| /trunk/main/openssl/ |
| H A D | openssl.patch | diff a8693330 Fri Aug 19 18:28:06 UTC 2016 truckman <truckman@13f79535-47bb-0310-9956-ffa450edef68> Update the bundled version of OpenSSL from 0.9.8zh to 1.0.2h which
fixes many vulnerabiliies and adds support for newer, more secure
ciphers and versions of the protocol.
Note: OpenSSL version 1.0.2h contains two known minor vulnerabilites,
CVE-2016-2177 and CVE-2016-2178, which will be fixed in the next
OpenSSL release. Their potential impact is low enough that that
various Linux distros have chosen not to apply the upstream patches
to the versions that they distribute.
On Windows, there is an optional new dependency on NASM,
<http://www.nasm.us/>. If NASM is not available, then the C
implementations of the low-level crypto code will be used instead
of the optimized assembly language versions. Since OpenOffice is
not a heavy user of this code, the impact should be minor. If NASM
is installed, but its location is not in $PATH, the directory
containing nasm.exe should be passed to configure using --with-nasm-home.
The fallback to the C crypto implementation also happens on Linux
if the version of gcc is sufficently old to indicate that the
toolchain is likely to not support the some of the instructions in
the assembly language versions of the code.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1756954 13f79535-47bb-0310-9956-ffa450edef68
|
| H A D | makefile.mk | diff a8693330 Fri Aug 19 18:28:06 UTC 2016 truckman <truckman@13f79535-47bb-0310-9956-ffa450edef68> Update the bundled version of OpenSSL from 0.9.8zh to 1.0.2h which
fixes many vulnerabiliies and adds support for newer, more secure
ciphers and versions of the protocol.
Note: OpenSSL version 1.0.2h contains two known minor vulnerabilites,
CVE-2016-2177 and CVE-2016-2178, which will be fixed in the next
OpenSSL release. Their potential impact is low enough that that
various Linux distros have chosen not to apply the upstream patches
to the versions that they distribute.
On Windows, there is an optional new dependency on NASM,
<http://www.nasm.us/>. If NASM is not available, then the C
implementations of the low-level crypto code will be used instead
of the optimized assembly language versions. Since OpenOffice is
not a heavy user of this code, the impact should be minor. If NASM
is installed, but its location is not in $PATH, the directory
containing nasm.exe should be passed to configure using --with-nasm-home.
The fallback to the C crypto implementation also happens on Linux
if the version of gcc is sufficently old to indicate that the
toolchain is likely to not support the some of the instructions in
the assembly language versions of the code.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1756954 13f79535-47bb-0310-9956-ffa450edef68
|
| /trunk/main/ |
| H A D | LICENSE | diff a8693330 Fri Aug 19 18:28:06 UTC 2016 truckman <truckman@13f79535-47bb-0310-9956-ffa450edef68> Update the bundled version of OpenSSL from 0.9.8zh to 1.0.2h which
fixes many vulnerabiliies and adds support for newer, more secure
ciphers and versions of the protocol.
Note: OpenSSL version 1.0.2h contains two known minor vulnerabilites,
CVE-2016-2177 and CVE-2016-2178, which will be fixed in the next
OpenSSL release. Their potential impact is low enough that that
various Linux distros have chosen not to apply the upstream patches
to the versions that they distribute.
On Windows, there is an optional new dependency on NASM,
<http://www.nasm.us/>. If NASM is not available, then the C
implementations of the low-level crypto code will be used instead
of the optimized assembly language versions. Since OpenOffice is
not a heavy user of this code, the impact should be minor. If NASM
is installed, but its location is not in $PATH, the directory
containing nasm.exe should be passed to configure using --with-nasm-home.
The fallback to the C crypto implementation also happens on Linux
if the version of gcc is sufficently old to indicate that the
toolchain is likely to not support the some of the instructions in
the assembly language versions of the code.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1756954 13f79535-47bb-0310-9956-ffa450edef68
|
| H A D | set_soenv.in | diff a8693330 Fri Aug 19 18:28:06 UTC 2016 truckman <truckman@13f79535-47bb-0310-9956-ffa450edef68> Update the bundled version of OpenSSL from 0.9.8zh to 1.0.2h which
fixes many vulnerabiliies and adds support for newer, more secure
ciphers and versions of the protocol.
Note: OpenSSL version 1.0.2h contains two known minor vulnerabilites,
CVE-2016-2177 and CVE-2016-2178, which will be fixed in the next
OpenSSL release. Their potential impact is low enough that that
various Linux distros have chosen not to apply the upstream patches
to the versions that they distribute.
On Windows, there is an optional new dependency on NASM,
<http://www.nasm.us/>. If NASM is not available, then the C
implementations of the low-level crypto code will be used instead
of the optimized assembly language versions. Since OpenOffice is
not a heavy user of this code, the impact should be minor. If NASM
is installed, but its location is not in $PATH, the directory
containing nasm.exe should be passed to configure using --with-nasm-home.
The fallback to the C crypto implementation also happens on Linux
if the version of gcc is sufficently old to indicate that the
toolchain is likely to not support the some of the instructions in
the assembly language versions of the code.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1756954 13f79535-47bb-0310-9956-ffa450edef68
|
| H A D | external_deps.lst | diff a8693330 Fri Aug 19 18:28:06 UTC 2016 truckman <truckman@13f79535-47bb-0310-9956-ffa450edef68> Update the bundled version of OpenSSL from 0.9.8zh to 1.0.2h which
fixes many vulnerabiliies and adds support for newer, more secure
ciphers and versions of the protocol.
Note: OpenSSL version 1.0.2h contains two known minor vulnerabilites,
CVE-2016-2177 and CVE-2016-2178, which will be fixed in the next
OpenSSL release. Their potential impact is low enough that that
various Linux distros have chosen not to apply the upstream patches
to the versions that they distribute.
On Windows, there is an optional new dependency on NASM,
<http://www.nasm.us/>. If NASM is not available, then the C
implementations of the low-level crypto code will be used instead
of the optimized assembly language versions. Since OpenOffice is
not a heavy user of this code, the impact should be minor. If NASM
is installed, but its location is not in $PATH, the directory
containing nasm.exe should be passed to configure using --with-nasm-home.
The fallback to the C crypto implementation also happens on Linux
if the version of gcc is sufficently old to indicate that the
toolchain is likely to not support the some of the instructions in
the assembly language versions of the code.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1756954 13f79535-47bb-0310-9956-ffa450edef68
|
| H A D | configure.ac | diff a8693330 Fri Aug 19 18:28:06 UTC 2016 truckman <truckman@13f79535-47bb-0310-9956-ffa450edef68> Update the bundled version of OpenSSL from 0.9.8zh to 1.0.2h which
fixes many vulnerabiliies and adds support for newer, more secure
ciphers and versions of the protocol.
Note: OpenSSL version 1.0.2h contains two known minor vulnerabilites,
CVE-2016-2177 and CVE-2016-2178, which will be fixed in the next
OpenSSL release. Their potential impact is low enough that that
various Linux distros have chosen not to apply the upstream patches
to the versions that they distribute.
On Windows, there is an optional new dependency on NASM,
<http://www.nasm.us/>. If NASM is not available, then the C
implementations of the low-level crypto code will be used instead
of the optimized assembly language versions. Since OpenOffice is
not a heavy user of this code, the impact should be minor. If NASM
is installed, but its location is not in $PATH, the directory
containing nasm.exe should be passed to configure using --with-nasm-home.
The fallback to the C crypto implementation also happens on Linux
if the version of gcc is sufficently old to indicate that the
toolchain is likely to not support the some of the instructions in
the assembly language versions of the code.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1756954 13f79535-47bb-0310-9956-ffa450edef68
|