Navigation:
Browse pkgsrc
(this page)| 2010-02-26 04:15:14 by Takahiro Kambe | Files touched by this commit (10) |
Log message: Update openssl to 0.9.8m. The OpenSSL project team is pleased to announce the release of version 0.9.8m of our open source toolkit for SSL/TLS. This new OpenSSL version is a security and bugfix release which implements RFC5746 to address renegotiation vulnerabilities mentioned in CVE-2009-3555. For a complete list of changes, please see http://www.openssl.org/source/exp/CHANGES. |
| 2010-01-22 04:35:10 by Takahiro Kambe | Files touched by this commit (3) |
Log message: Add a patch from OpenSSL's repositroy to deal with CVE-2009-4355. Bump PKGREVISION. |
2010-01-17 13:02:58 by Thomas Klausner | Files touched by this commit (724) |  |
Log message: Recursive PKGREVISION bump for jpeg update to 8. |
| 2010-01-15 05:55:30 by Takahiro Kambe | Files touched by this commit (5) |
Log message:
Update openssl package to 0.9.8l, fixing security problem.
Approved by agc@.
Changes between 0.9.8k and 0.9.8l [5 Nov 2009]
*) Disable renegotiation completely - this fixes a severe security
problem (CVE-2009-3555) at the cost of breaking all
renegotiation. Renegotiation can be re-enabled by setting
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
run-time. This is really not recommended unless you know what
you're doing.
[Ben Laurie]
|
| 2009-12-25 12:58:06 by OBATA Akio | Files touched by this commit (4) |
Log message: Fixes and improvement for Interix * Not only interix-3, but also treat all interix release, allow to build on SUA. * Gave up randomized image base, use 0x5e000000, as in mk/platform/Interix.mk. It is workaround of PR 42369. * Use -D_REENTRANT flags for threads. * replace -Wl,soname= linker flags with -Wl,h, for Interix |
| 2009-06-14 23:21:16 by Joerg Sonnenberger | Files touched by this commit (8) |
Log message: Convert @exec/@unexec to @pkgdir or drop it. |
| 2009-06-14 20:13:41 by Joerg Sonnenberger | Files touched by this commit (154) |
Log message: Remove @dirrm entries from PLISTs |
| 2009-06-10 15:57:08 by Tim Zingelman | Files touched by this commit (6) |
Log message: Patches for CVE-2009-1377, CVE-2009-1378 & CVE-2009-1379 from http://cvs.openssl.org/filediff?f=openssl/ssl/d1_both.c&v1=1.4.2.9&v2=1.4.2.10 http://cvs.openssl.org/filediff?f=openssl/ssl/d1_both.c&v1=1.4.2.13&v2=1.4.2.15 http://cvs.openssl.org/filediff?f=openssl/crypto/pqueue/pqueue.c&v1=1.2.2.4&v2=1.2.2.5 http://cvs.openssl.org/filediff?f=openssl/crypto/pqueue/pqueue.h&v1=1.2.2.1&v2=1.2.2.2 http://cvs.openssl.org/filediff?f=openssl/ssl/d1_pkt.c&v1=1.4.2.17&v2=1.4.2.18 |
| 2009-06-07 16:24:03 by Joerg Sonnenberger | Files touched by this commit (1) |
Log message: Define openssl-fake-pc only once. |
| 2009-06-07 13:06:26 by Thomas Klausner | Files touched by this commit (1) |
Log message: Create fake pc files for builtin openssl, for the packages that insist on them (like modular-xorg-server). |
New packages: