Date: Tue, 13 Mar 2012 22:43:17 +0100 (CET) From: dirk.meyer@dinoex.sub.org To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/166064: [PATCH] security/openssl update to 1.0.0h Message-ID: <201203132143.q2DLhHZJ053182@home8.dinoex.sub.de> Resent-Message-ID: <201203132220.q2DMK2BG089031@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 166064 >Category: ports >Synopsis: [PATCH] security/openssl update to 1.0.0h >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Tue Mar 13 22:20:01 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Dirk Meyer >Release: FreeBSD 8.2-RELEASE >Organization: privat >Environment: openssl from ports >Description: port has a vulnerability: Security: http://www.openssl.org/news/secadv_20120312.txt Security: CVE-2012-0884 >How-To-Repeat: >Fix: Security update to 1.0.0h Index: Makefile =================================================================== RCS file: /home/pcvs/ports/security/openssl/Makefile,v retrieving revision 1.183 diff -u -r1.183 Makefile --- Makefile 22 Feb 2012 05:15:12 -0000 1.183 +++ Makefile 13 Mar 2012 20:35:44 -0000 @@ -7,8 +7,8 @@ PORTNAME= openssl PORTVERSION= 1.0.0 -DISTVERSIONSUFFIX= g -PORTREVISION= 9 +DISTVERSIONSUFFIX= h +PORTREVISION= 10 CATEGORIES= security devel MASTER_SITES= http://www.openssl.org/%SUBDIR%/ \ ftp://ftp.openssl.org/%SUBDIR%/ \ @@ -16,8 +16,6 @@ MASTER_SITE_SUBDIR= source DIST_SUBDIR= ${DISTNAME} -PATCH_SITES= http://sctp.fh-muenster.de/dtls/ - MAINTAINER= dinoex@FreeBSD.org COMMENT= SSL and crypto library @@ -33,10 +31,7 @@ ZLIB "Build with zlib compression" on \ MD2 "Build with MD2 hash (obsolete)" on \ RC5 "Build with RC5 chipher (patented)" off \ - RFC3779 "Build with RFC3779 support" off \ - DTLS_RENEGOTIATION "Build with DTLS Abbr. renegotiations" off \ - DTLS_HEARTBEAT "Build with DTLS Heartbeat Extension" off \ - SCTP "Build with SCTP support" off \ + RFC3779 "Build with RFC3779 support" off MAKE_JOBS_UNSAFE= yes NOPRECIOUSMAKEVARS= Too many _MLINKS for fetch @@ -1105,24 +1100,6 @@ EXTRACONFIGURE+= no-rfc3779 .endif -.if defined(WITH_SCTP) -EXTRACONFIGURE+= sctp -.if defined(WITH_DTLS_HEARTBEAT) -BROKEN= Patches do not merge, please change options -.endif -.endif - -# order of PATCHFILES is important -.if defined(WITH_DTLS_RENEGOTIATION) || make(makesum) || defined(FETCH_ALL) -PATCHFILES+= abbreviated-renegotiation.patch -.endif -.if defined(WITH_DTLS_HEARTBEAT) || make(makesum) || defined(FETCH_ALL) -PATCHFILES+= dtls-heartbeats.patch -.endif -.if defined(WITH_SCTP) || make(makesum) || defined(FETCH_ALL) -PATCHFILES+= dtls-sctp-24.patch -.endif - .if ${OPENSSL_SHLIBVER_BASE} > ${OPENSSL_SHLIBVER} pre-everything:: @${ECHO_CMD} "#" Index: distinfo =================================================================== RCS file: /home/pcvs/ports/security/openssl/distinfo,v retrieving revision 1.69 diff -u -r1.69 distinfo --- distinfo 19 Jan 2012 19:25:16 -0000 1.69 +++ distinfo 13 Mar 2012 20:35:44 -0000 @@ -1,8 +1,2 @@ -SHA256 (openssl-1.0.0g/openssl-1.0.0g.tar.gz) = 905106a1505e7d9f7c36ee81408d3aa3d41aac291a9603d0c290c9530c92fc2c -SIZE (openssl-1.0.0g/openssl-1.0.0g.tar.gz) = 4046513 -SHA256 (openssl-1.0.0g/abbreviated-renegotiation.patch) = f060c344d2eb639d6a7859b00195d6661e29018b4b877e8fc9cc791fd4025272 -SIZE (openssl-1.0.0g/abbreviated-renegotiation.patch) = 7977 -SHA256 (openssl-1.0.0g/dtls-heartbeats.patch) = b580ba6419e5732ed09fb9b4a9b2c083b1a002b848b2c71d6357ca7c9c36670e -SIZE (openssl-1.0.0g/dtls-heartbeats.patch) = 14132 -SHA256 (openssl-1.0.0g/dtls-sctp-24.patch) = 8335423c6f4767b899d923091244ec90cab4aabbd6e557358d04d0daf023001a -SIZE (openssl-1.0.0g/dtls-sctp-24.patch) = 57229 +SHA256 (openssl-1.0.0h/openssl-1.0.0h.tar.gz) = 7e3dfc21aa57ed33ea673170053d1921322803b8a6a624a4f0d2e4c308bd418d +SIZE (openssl-1.0.0h/openssl-1.0.0h.tar.gz) = 4048067 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201203132143.q2DLhHZJ053182>