openssl-ibmca (2.5.0-1) unstable; urgency=medium [ William Desportes ] * Import Ubuntu changes into Debian (Closes: #1014430) * Remove first / on d/install * Remove now default Priority: optional * Refresh patches * Add d/gbp.conf [ Pranav P ] * Point Vcs fields to s390 team space * d/rules: Remove redundant override_dh_auto_test. [ Andreas Tille ] * Standards-Version: 4.7.3 * d/watch: version=5 -- Pranav P Fri, 26 Sep 2025 20:57:15 +0200 openssl-ibmca (2.5.0-0ubuntu1) questing; urgency=medium * New upstream release. LP: #2116709 * d/control: Upgrade debhelper-compat to 13 and remove d/compat. -- Alexandre Erwin Ittner Thu, 07 Aug 2025 17:11:25 +0000 openssl-ibmca (2.4.1-0ubuntu1) noble; urgency=medium * New upstream release. LP: #2050025 - Adjust d/p/testconf-openssl3.patch due to slightly different context. - Remove 5 patches d/p/lp-2027809-* since they are incl. in upstream 2.4.1. - Update d/control Standards-Version field to latest 4.6.2 -- Frank Heimes Mon, 22 Jan 2024 19:51:21 +0100 openssl-ibmca (2.4.0-0ubuntu2) mantic; urgency=medium * Add selected commits/patches as requested here: LP: #2027809 - d/p/lp-2027809-engine-Only-register-those-algos-specified-with-defa.patch To set the ENGINE_FLAGS_NO_REGISTER_ALL flag during IBMCA engine initialization to avoid unconditional registration of all algorithms. - d/p/lp-2027809-provider-rsa-Check-RSA-keys-with-p-q-at-key-generati.patch To check and correct RSA keys where p < q (privileged form) right after key generation or during import, so that p > q is assured whenever the key is used afterwards, and no ica_rsa_crt() correction is applied later on. - d/p/lp-2027809-provider-Support-importing-of-RSA-keys-with-just-ME-.patch To let an RSA key also contain the private key components in ME format, and use ica_rsa_mod_expo() only if the ME components are available. - d/p/lp-2027809-provider-RSA-Fix-get_params-to-retrieve-max-size-bit.patch To ensure (and fix) that the RSA key management's get_params() function is able to return the values for max-size, bits, and security-bits (if at least the public key is available). - d/p/lp-2027809-provider-Default-debug-directory-to-tmp-but-make-it-.patch To change the default log directory from /var/log/ibmca/ to /tmp which is world-writable anyway, and to avoid making /var/log/ibmca/ world- writable, which can cause security issues, since it's not known under which user an application runs that uses the provider. With that a world-writable directory under /var is avoided. -- Frank Heimes Thu, 27 Jul 2023 16:38:43 +0200 openssl-ibmca (2.4.0-0ubuntu1) lunar; urgency=medium * New upstream release. LP: #2015333 and LP: #2015454 -- Frank Heimes Tue, 11 Apr 2023 19:51:12 +0200 openssl-ibmca (2.3.1-0ubuntu1) lunar; urgency=medium * New upstream release. LP: #2004529 * Remove patch d/p/lp-1959763-Adjust-to-new-libica.patch because it's now included in upstream v2.3.1. * Remove patch d/p/lp-1959763-Support-tests-in-remote-builds.patch because it's now included in upstream v2.3.1. * Remove patch d/p/lp-1959763-provider-Adapt-keymgmt_match-implementations.patch because it's now included in upstream v2.3.1. * Remove patch d/p/lp-1959763-tests-skip-tests-if-libica-does-not-support.patch because it's now included in upstream v2.3.1. * Remove patch d/p/lp-1959763-Provider-Fix-parallel-test-runs.patch because it's now included in upstream v2.3.1. * Remove no longer needed dh-autoreconf at line Build-Depends: in d/control to solve lintian warning: openssl-ibmca source: useless-autoreconf-build-depends (does not need to satisfy dh-autoreconf:any) -- Frank Heimes Wed, 01 Feb 2023 17:23:55 +0100 openssl-ibmca (2.3.0-0ubuntu1) kinetic; urgency=medium * New upstream release. LP: #1959763 - update d/p/openssl-config.patch since code moved from src to src/engine - update d/p/testconf-openssl3.patch since code moved from test to test/engine and context adjustment in test/engine/Makefile.am - remove d/p/e59cce5-Fix-compilation-for-OpenSSL-3.0.patch since this patch/commit is incl. in the new upstream version - due to the refactoring (engine/provider) path adjustments needed in d/rules and d/openssl-ibmca.install - add ibmca-provider-opensslconfig to d/rules and d/openssl-ibmca.install - modify d/rules to configure for engine and provider using full libica - expand d/examples with openssl.cnf.provider.sample - add d/p/lp-1959763-Adjust-to-new-libica.patch to be compliiant with latest libica - add d/p/lp-1959763-Support-tests-in-remote-builds.patch to make tests more decent - add d/p/lp-1959763-provider-Adapt-keymgmt_match-implementations.patch to adapt the provider's match functions - add d/p/lp-1959763-tests-skip-tests-if-libica-does-not-support.patch skip tests if unsupported by libica - add d/p/lp-1959763-Provider-Fix-parallel-test-runs.patch without this esp. the provider tests will not properly work -- Frank Heimes Fri, 05 Aug 2022 16:37:13 +0200 openssl-ibmca (2.2.3-0ubuntu1) jammy; urgency=medium * New upstream release. LP: #1967141 * The difference between 2.2.2 and 2.2.3 includes just these two fixes: - "PKEY: Fix usage of ECX keys" - "use correct libica for ibmca_mechaList_test" Rather than adding these as quilt patches, raising the package to the bugfix-only version that incl. them is preferable. * For "PKEY: Fix usage of ECX keys" a backport of "Fix compilation for OpenSSL 3.0" was needed: d/p/e59cce5-Fix-compilation-for-OpenSSL-3.0.patch * For convenience reasons a generated sample config is now included in the package, but also the optional configuration generator Perl script 'ibmca-engine-opensslconfig'. * d/control: add dh-autoreconf to Build-Depends to work around a Lintian regression on missing-build-dependency-for-dh-addon -- Frank Heimes Wed, 30 Mar 2022 19:19:00 +0100 openssl-ibmca (2.2.2-0ubuntu1) jammy; urgency=medium * New upstream release. LP: #1960004 * compatibility to libica4 is now included * d/control modified to depend on libica4 * removed d/p/disable-3des-ecb-test.patch since the tests got fixed upstream * d/p/openssl-witness.cnf needed to be refreshed * d/p/testconf-openssl3.patch added initialization and refreshed -- Frank Heimes Fri, 04 Feb 2022 09:54:15 +0100 openssl-ibmca (2.2.1-0ubuntu1) jammy; urgency=medium * New upstream release. LP: #1958419 [Simon Chopin] * d/p/testconf-openssl3.patch: fix the test suite against OpenSSL 3.0 * d/p/disable-3des-ecb-test.patch: Temporarily disable a failing test * d/rules: make the build fail if the tests fail -- Frank Heimes Thu, 20 Jan 2022 15:44:47 +0100 openssl-ibmca (2.2.0-0ubuntu2) jammy; urgency=medium * No-change rebuild against openssl3 -- Simon Chopin Tue, 07 Dec 2021 15:45:01 +0100 openssl-ibmca (2.2.0-0ubuntu1) impish; urgency=medium * New upstream release. LP: #1929052 -- Matthieu Clemenceau Fri, 18 Jun 2021 12:02:24 -0500 openssl-ibmca (2.1.2-0ubuntu1) impish; urgency=medium * New upstream release. LP: #1926584. -- Steve Langasek Thu, 29 Apr 2021 08:41:11 -0700 openssl-ibmca (2.1.1-0ubuntu1) groovy; urgency=medium * New upstream release. LP: #1884763 -- Dimitri John Ledkov Wed, 26 Aug 2020 20:14:28 +0100 openssl-ibmca (2.1.0-0ubuntu1) eoan; urgency=medium * New upstream release LP: #1836865 -- Dimitri John Ledkov Mon, 07 Oct 2019 11:30:34 +0100 openssl-ibmca (2.0.3-0ubuntu1) eoan; urgency=medium * New upstream release LP: #1826198 -- Dimitri John Ledkov Tue, 30 Apr 2019 12:34:27 +0100 openssl-ibmca (2.0.2-0ubuntu2) disco; urgency=medium * Rework error string init and exit. LP: #1819487 -- Dimitri John Ledkov Mon, 18 Mar 2019 15:03:08 +0000 openssl-ibmca (2.0.2-0ubuntu1) disco; urgency=medium * New upstream release LP: #1804233 LP: #1806483 * Drop dlopen-soname.patch, applied upstream. * Update watch file to github.com. -- Dimitri John Ledkov Mon, 10 Dec 2018 11:21:56 +1100 openssl-ibmca (2.0.0-0ubuntu2) cosmic; urgency=medium * Disable test-suite, as it appears to fail on launchpad builders, yet passes locally when uncontained. -- Dimitri John Ledkov 🌈 Fri, 15 Jun 2018 12:44:40 +0100 openssl-ibmca (2.0.0-0ubuntu1) cosmic; urgency=medium * New upstream release. LP: #1776209 * Update debian/copyright to Apache-2 -- Dimitri John Ledkov 🌈 Thu, 14 Jun 2018 12:10:32 +0100 openssl-ibmca (1.4.1-0ubuntu1) bionic; urgency=medium * New upstream release * Update watch file to point at github * Build against openssl1.1 with openssl1.1 engine paths LP: #1747626 -- Dimitri John Ledkov Fri, 23 Feb 2018 18:06:36 +0000 openssl-ibmca (1.4.0-0ubuntu2) bionic; urgency=high * No change rebuild against openssl1.1. -- Dimitri John Ledkov Tue, 06 Feb 2018 17:54:51 +0000 openssl-ibmca (1.4.0-0ubuntu1) artful; urgency=medium * New upstream release * Drop patches applied upstream -- Dimitri John Ledkov Thu, 28 Sep 2017 11:13:14 -0400 openssl-ibmca (1.3.0-0ubuntu5) artful; urgency=medium * Apply upstream patch to resolve crashes when libssl attempts to initialise engine a few times too many. LP: #1543455 -- Dimitri John Ledkov Wed, 26 Jul 2017 08:48:51 +0100 openssl-ibmca (1.3.0-0ubuntu4) zesty; urgency=medium * Build against libica.so.3. -- Dimitri John Ledkov Wed, 30 Nov 2016 10:24:29 +0000 openssl-ibmca (1.3.0-0ubuntu3) zesty; urgency=medium * Attempt to dlopen libica.so.2, if libica.so (or ctrl provided one) fails. LP: #1605511 * Add depends on libica2. -- Dimitri John Ledkov Tue, 04 Oct 2016 15:25:59 +0100 openssl-ibmca (1.3.0-0ubuntu2) xenial; urgency=medium * Correct license information. LP: 1543682 * Add watch file. * Resolves LP: #1538864 -- Dimitri John Ledkov Mon, 15 Feb 2016 16:32:05 +0000 openssl-ibmca (1.3.0-0ubuntu1) xenial; urgency=medium * Initial release. -- Dimitri John Ledkov Fri, 05 Feb 2016 06:16:50 +0000 openssl-ibmca (1.4.0-1) unstable; urgency=medium * Initial release. Closes: #813772 -- Paulo Vital Wed, 20 sep 2017 11:18:57 -0300