-alt1
- Prepared to Sisyphus release

* Tue Jun 24 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8g-alt0.eter3
- Added openssl-krb providing

* Fri Jun 13 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8g-alt0.eter2
- Changed soname
+ Renamed libssl6 to libssl7

* Thu Jun 12 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8g-alt0.eter1
- Updated to 0.9.8g
- Removed old patches and got new from Fedora

* Wed Mar 26 2008 Evgeny Sinelnikov <sin@altlinux.ru> 0.9.8d-alt4.test2
- Add rfc2712 support with MIT Kerberos.

* Wed Oct 10 2007 Dmitry V. Levin <ldv@altlinux.org> 0.9.8d-alt4
- Backported upstream fix for off-by-one bug in the
  SSL_get_shared_ciphers() function (CVE-2007-5135).

* Tue Aug 07 2007 Dmitry V. Levin <ldv@altlinux.org> 0.9.8d-alt3
- Fixed side-channel attack on private keys
  (CVE-2007-3108, RH#245732, http://cvs.openssl.org/chngview?cn=16275).
- Mitigated branch prediction attacks
  (RH#250573, http://cvs.openssl.org/chngview?cn=16077).
- Changed SSL/TLS server implementation to be stricter about session ID
  context matching (RH#233599, http://cvs.openssl.org/chngview?cn=16006).

* Tue Feb 06 2007 Dmitry V. Levin <ldv@altlinux.org> 0.9.8d-alt2
- Moved a bundle of X.509 certificates of public Certificate
  Authorities (CA) from openssl package to separate ca-certificates
  package.
- Moved %openssldir/{openssl.cnf,cert.pem} from openssl subpackage
  to libssl6 subpackage.

* Sun Nov 05 2006 Dmitry V. Levin <ldv@altlinux.org> 0.9.8d-alt1
- openssl: Updated to 0.9.8d.
- TSA patch: Updated to 20060923 (still not applied by default).
- Asymm patch: Updated to 20061110 (still not applied by default).
- Packaged engine and tsget in separate subpackages.
- Makefile.certificate, ca-bundle.crt: Updated from FC.
- Updated FC specific patches from 0.9.8b-12.
- Renamed subpackage according to soname change: libssl4 -> libssl6.

* Thu Nov 02 2006 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt6
- Updated upstream bss_conn.c fix.
- Renamed srpm: openssl -> openssl097.
- Renamed subpackage: libssl -> libssl4.

* Wed Sep 27 2006 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt5
- Applied upstream fixes for DoS bugs in ASN1 parser
  (CVE-2006-2937, CVE-2006-2940).
- Applied fix for buffer overflow in SSL_get_shared_ciphers(),
  discovery and patch from Tavis Ormandy and Will Drewry of the
  Google Security Team (CVE-2006-3738).
- Applied fix for possible DoS in the sslv2 client code,
  discovery and patch from Tavis Ormandy and Will Drewry of the
  Google Security Team (CVE-2006-4343).
- Build this package without optimizations based on strict aliasing rules.

* Wed Sep 06 2006 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt4
- Applied upstream patch to avoid RSA signature forgery (CVE-2006-4339).

* Tue Oct 11 2005 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt3
- Applied upstream fix for potential SSL 2.0 rollback
  during SSL handshake (CAN-2005-2969).

* Fri Jun 24 2005 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt2
- Minor package cleanup.

* Fri Jun 17 2005 Dmitry V. Levin <ldv@altlinux.org> 0.9.7g-alt1
- Removed those of RH patches which I do not like.
- Rediffed patches and renamed them accourding to the packaging policy.
- Relocated development manpages from libssl-devel subpackage to
  openssl-doc subpackage.

* Tue Jun 07 2005 Anton D. Kachalov <mouse@altlinux.org> 0.9.7g-alt0.4
- Added multilib support

* Fri Jun 03 2005 LAKostis <lakostis at altlinux.org> 0.9.7g-alt0.3
- Incorporated patches from Fedora.
- Changed certs dir to be more useful.
- Added provides/requires for tsa (for future use).

* Fri Jun 03 2005 LAKostis <lakostis at altlinux.org> 0.9.7g-alt0.2
- Updated to 0.9.7g.
- Made split build (with/without tsa patch).

* Wed Nov 16 2004 LAKostis <lakostis at altlinux.org> 0.9.7e-alt0.1.ts
- Test build with 0.9.7e.

* Thu Oct 26 2004 LAKostis <lakostis at altlinux.org> 0.9.7d-alt1.ts
- Added timestamping support patch.

* Sat May 08 2004 Dmitry V. Levin <ldv@altlinux.org> 0.9.7d-alt1
- Updated to 0.9.7d.
- Reviewed patches.
- Applied RH's soname convention.

* Wed Mar 17 2004 Dmitry V. Levin <ldv@altlinux.org> 0.9.6m-alt1
- Updated to 0.9.6m.

* Wed Mar 17 2004 Dmitry V. Levin <ldv@altlinux.org> 0.9.6l-alt2
- Fixed null-pointer assignment during SSL handshake
  (CAN-2004-0079).

* Fri Nov 07 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6l-alt1
- Updated to 0.9.6l.
- For non-i386 ix86 platforms, relaxed textrel check.

* Tue Sep 30 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6k-alt1
- Updated to 0.9.6k:
  + Fix various ASN1 parsing bugs.
  + SSL/TLS protocol fix for unrequested client certificates.

* Thu Aug 28 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6j-alt2
- Fixed linux-elf-arm architecture support (sbolshakov@, #2804).
- Shared %_bindir/openssl-config between openssl and
  libssl-devel subpackages (fixes #2806).

* Sat Apr 12 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6j-alt1
- Updated to 0.9.6j.

* Thu Mar 20 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6i-alt3
- Applied patch against Klima-Pokorny-Rosa attack.

* Tue Mar 18 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6i-alt2
- Applied blinding patch from OpenSSL team,
  to defend against timing attack on RSA keys.

* Wed Feb 19 2003 Dmitry V. Levin <ldv@altlinux.org> 0.9.6i-alt1
- Updated to 0.9.6i.

* Thu Dec 12 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6h-alt1
- Updated to 0.9.6h.
- Merged Owl changes:
  * Fri Nov 15 2002 Solar Designer <solar@owl.openwall.com>
  - Dropped the patch removing -Wl,-Bsymbolic which is no longer needed with
    0.9.6g and/or after dropping the explicit "make build-shared".
  - Dropped RSAref stuff.

* Sun Sep 29 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6g-alt3
- Fixed glibc/crypto compatibility patch.

* Sat Sep 21 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6g-alt2
- Fixed libssl linkage:
  Don't do an explicit "make build-shared", it's not needed and
  could only cause harm (link libssl against libcrypto statically).
- FHS fixes (#0000915):
  + changed %%openssldir from %_libdir/ssl to /var/lib/ssl;
  + moved openssl.cnf from %%openssldir/ to %_sysconfdir/openssl/;
  + on upgrade, copy old %%openssldir to new location;
  + added openssl-config script to provide current %%openssldir location.
- Renamed openssl-devel subpackage to libssl-devel.
- Renamed openssl-devel-static subpackage to libssl-devel-static.

* Mon Aug 19 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6g-alt1
- 0.9.6g; asn1_lib patch merged upstream.

* Mon Aug 05 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6e-alt1
- Updated to 0.9.6e, recent security patch merged upstream.
- Added two post-0.9.6e changes from the CVS which correct the recent ASN.1
  parsing vulnerability fixes (Owl).

* Wed Jul 31 2002 Solar Designer <solar@owl.openwall.com>
- Updated to 0.9.6e, dropping the shared-on-SPARC and the official
  security patches (both are now included).

* Mon Jul 29 2002 Dmitry V. Levin <ldv@altlinux.org> 0.9.6d-alt2
- Various security fixes (see CHANGES).

* Mon May 13 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.9.6d-alt1
- Updated to 0.9.6d.
- Added a patch by Ben Laurie for "openssl dgst" to behave on read errors.
- Properly restrict the instruction set in assembly code when building for i386 (Owl).

* Wed Apr 10 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.9.6c-alt3
- Fixed %_bindir/openssl linkage.
- Relocate shared libs to /lib/.

* Thu Mar 21 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.9.6c-alt2
- libssl: Conflicts: %%name < %%version-%%release.

* Tue Jan 15 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.9.6c-alt1
- 0.9.6c
- Relocated docs.

* Wed Jul 11 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.9.6b-alt1
- 0.9.6b

* Fri Jun 22 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.9.6a-alt2
- Changed two memcpy() calls to memmove() (nalin).
- Added a script for creating dummy certificates (nalin).

* Mon May 14 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.9.6a-alt1
- 0.9.6a
- Keep standard soname scheme.
- Do not provide crypt symbol (solar).
- Use __libc_enable_secure variable (solar).
- Link %_bindir/openssl dinamically with shared libraries from libssl subpackage (solar).

* Wed Apr 04 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.9.6-ipl2mdk
- Moved shared libraries to libssl subpackage.
- Moved static libraries to devel-static subpackage.

* Thu Sep 28 2000 Dmitry V. Levin <ldv@fandra.org> 0.9.6-ipl1mdk
- 0.9.6

* Wed May 31 2000 Dmitry V. Levin <ldv@fandra.org>
- 0.9.5a

* Fri Apr 28 2000 Dmitry V. Levin <ldv@fandra.org>
- separate openssl-doc package
- 0.9.5

* Sun Dec  5 1999 Dmitry V. Levin <ldv@fandra.org>
- Fandra adaptions

* Sun Nov 28 1999 Arne Coucheron <arneco@online.no>
  [0.9.4-3]
- config file moved to /var/ssl due to problems when it stays in /etc

* Tue Aug 17 1999 Arne Coucheron <arneco@online.no>
  [0.9.4-2]
- the source rpm was corrupt, so this is just a rerelase

* Wed Aug 11 1999 Arne Coucheron <arneco@online.no>
  [0.9.4-1]

* Sun Jun 20 1999 Arne Coucheron <arneco@online.no>
  [0.9.3a-1]
- several changes