Path to this page:
./
security/openssl,
Secure Socket Layer and cryptographic library
Branch: pkgsrc-2014Q1,
Version: 1.0.1h,
Package name: openssl-1.0.1h,
Maintainer: pkgsrc-usersThe OpenSSL Project is a collaborative effort to develop a
robust, commercial-grade, full-featured, and Open Source
toolkit implementing the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols as well as
a full-strength general purpose cryptography library. The
project is managed by a worldwide community of volunteers
that use the Internet to communicate, plan, and develop the
OpenSSL toolkit and its related documentation.
Required to build:[
devel/p5-Perl4-CoreLibs]
Package options: md2, threads
Master sites:
SHA1: b2239599c8bf8f7fc48590a55205c26abe560bf8
RMD160: aeb1e0f41074d499d5411510fd645455730ed05e
Filesize: 4370.793 KB
Version history: (Expand)
- (2014-06-05) Updated to version: openssl-1.0.1h
- (2014-04-08) Updated to version: openssl-1.0.1g
- (2014-04-04) Package added to pkgsrc.se, version openssl-1.0.1f (created)
CVS history: (Expand)
2014-06-05 15:20:18 by Matthias Scheler | Files touched by this commit (32) | |
Log message:
Pullup ticket #4431 - requested by wiz
security/openssl: security update
Revisions pulled up:
- security/openssl/Makefile 1.193
- security/openssl/builtin.mk 1.42
- security/openssl/distinfo 1.106-1.107
- security/openssl/patches/patch-Configure 1.2
- security/openssl/patches/patch-Makefile.org 1.2
- security/openssl/patches/patch-Makefile.shared 1.2
- security/openssl/patches/patch-apps_Makefile 1.2
- security/openssl/patches/patch-config 1.2
- security/openssl/patches/patch-crypto_bn_bn__prime.pl 1.2
- security/openssl/patches/patch-crypto_des_Makefile 1.1
- security/openssl/patches/patch-crypto_dso_dso__dlfcn.c 1.2
- security/openssl/patches/patch-doc_apps_cms.pod deleted
- security/openssl/patches/patch-doc_apps_smine.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__COMP__add__compression__method.pod \
deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__add__session.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__load__verify__locations.pod \
deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__session__id__context.pod \
deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__ssl__version.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod \
deleted
- security/openssl/patches/patch-doc_ssl_SSL__accept.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__clear.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__connect.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__read.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__session__reused.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__set__fd.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__set__session.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__write.pod deleted
- security/openssl/patches/patch-engines_ccgost_Makefile 1.2
- security/openssl/patches/patch-tools_Makefile 1.2
---
Module Name: pkgsrc
Committed By: rodent
Date: Tue May 13 02:23:11 UTC 2014
Modified Files:
pkgsrc/security/openssl: distinfo
pkgsrc/security/openssl/patches: patch-Configure patch-Makefile.org
patch-Makefile.shared patch-apps_Makefile patch-config
patch-crypto_bn_bn__prime.pl patch-crypto_dso_dso__dlfcn.c
patch-doc_apps_cms.pod patch-doc_apps_smine.pod
patch-doc_ssl_SSL__COMP__add__compression__method.pod
patch-doc_ssl_SSL__CTX__add__session.pod
patch-doc_ssl_SSL__CTX__load__verify__locations.pod
patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
patch-doc_ssl_SSL__CTX__set__session__id__context.pod
patch-doc_ssl_SSL__CTX__set__ssl__version.pod
patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__clear.pod
patch-doc_ssl_SSL__connect.pod patch-doc_ssl_SSL__do__handshake.pod
patch-doc_ssl_SSL__read.pod patch-doc_ssl_SSL__session__reused.pod
patch-doc_ssl_SSL__set__fd.pod patch-doc_ssl_SSL__set__session.pod
patch-doc_ssl_SSL__shutdown.pod patch-doc_ssl_SSL__write.pod
patch-engines_ccgost_Makefile patch-tools_Makefile
Added Files:
pkgsrc/security/openssl/patches: patch-crypto_des_Makefile
Log message:
Fix build on OpenBSD/sparc64. Defuzz patches (sorry if this is annoying).
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jun 5 12:16:06 UTC 2014
Modified Files:
pkgsrc/security/openssl: Makefile builtin.mk distinfo
Removed Files:
pkgsrc/security/openssl/patches: patch-doc_apps_cms.pod
patch-doc_apps_smine.pod
patch-doc_ssl_SSL__COMP__add__compression__method.pod
patch-doc_ssl_SSL__CTX__add__session.pod
patch-doc_ssl_SSL__CTX__load__verify__locations.pod
patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
patch-doc_ssl_SSL__CTX__set__session__id__context.pod
patch-doc_ssl_SSL__CTX__set__ssl__version.pod
patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__clear.pod
patch-doc_ssl_SSL__connect.pod patch-doc_ssl_SSL__do__handshake.pod
patch-doc_ssl_SSL__read.pod patch-doc_ssl_SSL__session__reused.pod
patch-doc_ssl_SSL__set__fd.pod patch-doc_ssl_SSL__set__session.pod
patch-doc_ssl_SSL__shutdown.pod patch-doc_ssl_SSL__write.pod
Log message:
Update to 1.0.1h:
Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
o Fix for CVE-2014-0224
o Fix for CVE-2014-0221
o Fix for CVE-2014-0195
o Fix for CVE-2014-3470
o Fix for CVE-2010-5298
|
2014-04-09 11:58:03 by Matthias Scheler | Files touched by this commit (1) |
Log message:
Pullup ticket #4359 - requested by obache
security/openssl: build fix
Revisions pulled up:
- security/openssl/distinfo 1.105
---
Module Name: pkgsrc
Committed By: obache
Date: Tue Apr 8 23:58:03 UTC 2014
Modified Files:
pkgsrc/security/openssl: distinfo
Log message:
removed obsolated patche entries.
|
2014-04-08 12:09:27 by Matthias Scheler | Files touched by this commit (16) | |
Log message:
Pullup ticket #4359 - requested by obache
security/openssl: security update
Revisions pulled up:
- security/openssl/Makefile 1.186-1.188
- security/openssl/distinfo 1.103-1.104
- security/openssl/patches/patch-Configure 1.1
- security/openssl/patches/patch-Makefile.org 1.1
- security/openssl/patches/patch-Makefile.shared 1.1
- security/openssl/patches/patch-aa deleted
- security/openssl/patches/patch-ac deleted
- security/openssl/patches/patch-ad deleted
- security/openssl/patches/patch-ae deleted
- security/openssl/patches/patch-af deleted
- security/openssl/patches/patch-ag deleted
- security/openssl/patches/patch-ak deleted
- security/openssl/patches/patch-apps_Makefile 1.1
- security/openssl/patches/patch-config 1.1
- security/openssl/patches/patch-crypto_bn_bn__prime.pl 1.1
- security/openssl/patches/patch-tools_Makefile 1.1
---
Module Name: pkgsrc
Committed By: he
Date: Wed Apr 2 12:11:35 UTC 2014
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Added Files:
pkgsrc/security/openssl/patches: patch-Configure patch-Makefile.org
patch-Makefile.shared patch-apps_Makefile patch-config
patch-crypto_bn_bn.h patch-crypto_bn_bn__lib.c
patch-crypto_bn_bn__prime.pl patch-crypto_ec_ec2__mult.c
patch-tools_Makefile
Removed Files:
pkgsrc/security/openssl/patches: patch-aa patch-ac patch-ad patch-ae
patch-af patch-ag patch-ak
Log message:
Rename all remaining patch-?? files using the newer naming convention.
Add a fix for CVE-2014-0076:
Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140
Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
Fix from culled from
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f
91e57d247d0fc667aef29
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: obache
Date: Tue Apr 8 02:48:38 UTC 2014
Modified Files:
pkgsrc/security/openssl: Makefile
Log message:
p5-Perl4-CoreLibs is not required for perl<5.16
---
Module Name: pkgsrc
Committed By: obache
Date: Tue Apr 8 06:20:44 UTC 2014
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Removed Files:
pkgsrc/security/openssl/patches: patch-crypto_bn_bn.h
patch-crypto_bn_bn__lib.c patch-crypto_ec_ec2__mult.c
Log message:
Update openssl to 1.0.1g.
(CVE-2014-0076 is already fixed in pkgsrc).
OpenSSL CHANGES
_______________
Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
*) A missing bounds check in the handling of the TLS heartbeat extension
can be used to reveal up to 64k of memory to a connected client or
server.
Thanks for Neel Mehta of Google Security for discovering this bug and
to
Adam Langley <agl@chromium.org> and Bodo Moeller \
<bmoeller@acm.org> for
preparing the fix (CVE-2014-0160)
[Adam Langley, Bodo Moeller]
*) Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140
Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
[Yuval Yarom and Naomi Benger]
*) TLS pad extension: draft-agl-tls-padding-03
Workaround for the "TLS hang bug" (see FAQ and \
opensslPR#2771): if the
TLS client Hello record length value would otherwise be > 255 and
less that 512 pad with a dummy extension containing zeroes so it
is at least 512 bytes long.
[Adam Langley, Steve Henson]
|