./security/openssl, Secure Socket Layer and cryptographic library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2008Q1, Version: 0.9.8gnb1, Package name: openssl-0.9.8gnb1, Maintainer: pkgsrc-users

The OpenSSL Project is a collaborative effort to develop a
robust, commercial-grade, full-featured, and Open Source
toolkit implementing the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols as well as
a full-strength general purpose cryptography library. The
project is managed by a worldwide community of volunteers
that use the Internet to communicate, plan, and develop the
OpenSSL toolkit and its related documentation.


Required to build:
[devel/gmake]

Master sites: (Expand)

SHA1: 4e9c5ced466715d18fd924de79bde5c15da80fa1
RMD160: f080a32da9becdc8b98c38744d62c6fd8664f603
Filesize: 3276.164 KB

Version history: (Expand)

CVS history: (Expand)


   2008-06-05 14:25:24 by Tyler R. Retzlaff | Files touched by this commit (1) 
Log message:
lost in previous
   2008-06-05 14:24:00 by Tyler R. Retzlaff | Files touched by this commit (3) 
Log message:
pullup ticket #2414 - requested by tonnerre
openssl: DoS and double free fixes

revisions pulled up:
- pkgsrc/security/openssl/Makefile		1.132
- pkgsrc/security/openssl/distinfo		1.60
- pkgsrc/security/openssl/patches/patch-ab	1.12
- pkgsrc/security/openssl/patches/patch-ah	1.8

   Module Name: pkgsrc
   Committed By:        tonnerre
   Date:                Tue Jun  3 21:39:40 UTC 2008

   Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
   Added Files:
        pkgsrc/security/openssl/patches: patch-ab patch-ah

   Log message:
   Fix two Denial of Service vulnerabilities in OpenSSL 0.9.8g:
   - Fix flaw if 'Server Key exchange message' is omitted from a TLS
   handshake which could lead to a silent crash.
   - Fix double free in TLS server name extensions which could lead to a
   remote crash.

   Patches from upstream.