Navigation:
Browse pkgsrc
(this page)| 2014-04-02 14:11:35 by Havard Eidnes | Files touched by this commit (19) |
Log message: Rename all remaining patch-?? files using the newer naming convention. Add a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 Thanks to Yuval Yarom and Naomi Benger for discovering this flaw and to Yuval Yarom for supplying a fix. Fix from culled from http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29 Bump PKGREVISION. |
| 2014-03-13 12:08:54 by Jonathan Perkin | Files touched by this commit (67) |
Log message: Set USE_GCC_RUNTIME=yes for packages which build shared libraries but do not use libtool to do so. This is required to correctly depend upon a gcc runtime package (e.g. gcc47-libs) when using USE_PKGSRC_GCC_RUNTIME. |
| 2014-03-08 10:10:52 by OBATA Akio | Files touched by this commit (5) |
Log message: Cygwin DLLs are handled automatically now. |
| 2014-03-08 09:53:14 by OBATA Akio | Files touched by this commit (1) |
Log message: Cygwin also has shlib. |
| 2014-03-03 07:56:36 by OBATA Akio | Files touched by this commit (1) |
Log message: adapt to Haiku R1alpha4 |
| 2014-02-22 10:45:36 by OBATA Akio | Files touched by this commit (1) |
Log message: Fixes builtin detection with CHECK_BUILTIN.openssl=yes. Define BUILTINK_API_DEPENDS.openssl same as buildlink3.mk if not defined yet for the case checking builtin (CHECK_BUILTIN.openssl==yes). |
| 2014-02-13 00:23:17 by Matthias Scheler | Files touched by this commit (1) |
Log message: Undo undesired ABI version bump done by "blbump" script. |
| 2014-02-13 00:16:21 by Matthias Scheler | Files touched by this commit (1) |
Log message:
Set minimum required API version of OpenSSL to 1.0.1c:
1.) OpenSSL 0.9.8* doesn't support TLS 1.2, Elliptic curve cryptography
and other modern TLS features.
2.) Supporting OpenSSL 0.9.8* causes extra maintenance overhead.
As a result NetBSD 5.*, all versions of Mac OS X and possibly other
platforms will now use OpenSSL from "pkgsrc".
|
| 2014-01-14 22:51:00 by Benny Siegert | Files touched by this commit (2) |
Log message: Add support for MirBSD to OpenSSL. |
| 2014-01-10 15:32:42 by Matthias Scheler | Files touched by this commit (9) |
Log message: Update "openssl" package to version 1.0.1f. Changes since 1.0.1e: - Fix for TLS record tampering bug. A carefully crafted invalid handshake could crash OpenSSL with a NULL pointer exception. Thanks to Anton Johansson for reporting this issues. (CVE-2013-4353) - Keep original DTLS digest and encryption contexts in retransmission structures so we can use the previous session parameters if they need to be resent. (CVE-2013-6450) [Steve Henson] - Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which avoids preferring ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer. [Rob Stradling, Adam Langley] |
New packages: