Navigation:
Browse pkgsrc
(this page)| 2013-02-07 12:30:58 by Thomas Klausner | Files touched by this commit (1) |
Log message: Revert API depends change, not needed. Ok jperkin. |
| 2013-02-07 11:22:57 by Matthias Scheler | Files touched by this commit (1) |
Log message: Reduce minium required OpenSSL version to 1.0.1c (instead of 1.0.1d) which is what NetBSD 6.0* ships with. The minimum ABI version was incorrect anyway and a result of an unnecessary revision bump of the "openssl" package. |
2013-02-07 00:24:19 by Jonathan Perkin | Files touched by this commit (1351) |  |
Log message: PKGREVISION bumps for the security/openssl 1.0.1d update. |
| 2013-02-06 22:40:34 by Jonathan Perkin | Files touched by this commit (13) |
Log message: Update OpenSSL to 1.0.1d. Changes are far too numerous to list, the main one being that we can now take advantage of AES-NI support in modern processors to \ significantly increase performance. Miscellaneous pkgsrc changes: - Remove unnecessary warning message on Solaris. - Fix RPATH for libgost.so. - MD2 support is optional, enabled by default for compatability. |
| 2013-02-05 16:54:31 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Update openssl to 0.9.8y.
Changes between 0.9.8x and 0.9.8y [5 Feb 2013]
*) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
This addresses the flaw in CBC record processing discovered by
Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
at: http://www.isg.rhul.ac.uk/tls/
Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
Security Group at Royal Holloway, University of London
(www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
Emilia Käsper for the initial patch.
(CVE-2013-0169)
[Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
*) Return an error when checking OCSP signatures when key is NULL.
This fixes a DoS attack. (CVE-2013-0166)
[Steve Henson]
*) Call OCSP Stapling callback after ciphersuite has been chosen, so
the right response is stapled. Also change SSL_get_certificate()
so it returns the certificate actually sent.
See http://rt.openssl.org/Ticket/Display.html?id=2836.
(This is a backport)
[Rob Stradling <rob.stradling@comodo.com>]
*) Fix possible deadlock when decoding public keys.
[Steve Henson]
|
| 2013-02-01 14:13:23 by Jonathan Perkin | Files touched by this commit (1) |
Log message: Fix the first master site. |
| 2013-02-01 13:34:15 by Hans Rosenfeld | Files touched by this commit (1) |
Log message: Use LIBABISUFFIX when creating the .pc files to make builtin openssl work on 64bit SunOS and possibly others. |
| 2012-10-23 20:17:02 by Aleksej Saushev | Files touched by this commit (368) |
Log message: Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. |
| 2012-10-05 11:36:31 by Thomas Klausner | Files touched by this commit (1) |
Log message: Add build dependency on p5-Perl4-CoreLibs, needed since a script uses find.pl. Reported by Jörn Clausen in PR 47036. |
| 2012-10-03 23:59:10 by Thomas Klausner | Files touched by this commit (2798) |
Log message: Bump all packages that use perl, or depend on a p5-* package, or are called p5-*. I hope that's all of them. |
New packages: