Next | Query returned 96 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2022-08-06 19:05:46 by Adrian Steinmann | Files touched by this commit (4) | Package updated
Log message:
security/p5-Net-SSLeay update to 1.92
Upstream changes:
1.92 2022-01-12
        - New stable release incorporating all changes from developer releases \ 
1.91_01
          to 1.91_03.
        - Summary of major changes since version 1.90:
          - Net::SSLeay now supports stable releases of OpenSSL 3.0.
            - OpenSSL 3.0.0 introduces the concept of "providers", \ 
which contain
              cryptographic algorithm implementations. Many outdated, deprecated \ 
and/or
              insecure algorithms have been moved to the "legacy" \ 
provider, which may
              need to be loaded explicitly in order to use them with Net::SSLeay. See
              "Low level API: OSSL_LIB_CTX and OSSL_PROVIDER related \ 
functions" in the
              Net::SSLeay module documentation for details.
            - Net::SSLeay's built-in PEM_get_string_PrivateKey() function depends on
              algorithms that have moved to the legacy provider described above; if
              OpenSSL has been compiled without the legacy provider, the tests
              t/local/33_x509_create_cert.t and t/local/63_ec_key_generate_key.t will
              fail when the test suite is run.
            - TLS 1.1 and below may only be used at security level 0 as of OpenSSL
              3.0.0; if a minimum required security level is imposed (e.g. in an
              OpenSSL configuration file managed by the operating system), the tests
              t/local/44_sess.t and t/local/45_exporter.t will fail when the \ 
test suite
              is run.
          - Net::SSLeay now supports stable releases of LibreSSL from the 3.2 - 3.4
            series (with the exception of 3.2.2 and 3.2.3 - see \ 
"COMPATIBILITY" in the
            Net::SSLeay module documentation for details).
            - The TLS 1.3 implementation in LibreSSL 3.1 - 3.3, parts of which are
              enabled by default, is not fully compatible with the libssl API and may
              not function as expected with Net::SSLeay; see "KNOWN BUGS \ 
AND CAVEATS"
              in the Net::SSLeay module documentation for details.
          - A number of new libcrypto/libssl constants and functions are now exposed,
            including SSL_CTX_set_keylog_callback() and SSL_CTX_set_msg_callback(),
            which are helpful when debugging TLS handshakes. See the release \ 
notes for
            the 1.91 developer releases below for a full list of newly-exposed
            constants and functions.
For details see https://metacpan.org/dist/Net-SSLeay/changes
   2022-06-28 13:38:00 by Thomas Klausner | Files touched by this commit (3952)
Log message:
*: recursive bump for perl 5.36
   2021-11-21 21:51:37 by Hubert Feyrer | Files touched by this commit (1)
Log message:
Fix building on Mac OS X

For defails, see http://mail-index.netbsd.org/tech-pkg/2021/11/20/msg025792.html
   2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605)
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
   2021-10-16 16:02:56 by Amitai Schleier | Files touched by this commit (3)
Log message:
Fix build on OpenBSD with native LibreSSL with patches taken from
OpenBSD ports. NFCI on other platforms.
   2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606)
Log message:
security: Remove SHA1 hashes for distfiles
   2021-05-24 21:56:06 by Thomas Klausner | Files touched by this commit (3575)
Log message:
*: recursive bump for perl 5.34
   2021-04-27 14:17:13 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
p5-Net-SSLeay: update to 1.90.

1.90 2021-01-21
	- New stable release incorporating all changes from developer releases
	  1.89_01 to 1.89_05.
	- Summary of major changes since version 1.88:
	  - Formalised libssl version support policy: all stable versions of OpenSSL
	    in the 0.9.8 - 1.1.1 branches (with the exception of 0.9.8 - 0.9.8b) and
	    all stable releases of LibreSSL in the 2.0 - 3.1 series are supported.
	    The LibreSSL 3.2 series is not yet fully supported because its TLSv1.3
	    implementation is not currently libssl-compatible.
	  - Added support for LibreSSL on Windows when built with Visual C++.
	  - Exposed P_X509_CRL_add_extensions, several SSL_CIPHER functions, and
	    several stack functions.
	  - Fixed crashes in the callback functions CTX_set_next_proto_select_cb and
	    CTX_set_alpn_select_cb.
	  - The test suite is now compatible with OpenSSL 1.1.1e onwards, as well as
	    OpenSSL security level 2 (the default on many Linux distributions).

1.89_05 2021-01-21
	- Expose SSL_get_ciphers. Thanks to github user dylc5190.
	- Expose SSL_CIPHER_get_version and fix SSL_CIPHER_description
	  and SSL_CIPHER_get_bits. Also fixed and enhanced
	  documentation for these and related SSL_CIPHER functions.
	- Clarify libssl version support policy: all stable versions of OpenSSL in
	  the 0.9.8 - 1.1.1 branches (with the exception of 0.9.8 - 0.9.8b) and all
	  stable releases of LibreSSL in the 2.0 - 3.1 series are supported.
	- Direct bug reports to the GitHub repository, since rt.cpan.org will shut
	  down on 2021-03-01.

1.89_04 2021-01-13
	- Fix crashes in the callback functions CTX_set_next_proto_select_cb() and
	  CTX_set_alpn_select_cb() caused by the use of a pointer returned by
	  SSL_select_next_proto() which may already have been freed under certain
	  circumstances. Fixes GH-222. Thanks to dylc5190 for the report.
	- Remove the dependency on the AES128-SHA cipher suite in the test script
	  64_ticket_sharing.t. Fixes GH-231.
	- Remove checks and warnings in Makefile.PL relating to the use of RSAref,
	  which was removed from OpenSSL in version 0.9.7.

1.89_03 2020-12-12
	- Expose the following functions:
	  - X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain
	  - sk_X509_pop, sk_X509_shift, sk_X509_unshift,
	  - sk_X509_insert, sk_X509_delete, sk_x509_value, sk_X509_num
	  Thanks to Dan Freed.
	- Correct the minimum OpenSSL version required for the following functions
	  to be made available (previously they were all declared to be present in
	  1.1.0-pre1, which caused Net::SSLeay to crash at run-time when built
	  against OpenSSL versions between 1.1.0-pre1 and 1.1.0-pre3):
	  - CTX_set_max_proto_version (added in 1.1.0-pre2)
	  - CTX_set_min_proto_version (added in 1.1.0-pre2)
	  - SESSION_up_ref (added in 1.1.0-pre4)
	  - set_max_proto_version (added in 1.1.0-pre2)
	  - set_min_proto_version (added in 1.1.0-pre2)
	- Correct the minimum OpenSSL version required for get_SSL_CTX and SSL_ctrl
	  to be made available (previously they were declared to be present from
	  0.9.8f onwards, when in reality they are available in all 0.9.8 versions).
	- Replace the PKI used by the test suite with one generated by the
	  generate-test-pki helper script. All entities in the new PKI have 2048-bit
	  RSA private keys and CSRs, certificates and CRLs with SHA-256 digests,
	  allowing the test suite to execute under OpenSSL security level 2 (now the
	  default security level for OpenSSL in many Linux distributions).
	- Initialise libssl consistently in the test suite.
	- Don't rely on the availability of specific SSL/TLS protocol versions or
	  cipher suites in the test suite; instead, dynamically select from any of
	  the available protocol versions and cipher suites permitted by libssl.
	  Fixes RT#132425. Thanks to Graham Ollis for the initial report of the test
	  suite failing on Ubuntu 20.04 with the Ubuntu-packaged OpenSSL, whose
	  configuration forbids the use of TLSv1.1 and below at run-time by default.

1.89_02 2020-08-07
	- Add support for the P_X509_CRL_add_extensions function. Thanks to
	  Manuel Mausz for the patch.
	- X509_get_subjectAltNames now knows how to return
	  GEN_RID. The returned value is an ASN OID in text format
	  with current maximum length of 2500 characters. Updated
	  t/local/33_x509_create_cert.t to use GEN_RID and all other
	  supported types with certificate request and signed
	  certificate. These relate to GitHub issue GH-149 opened by
	  s482dcaw.
	- Support for 64-bit Windows versions of OpenSSL from 1.0.0-beta1
	  through to 1.0.0b has been withdrawn due to malfunctions occurring in
	  Perl programs that use fork(). This mainly affects users of Strawberry
	  Perl x64 5.12.3.20180709, which ships with OpenSSL 1.0.0-beta4.
	  Affected users should build Net-SSLeay against OpenSSL 1.0.0c or
	  above; users of Strawberry Perl x64 5.12.3.20180709 may instead find
	  it easier to upgrade to Strawberry Perl x64 5.14.4.1 or above. See
	  https://github.com/radiator-software/p5-net-ssleay/issues/189 for more
	  information.

1.89_01 2020-03-22
	- Fix the repository URL in Makefile.PL (git:// rather than git@),
	  which was preventing it from being added to META.json. Thanks to
	  Dan Book.
	- When building Net-SSLeay, exit if an OpenSSL executable cannot be
	  found in PATH. Fixes RT#131060. Thanks to Nigel Horne for the report.
	- Remove non-OCSP external tests, many of which unnecessarily duplicate
	  local tests or fail for reasons outside of our control. Fixes
	  RT#129542. Thanks to Andreas Vögele for the bug report that
	  ultimately led to this change.
	- Add support for LibreSSL on Windows when built with Visual C++.
	  Thanks to Graham Ollis for the patch.
	- In SSL_CTX_free() and SSL_free(), clean callback-related data from
	  the global hash after freeing ctx, not before. This allows callbacks
	  to be executed during freeing. Thanks to Steffen Ullrich for the
	  patch.
	- t/local/07_sslecho.t started failing with OpenSSL 1.1.1e. Updated
	  the test file with missing calls to Net::SSLeay::shutdown(). Also
	  added one call in SSLeay.pm sslcat() function. Enabling SSLeay trace
	  level 3 showed 'unexpected eof while reading' errors which were added
	  to OpenSSL with commit db943f43. This fixes GitHub issue GH-160
	  reported by Brett T. Warden.
	- t/local/01_pod.t now requires Test::Pod 1.41 to work with Pod syntax
	  used with Net::SSLeay 1.88 and later. This fixes GitHub issue GH-147
	  reported by Ulrik Haugen.
   2020-08-31 20:13:29 by Thomas Klausner | Files touched by this commit (3631)
Log message:
*: bump PKGREVISION for perl-5.32.
   2020-03-22 22:15:30 by Nia Alarie | Files touched by this commit (2)
Log message:
p5-Net-SSLeay: Update to 1.88

1.88 2019-05-10
	- New stable release incorporating all changes from developer
	  releases 1.86_01 to 1.86_11.
	- From this release, Net-SSLeay is switching to an "odd/even"
	  developer/stable release version numbering system, like that of
	  many core modules (e.g. ExtUtils::MakeMaker): developer releases
	  will have an odd minor version number (and the usual "_xx" suffix),
	  and stable releases will have an even minor version number. This
	  means there is no Net-SSLeay 1.87.
	- Summary of major changes since version 1.85:
	  - Mike McCauley has stepped down as maintainer. The new maintainers
	    are Chris Novakovic, Heikki Vatiainen and Tuure Vartiainen.
	  - The source code has moved from the now-defunct Debian Subversion
	    server (alioth.debian.org) to GitHub
	    (https://github.com/radiator-software/p5-net-ssleay).
	  - Net-SSLeay is provided under the terms of the Artistic License
	    2.0 - this has been the case since version 1.66, but references
	    to other licenses remained in the source code, causing ambiguity.
	  - Perl 5.8.1 or newer is now required to use Net-SSLeay. This has
	    already been the case for some time in practice, as the test
	    suite hasn't fully passed on Perl 5.6 for several years.
	  - Much-improved compatibility with OpenSSL 1.1.1, and improved
	    support for TLS 1.3.
	  - Fixed a long-standing bug in cb_data_advanced_put() that caused
	    memory leaks when callbacks were frequently added and removed.
	  - Support in the test suite for "hardened" OpenSSL configurations
	    that set a default security level of 2 or higher (e.g., in the
	    OpenSSL packages that ship with recent versions of Debian, Fedora
	    and Ubuntu).

Next | Query returned 96 messages, browsing 1 to 10 | Previous