./security/openssl, Secure Socket Layer and cryptographic library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2014Q1, Version: 1.0.1h, Package name: openssl-1.0.1h, Maintainer: pkgsrc-users

The OpenSSL Project is a collaborative effort to develop a
robust, commercial-grade, full-featured, and Open Source
toolkit implementing the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols as well as
a full-strength general purpose cryptography library. The
project is managed by a worldwide community of volunteers
that use the Internet to communicate, plan, and develop the
OpenSSL toolkit and its related documentation.


Required to build:
[devel/p5-Perl4-CoreLibs]

Package options: md2, threads

Master sites:

SHA1: b2239599c8bf8f7fc48590a55205c26abe560bf8
RMD160: aeb1e0f41074d499d5411510fd645455730ed05e
Filesize: 4370.793 KB

Version history: (Expand)


CVS history: (Expand)


   2014-06-05 15:20:18 by Matthias Scheler | Files touched by this commit (32) | Package removed
Log message:
Pullup ticket #4431 - requested by wiz
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.193
- security/openssl/builtin.mk                                   1.42
- security/openssl/distinfo                                     1.106-1.107
- security/openssl/patches/patch-Configure                      1.2
- security/openssl/patches/patch-Makefile.org                   1.2
- security/openssl/patches/patch-Makefile.shared                1.2
- security/openssl/patches/patch-apps_Makefile                  1.2
- security/openssl/patches/patch-config                         1.2
- security/openssl/patches/patch-crypto_bn_bn__prime.pl         1.2
- security/openssl/patches/patch-crypto_des_Makefile            1.1
- security/openssl/patches/patch-crypto_dso_dso__dlfcn.c        1.2
- security/openssl/patches/patch-doc_apps_cms.pod               deleted
- security/openssl/patches/patch-doc_apps_smine.pod             deleted
- security/openssl/patches/patch-doc_ssl_SSL__COMP__add__compression__method.pod \ 
deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__add__session.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__load__verify__locations.pod \ 
deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__session__id__context.pod \ 
deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__ssl__version.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod \ 
deleted
- security/openssl/patches/patch-doc_ssl_SSL__accept.pod        deleted
- security/openssl/patches/patch-doc_ssl_SSL__clear.pod         deleted
- security/openssl/patches/patch-doc_ssl_SSL__connect.pod       deleted
- security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__read.pod          deleted
- security/openssl/patches/patch-doc_ssl_SSL__session__reused.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__set__fd.pod       deleted
- security/openssl/patches/patch-doc_ssl_SSL__set__session.pod  deleted
- security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod      deleted
- security/openssl/patches/patch-doc_ssl_SSL__write.pod         deleted
- security/openssl/patches/patch-engines_ccgost_Makefile        1.2
- security/openssl/patches/patch-tools_Makefile                 1.2

---
   Module Name:	pkgsrc
   Committed By:	rodent
   Date:		Tue May 13 02:23:11 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: distinfo
   	pkgsrc/security/openssl/patches: patch-Configure patch-Makefile.org
   	    patch-Makefile.shared patch-apps_Makefile patch-config
   	    patch-crypto_bn_bn__prime.pl patch-crypto_dso_dso__dlfcn.c
   	    patch-doc_apps_cms.pod patch-doc_apps_smine.pod
   	    patch-doc_ssl_SSL__COMP__add__compression__method.pod
   	    patch-doc_ssl_SSL__CTX__add__session.pod
   	    patch-doc_ssl_SSL__CTX__load__verify__locations.pod
   	    patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
   	    patch-doc_ssl_SSL__CTX__set__session__id__context.pod
   	    patch-doc_ssl_SSL__CTX__set__ssl__version.pod
   	    patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
   	    patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__clear.pod
   	    patch-doc_ssl_SSL__connect.pod patch-doc_ssl_SSL__do__handshake.pod
   	    patch-doc_ssl_SSL__read.pod patch-doc_ssl_SSL__session__reused.pod
   	    patch-doc_ssl_SSL__set__fd.pod patch-doc_ssl_SSL__set__session.pod
   	    patch-doc_ssl_SSL__shutdown.pod patch-doc_ssl_SSL__write.pod
   	    patch-engines_ccgost_Makefile patch-tools_Makefile
   Added Files:
   	pkgsrc/security/openssl/patches: patch-crypto_des_Makefile

   Log message:
   Fix build on OpenBSD/sparc64. Defuzz patches (sorry if this is annoying).

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Thu Jun  5 12:16:06 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile builtin.mk distinfo
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-doc_apps_cms.pod
   	    patch-doc_apps_smine.pod
   	    patch-doc_ssl_SSL__COMP__add__compression__method.pod
   	    patch-doc_ssl_SSL__CTX__add__session.pod
   	    patch-doc_ssl_SSL__CTX__load__verify__locations.pod
   	    patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
   	    patch-doc_ssl_SSL__CTX__set__session__id__context.pod
   	    patch-doc_ssl_SSL__CTX__set__ssl__version.pod
   	    patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
   	    patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__clear.pod
   	    patch-doc_ssl_SSL__connect.pod patch-doc_ssl_SSL__do__handshake.pod
   	    patch-doc_ssl_SSL__read.pod patch-doc_ssl_SSL__session__reused.pod
   	    patch-doc_ssl_SSL__set__fd.pod patch-doc_ssl_SSL__set__session.pod
   	    patch-doc_ssl_SSL__shutdown.pod patch-doc_ssl_SSL__write.pod

   Log message:
   Update to 1.0.1h:

     Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]

         o Fix for CVE-2014-0224
         o Fix for CVE-2014-0221
         o Fix for CVE-2014-0195
         o Fix for CVE-2014-3470
         o Fix for CVE-2010-5298
   2014-04-09 11:58:03 by Matthias Scheler | Files touched by this commit (1)
Log message:
Pullup ticket #4359 - requested by obache
security/openssl: build fix

Revisions pulled up:
- security/openssl/distinfo                                     1.105

---
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Tue Apr  8 23:58:03 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: distinfo

   Log message:
   removed obsolated patche entries.
   2014-04-08 12:09:27 by Matthias Scheler | Files touched by this commit (16) | Package updated
Log message:
Pullup ticket #4359 - requested by obache
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.186-1.188
- security/openssl/distinfo                                     1.103-1.104
- security/openssl/patches/patch-Configure                      1.1
- security/openssl/patches/patch-Makefile.org                   1.1
- security/openssl/patches/patch-Makefile.shared                1.1
- security/openssl/patches/patch-aa                             deleted
- security/openssl/patches/patch-ac                             deleted
- security/openssl/patches/patch-ad                             deleted
- security/openssl/patches/patch-ae                             deleted
- security/openssl/patches/patch-af                             deleted
- security/openssl/patches/patch-ag                             deleted
- security/openssl/patches/patch-ak                             deleted
- security/openssl/patches/patch-apps_Makefile                  1.1
- security/openssl/patches/patch-config                         1.1
- security/openssl/patches/patch-crypto_bn_bn__prime.pl         1.1
- security/openssl/patches/patch-tools_Makefile                 1.1

---
   Module Name:	pkgsrc
   Committed By:	he
   Date:		Wed Apr  2 12:11:35 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Added Files:
   	pkgsrc/security/openssl/patches: patch-Configure patch-Makefile.org
   	    patch-Makefile.shared patch-apps_Makefile patch-config
   	    patch-crypto_bn_bn.h patch-crypto_bn_bn__lib.c
   	    patch-crypto_bn_bn__prime.pl patch-crypto_ec_ec2__mult.c
   	    patch-tools_Makefile
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-aa patch-ac patch-ad patch-ae
   	    patch-af patch-ag patch-ak

   Log message:
   Rename all remaining patch-?? files using the newer naming convention.

   Add a fix for CVE-2014-0076:

     Fix for the attack described in the paper "Recovering OpenSSL
     ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
     by Yuval Yarom and Naomi Benger. Details can be obtained from:
     http://eprint.iacr.org/2014/140

     Thanks to Yuval Yarom and Naomi Benger for discovering this
     flaw and to Yuval Yarom for supplying a fix.

   Fix from culled from
   http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f
   91e57d247d0fc667aef29

   Bump PKGREVISION.

---
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Tue Apr  8 02:48:38 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile

   Log message:
   p5-Perl4-CoreLibs is not required for perl<5.16

---
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Tue Apr  8 06:20:44 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-crypto_bn_bn.h
   	    patch-crypto_bn_bn__lib.c patch-crypto_ec_ec2__mult.c

   Log message:
   Update openssl to 1.0.1g.
   (CVE-2014-0076 is already fixed in pkgsrc).

    OpenSSL CHANGES
    _______________

    Changes between 1.0.1f and 1.0.1g [7 Apr 2014]

     *) A missing bounds check in the handling of the TLS heartbeat extension
        can be used to reveal up to 64k of memory to a connected client or
        server.

        Thanks for Neel Mehta of Google Security for discovering this bug and
   to
        Adam Langley <agl@chromium.org> and Bodo Moeller \ 
<bmoeller@acm.org> for
        preparing the fix (CVE-2014-0160)
        [Adam Langley, Bodo Moeller]

     *) Fix for the attack described in the paper "Recovering OpenSSL
        ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
        by Yuval Yarom and Naomi Benger. Details can be obtained from:
        http://eprint.iacr.org/2014/140

        Thanks to Yuval Yarom and Naomi Benger for discovering this
        flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
        [Yuval Yarom and Naomi Benger]

     *) TLS pad extension: draft-agl-tls-padding-03

        Workaround for the "TLS hang bug" (see FAQ and \ 
opensslPR#2771): if the
        TLS client Hello record length value would otherwise be > 255 and
        less that 512 pad with a dummy extension containing zeroes so it
        is at least 512 bytes long.

        [Adam Langley, Steve Henson]