Navigation:
Browse pkgsrc
(this page)| 2010-11-17 01:52:26 by Takahiro Kambe | Files touched by this commit (3) |
Log message: Update security/openssl package to 0.9.8p. OpenSSL version 0.9.8p released =============================== OpenSSL - The Open Source toolkit for SSL/TLS http://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 0.9.8p of our open source toolkit for SSL/TLS. This new OpenSSL version is a security and bugfix release which addresses CVE-2010-3864. For a complete list of changes, please see http://www.openssl.org/source/exp/CHANGES. |
| 2010-10-08 22:04:58 by Tim Zingelman | Files touched by this commit (3) |
Log message: Fix for CVE-2010-2939 |
| 2010-08-18 13:20:56 by Thomas Klausner | Files touched by this commit (2) |
Log message: Recognize 64 bit DragonFly systems correctly. From Damian Lubosch in PR 43774. |
| 2010-08-01 07:24:00 by OBATA Akio | Files touched by this commit (1) |
Log message: ABI is not defined on old Darwin. |
| 2010-07-04 18:33:25 by OBATA Akio | Files touched by this commit (1) |
Log message: Add builtin OpenSSL support for Haiku. |
| 2010-06-02 15:30:11 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Update security/openssl package to 0.9.8o.
OpenSSL CHANGES
_______________
Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
access or freeing data twice (CVE-2010-0742)
[Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
*) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
common in certificates and some applications which only call
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
[Steve Henson]
*) VMS fixes:
Reduce copying into .apps and .test in makevms.com
Don't try to use blank CA certificate in CA.com
Allow use of C files from original directories in maketests.com
[Steven M. Schweda" <sms@antinode.info>]
|
| 2010-05-08 08:33:41 by Adam Ciarcinski | Files touched by this commit (1) |
Log message: Set correct architecture on Darwin |
2010-04-12 16:19:17 by Takahiro Kambe | Files touched by this commit (3) |  |
Log message:
Update openssl package from 0.9.8m to 0.9.8n.
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
update s->server with a new major version number. As of
- OpenSSL 0.9.8m if 'short' is a 16-bit type,
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
the previous behavior could result in a read attempt at NULL when
receiving specific incorrect SSL/TLS records once record payload
protection is active. (CVE-2010-0740)
[Bodo Moeller, Adam Langley <agl@chromium.org>]
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
[Tomas Hoger <thoger@redhat.com>]
|
| 2010-03-26 01:20:49 by Takahiro Kambe | Files touched by this commit (3) |
Log message: Add a patch for Fix for CVE-2010-0740, DoS problem. http://www.openssl.org/news/secadv_20100324.txt Bump PKGREVISION. |
| 2010-03-01 09:15:40 by Takahiro Kambe | Files touched by this commit (2) |
Log message: Fix broken PLIST. (I wonder why "make print-PLIST" generated wrong result before...") Bump PKGREVISION. |
New packages: