./security/openssl, Secure Socket Layer and cryptographic library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2010Q1, Version: 0.9.8o, Package name: openssl-0.9.8o, Maintainer: pkgsrc-users

The OpenSSL Project is a collaborative effort to develop a
robust, commercial-grade, full-featured, and Open Source
toolkit implementing the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols as well as
a full-strength general purpose cryptography library. The
project is managed by a worldwide community of volunteers
that use the Internet to communicate, plan, and develop the
OpenSSL toolkit and its related documentation.


Required to build:
[lang/perl5] [devel/gmake]

Master sites: (Expand)

SHA1: 80c73afc7dca790cd26936cb392a4dfd14d4e4d7
RMD160: c2e455a17bce59c8a54522ffaa26c3a5cb26b510
Filesize: 3684.123 KB

Version history: (Expand)


CVS history: (Expand)


   2010-06-03 10:33:32 by S.P.Zeidler | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket 3135 - requested by taca
security update

Revisions pulled up:
- pkgsrc/security/openssl/Makefile	1.149
- pkgsrc/security/openssl/distinfo	1.75

Files removed:
pkgsrc/security/openssl/patches/patch-bc

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Mon Apr 12 14:19:17 UTC 2010

   Modified Files:
           pkgsrc/security/openssl: Makefile distinfo
   Removed Files:
           pkgsrc/security/openssl/patches: patch-bc

   Log message:
   Update openssl package from 0.9.8m to 0.9.8n.

    Changes between 0.9.8m and 0.9.8n [24 Mar 2010]

     *) When rejecting SSL/TLS records due to an incorrect version number, never
        update s->server with a new major version number.  As of
        - OpenSSL 0.9.8m if 'short' is a 16-bit type,
        - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
        the previous behavior could result in a read attempt at NULL when
        receiving specific incorrect SSL/TLS records once record payload
        protection is active.  (CVE-2010-0740)
        [Bodo Moeller, Adam Langley <agl@chromium.org>]

     *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
        could be crashed if the relevant tables were not present (e.g. chrooted).
        [Tomas Hoger <thoger@redhat.com>]

   To generate a diff of this commit:
   cvs rdiff -u -r1.146 -r1.147 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.73 -r1.74 pkgsrc/security/openssl/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/security/openssl/patches/patch-bc

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Sat May  8 06:33:41 UTC 2010

   Modified Files:
           pkgsrc/security/openssl: Makefile

   Log message:
   Set correct architecture on Darwin

   To generate a diff of this commit:
   cvs rdiff -u -r1.147 -r1.148 pkgsrc/security/openssl/Makefile

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Wed Jun  2 13:30:11 UTC 2010

   Modified Files:
           pkgsrc/security/openssl: Makefile distinfo

   Log message:
   Update security/openssl package to 0.9.8o.

    OpenSSL CHANGES
    _______________

    Changes between 0.9.8n and 0.9.8o [01 Jun 2010]

     *) Correct a typo in the CMS ASN1 module which can result in invalid memory
        access or freeing data twice (CVE-2010-0742)
        [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]

     *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
        common in certificates and some applications which only call
        SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
        [Steve Henson]

     *) VMS fixes:
        Reduce copying into .apps and .test in makevms.com
        Don't try to use blank CA certificate in CA.com
        Allow use of C files from original directories in maketests.com
        [Steven M. Schweda" <sms@antinode.info>]

   To generate a diff of this commit:
   cvs rdiff -u -r1.148 -r1.149 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.74 -r1.75 pkgsrc/security/openssl/distinfo