The NetBSD Project

CVS log for pkgsrc/security/openssl/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / security / openssl

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.303: download - view: text, markup, annotated - select for diffs
Tue Sep 17 11:31:52 2024 UTC (2 months, 2 weeks ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2024Q3-base, pkgsrc-2024Q3, HEAD
Diff to: previous 1.302: preferred, colored
Changes since revision 1.302: +5 -1 lines
openssl: Fix build by defining USE_TIMEGM on old Darwin versions

Revision 1.302: download - view: text, markup, annotated - select for diffs
Fri Sep 6 13:47:09 2024 UTC (2 months, 4 weeks ago) by adam
Branches: MAIN
Diff to: previous 1.301: preferred, colored
Changes since revision 1.301: +4 -3 lines
openssl: updated to 3.3.2

OpenSSL 3.3.2 is now available, including bug and security fixes: please download and upgrade!

Revision 1.301: download - view: text, markup, annotated - select for diffs
Wed Jun 5 07:47:33 2024 UTC (6 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2024Q2-base, pkgsrc-2024Q2
Diff to: previous 1.300: preferred, colored
Changes since revision 1.300: +2 -3 lines
openssl: updated to 3.3.1

Changes between 3.3.0 and 3.3.1 [4 Jun 2024]

 * Fixed potential use after free after SSL_free_buffers() is called.

   The SSL_free_buffers function is used to free the internal OpenSSL
   buffer used when processing an incoming record from the network.
   The call is only expected to succeed if the buffer is not currently
   in use. However, two scenarios have been identified where the buffer
   is freed even when still in use.

   The first scenario occurs where a record header has been received
   from the network and processed by OpenSSL, but the full record body
   has not yet arrived. In this case calling SSL_free_buffers will succeed
   even though a record has only been partially processed and the buffer
   is still in use.

   The second scenario occurs where a full record containing application
   data has been received and processed by OpenSSL but the application has
   only read part of this data. Again a call to SSL_free_buffers will
   succeed even though the buffer is still in use.

   ([CVE-2024-4741])


 * Fixed an issue where checking excessively long DSA keys or parameters may
   be very slow.

   Applications that use the functions EVP_PKEY_param_check() or
   EVP_PKEY_public_check() to check a DSA public key or DSA parameters may
   experience long delays. Where the key or parameters that are being checked
   have been obtained from an untrusted source this may lead to a Denial of
   Service.

   To resolve this issue DSA keys larger than OPENSSL_DSA_MAX_MODULUS_BITS
   will now fail the check immediately with a DSA_R_MODULUS_TOO_LARGE error
   reason.

   ([CVE-2024-4603])

Revision 1.300: download - view: text, markup, annotated - select for diffs
Tue Apr 16 15:47:25 2024 UTC (7 months, 2 weeks ago) by jperkin
Branches: MAIN
Diff to: previous 1.299: preferred, colored
Changes since revision 1.299: +4 -1 lines
openssl: Use consistent socket interfaces on SunOS.

The OpenSSL codebase is a forest of preprocessor usage so it's hard to say
exactly what's going wrong, but there's definitely inconsistent use across
the codebase, resulting in socket failures when trying to use QUIC.

Ensure recvmsg/CMSG_* interfaces are available, fixing test suite as well
as some real world regressions (e.g. devel/py-poetry) noticed by users.

Revision 1.299: download - view: text, markup, annotated - select for diffs
Tue Apr 16 07:19:48 2024 UTC (7 months, 3 weeks ago) by wiz
Branches: MAIN
Diff to: previous 1.298: preferred, colored
Changes since revision 1.298: +3 -2 lines
openssl: use --libdir as openssl wants it

Fixes pkg-config files.

Closes PR 58157 by Colin Simmonds.

Bump PKGREVISION.

Revision 1.298: download - view: text, markup, annotated - select for diffs
Wed Apr 10 10:34:13 2024 UTC (7 months, 3 weeks ago) by wiz
Branches: MAIN
Diff to: previous 1.297: preferred, colored
Changes since revision 1.297: +3 -2 lines
openssl: sh3 is not a valid MACHINE_ARCH, split into sh3eb/sh3el

Revision 1.297: download - view: text, markup, annotated - select for diffs
Tue Apr 9 17:16:45 2024 UTC (7 months, 3 weeks ago) by wiz
Branches: MAIN
Diff to: previous 1.296: preferred, colored
Changes since revision 1.296: +2 -2 lines
openssl: update to 3.3.0.

OpenSSL 3.3
-----------

### Major changes between OpenSSL 3.2 and OpenSSL 3.3.0 [9 Apr 2024]

OpenSSL 3.3.0 is a feature release adding significant new functionality to
OpenSSL.

This release adds the following new features:

  * Support for qlog for tracing QUIC connections has been added

  * Added APIs to allow configuring the negotiated idle timeout for QUIC
    connections, and to allow determining the number of additional streams
    that can currently be created for a QUIC connection.

  * Added APIs to allow disabling implicit QUIC event processing for QUIC SSL
    objects

  * Added APIs to allow querying the size and utilisation of a QUIC stream's
    write buffer

  * New API `SSL_write_ex2`, which can be used to send an end-of-stream (FIN)
    condition in an optimised way when using QUIC.

  * Limited support for polling of QUIC connection and stream objects in a
    non-blocking manner.

  * Added a new EVP_DigestSqueeze() API. This allows SHAKE to squeeze multiple
    times with different output sizes.

  * Added exporter for CMake on Unix and Windows, alongside the pkg-config
    exporter.

  * The BLAKE2s hash algorithm matches BLAKE2b's support for configurable
    output length.

  * The EVP_PKEY_fromdata function has been augmented to allow for the
    derivation of CRT (Chinese Remainder Theorem) parameters when requested

  * Added API functions SSL_SESSION_get_time_ex(), SSL_SESSION_set_time_ex()
    using time_t which is Y2038 safe on 32 bit systems when 64 bit time
    is enabled

  * Unknown entries in TLS SignatureAlgorithms, ClientSignatureAlgorithms
    config options and the respective calls to SSL[_CTX]_set1_sigalgs() and
    SSL[_CTX]_set1_client_sigalgs() that start with `?` character are
    ignored and the configuration will still be used.

  * Added `-set_issuer` and `-set_subject` options to `openssl x509` to
    override the Issuer and Subject when creating a certificate. The `-subj`
    option now is an alias for `-set_subject`.

  * Added several new features of CMPv3 defined in RFC 9480 and RFC 9483

  * New option `SSL_OP_PREFER_NO_DHE_KEX`, which allows configuring a TLS1.3
    server to prefer session resumption using PSK-only key exchange over PSK
    with DHE, if both are available.

  * New atexit configuration switch, which controls whether the OPENSSL_cleanup
    is registered when libcrypto is unloaded.

  * Added X509_STORE_get1_objects to avoid issues with the existing
    X509_STORE_get0_objects API in multi-threaded applications.

This release incorporates the following potentially significant or incompatible
changes:

  * Applied AES-GCM unroll8 optimisation to Microsoft Azure Cobalt 100

  * Optimized AES-CTR for ARM Neoverse V1 and V2

  * Enable AES and SHA3 optimisations on Applie Silicon M3-based MacOS systems
    similar to M1/M2.

  * Various optimizations for cryptographic routines using RISC-V vector crypto
    extensions

  * Added assembly implementation for md5 on loongarch64

  * Accept longer context for TLS 1.2 exporters

  * The activate and soft_load configuration settings for providers in
    openssl.cnf have been updated to require a value of [1|yes|true|on]
    (in lower or UPPER case) to enable the setting. Conversely a value
    of [0|no|false|off] will disable the setting.

  * In `openssl speed`, changed the default hash function used with `hmac` from
    `md5` to `sha256`.

  * The `-verify` option to the `openssl crl` and `openssl req` will make the
    program exit with 1 on failure.

  * The d2i_ASN1_GENERALIZEDTIME(), d2i_ASN1_UTCTIME(), ASN1_TIME_check(), and
    related functions have been augmented to check for a minimum length of
    the input string, in accordance with ITU-T X.690 section 11.7 and 11.8.

  * OPENSSL_sk_push() and sk_<TYPE>_push() functions now return 0 instead of -1
    if called with a NULL stack argument.

  * New limit on HTTP response headers is introduced to HTTP client. The
    default limit is set to 256 header lines.

This release incorporates the following bug fixes and mitigations:

  * The BIO_get_new_index() function can only be called 127 times before it
    reaches its upper bound of BIO_TYPE_MASK and will now return -1 once its
    exhausted.

A more detailed list of changes in this release can be found in the
[CHANGES.md] file.

Users interested in using the new QUIC functionality are encouraged to read the
[README file for QUIC][README-QUIC.md], which provides links to relevant
documentation and example code.

As always, bug reports and issues relating to OpenSSL can be [filed on our issue
tracker][issue tracker].

OpenSSL 3.2
-----------

### Major changes between OpenSSL 3.2.1 and OpenSSL 3.2.2 [under development]

OpenSSL 3.2.2 is a security patch release. The most severe CVE fixed in this
release is Low.

This release incorporates the following bug fixes and mitigations:

  * Fixed unbounded memory growth with session handling in TLSv1.3
    ([CVE-2024-2511])

### Major changes between OpenSSL 3.2.0 and OpenSSL 3.2.1 [30 Jan 2024]

OpenSSL 3.2.1 is a security patch release. The most severe CVE fixed in this
release is Low.

This release incorporates the following bug fixes and mitigations:

  * Fixed PKCS12 Decoding crashes
    ([CVE-2024-0727])
  * Fixed excessive time spent checking invalid RSA public keys
    ([CVE-2023-6237])
  * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
    CPUs which support PowerISA 2.07
    ([CVE-2023-6129])

### Major changes between OpenSSL 3.1 and OpenSSL 3.2.0 [23 Nov 2023]

OpenSSL 3.2.0 is a feature release adding significant new functionality to
OpenSSL.

This release incorporates the following potentially significant or incompatible
changes:

  * The default SSL/TLS security level has been changed from 1 to 2.

  * The `x509`, `ca`, and `req` apps now always produce X.509v3 certificates.

  * Subject or issuer names in X.509 objects are now displayed as UTF-8 strings
    by default. Also spaces surrounding `=` in DN output are removed.

This release adds the following new features:

  * Support for client side QUIC, including support for
    multiple streams (RFC 9000)

  * Support for Ed25519ctx, Ed25519ph and Ed448ph in addition
    to existing support for Ed25519 and Ed448 (RFC 8032)

  * Support for deterministic ECDSA signatures (RFC 6979)

  * Support for AES-GCM-SIV, a nonce-misuse-resistant AEAD (RFC 8452)

  * Support for the Argon2 KDF, along with supporting thread pool
    functionality (RFC 9106)

  * Support for Hybrid Public Key Encryption (HPKE) (RFC 9180)

  * Support for SM4-XTS

  * Support for Brainpool curves in TLS 1.3

  * Support for TLS Raw Public Keys (RFC 7250)

  * Support for TCP Fast Open on Linux, macOS and FreeBSD,
    where enabled and supported (RFC 7413)

  * Support for TLS certificate compression, including library
    support for zlib, Brotli and zstd (RFC 8879)

  * Support for provider-based pluggable signature algorithms
    in TLS 1.3 with supporting CMS and X.509 functionality

    With a suitable provider this enables the use of post-quantum/quantum-safe
    cryptography.

  * Support for using the Windows system certificate store as a source of
    trusted root certificates

    This is not yet enabled by default and must be activated using an
    environment variable. This is likely to become enabled by default
    in a future feature release.

  * Support for using the IANA standard names in TLS ciphersuite configuration

  * Multiple new features and improvements to CMP protocol support

The following known issues are present in this release and will be rectified
in a future release:

  * Provider-based signature algorithms cannot be configured using the
    SignatureAlgorithms configuration file parameter (#22761)

This release incorporates the following documentation enhancements:

  * Added multiple tutorials on the OpenSSL library and in particular
    on writing various clients (using TLS and QUIC protocols) with libssl

    See [OpenSSL Guide].

This release incorporates the following bug fixes and mitigations:

  * Fixed excessive time spent in DH check / generation with large Q parameter
    value
    ([CVE-2023-5678])

A more detailed list of changes in this release can be found in the
[CHANGES.md] file.

Users interested in using the new QUIC functionality are encouraged to read the
[README file for QUIC][README-QUIC.md], which provides links to relevant
documentation and example code.

Revision 1.296: download - view: text, markup, annotated - select for diffs
Sat Feb 3 18:21:26 2024 UTC (10 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2024Q1-base, pkgsrc-2024Q1
Diff to: previous 1.295: preferred, colored
Changes since revision 1.295: +2 -2 lines
openssl: updated to 3.1.5

Changes between 3.1.4 and 3.1.5 [30 Jan 2024]

 * A file in PKCS12 format can contain certificates and keys and may come from
   an untrusted source. The PKCS12 specification allows certain fields to be
   NULL, but OpenSSL did not correctly check for this case. A fix has been
   applied to prevent a NULL pointer dereference that results in OpenSSL
   crashing. If an application processes PKCS12 files from an untrusted source
   using the OpenSSL APIs then that application will be vulnerable to this
   issue prior to this fix.

   OpenSSL APIs that were vulnerable to this are: PKCS12_parse(),
   PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()
   and PKCS12_newpass().

   We have also fixed a similar issue in SMIME_write_PKCS7(). However since this
   function is related to writing data we do not consider it security
   significant.

   ([CVE-2024-0727])

Revision 1.295: download - view: text, markup, annotated - select for diffs
Wed Dec 27 14:41:31 2023 UTC (11 months, 1 week ago) by schmonz
Branches: MAIN
CVS tags: pkgsrc-2023Q4-base, pkgsrc-2023Q4
Diff to: previous 1.294: preferred, colored
Changes since revision 1.294: +17 -1 lines
openssl: on NetBSD arches without atomic 64-bit ops, use builtin fallbacks.

Fixes these errors on NetBSD/macppc (and presumably the other listed platforms):

ld: ./libcrypto.so: undefined reference to `__atomic_load_8'
ld: ./libcrypto.so: undefined reference to `__atomic_fetch_or_8'
ld: ./libcrypto.so: undefined reference to `__atomic_is_lock_free'

(suggested by riastradh@)

Revision 1.294: download - view: text, markup, annotated - select for diffs
Sun Nov 5 19:37:19 2023 UTC (13 months ago) by nia
Branches: MAIN
Diff to: previous 1.293: preferred, colored
Changes since revision 1.293: +7 -1 lines
openssl: Fix building on Mac OS X Tiger.

Revision 1.293: download - view: text, markup, annotated - select for diffs
Fri Oct 27 18:30:12 2023 UTC (13 months, 1 week ago) by jperkin
Branches: MAIN
Diff to: previous 1.292: preferred, colored
Changes since revision 1.292: +5 -5 lines
openssl: Various install fixes and improvements.

Revision 1.292: download - view: text, markup, annotated - select for diffs
Tue Oct 24 21:30:35 2023 UTC (13 months, 1 week ago) by wiz
Branches: MAIN
Diff to: previous 1.291: preferred, colored
Changes since revision 1.291: +20 -7 lines
openssl: update to 3.1.4

This is the latest version of the currently newest supported branch.
The 1.1.x branch was de-supported in September.

Based on wip/openssl3 by gdt, tnn, and myself.

Revision 1.291: download - view: text, markup, annotated - select for diffs
Sat Sep 16 02:54:58 2023 UTC (14 months, 3 weeks ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2023Q3-base, pkgsrc-2023Q3
Diff to: previous 1.290: preferred, colored
Changes since revision 1.290: +2 -2 lines
openssl: updated to 1.1.1w

Changes between 1.1.1v and 1.1.1w [11 Sep 2023]

*) Fix POLY1305 MAC implementation corrupting XMM registers on Windows.

   The POLY1305 MAC (message authentication code) implementation in OpenSSL
   does not save the contents of non-volatile XMM registers on Windows 64
   platform when calculating the MAC of data larger than 64 bytes. Before
   returning to the caller all the XMM registers are set to zero rather than
   restoring their previous content. The vulnerable code is used only on newer
   x86_64 processors supporting the AVX512-IFMA instructions.

   The consequences of this kind of internal application state corruption can
   be various - from no consequences, if the calling application does not
   depend on the contents of non-volatile XMM registers at all, to the worst
   consequences, where the attacker could get complete control of the
   application process. However given the contents of the registers are just
   zeroized so the attacker cannot put arbitrary values inside, the most likely
   consequence, if any, would be an incorrect result of some application
   dependent calculations or a crash leading to a denial of service.

   (CVE-2023-4807)
   [Bernd Edlinger]


Changes between 1.1.1u and 1.1.1v [1 Aug 2023]

*) Fix excessive time spent checking DH q parameter value.

   The function DH_check() performs various checks on DH parameters. After
   fixing CVE-2023-3446 it was discovered that a large q parameter value can
   also trigger an overly long computation during some of these checks.
   A correct q value, if present, cannot be larger than the modulus p
   parameter, thus it is unnecessary to perform these checks if q is larger
   than p.

   If DH_check() is called with such q parameter value,
   DH_CHECK_INVALID_Q_VALUE return flag is set and the computationally
   intensive checks are skipped.

   (CVE-2023-3817)
   [Tomáš Mráz]

Revision 1.290: download - view: text, markup, annotated - select for diffs
Tue Jun 27 10:46:50 2023 UTC (17 months, 1 week ago) by riastradh
Branches: MAIN
Diff to: previous 1.289: preferred, colored
Changes since revision 1.289: +23 -1 lines
security/openssl: Make this cross-compile.

Revision 1.289: download - view: text, markup, annotated - select for diffs
Tue May 30 14:52:00 2023 UTC (18 months, 1 week ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2
Diff to: previous 1.288: preferred, colored
Changes since revision 1.288: +3 -4 lines
openssl: update to 1.1.1u.

Fixes a new CVE.

Revision 1.288: download - view: text, markup, annotated - select for diffs
Thu Mar 23 06:16:22 2023 UTC (20 months, 2 weeks ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1
Diff to: previous 1.287: preferred, colored
Changes since revision 1.287: +2 -1 lines
openssl: update to 1.1.1tnb1.

Add upstream patches fixing CVE-2023-0464

Revision 1.286.2.1: download - view: text, markup, annotated - select for diffs
Mon Mar 13 15:12:47 2023 UTC (20 months, 3 weeks ago) by bsiegert
Branches: pkgsrc-2022Q4
Diff to: previous 1.286: preferred, colored; next MAIN 1.287: preferred, colored
Changes since revision 1.286: +2 -2 lines
Pullup ticket #6740 - requested by he
security/openssl: security fix

Revisions pulled up:
- security/openssl/Makefile                                     1.287
- security/openssl/builtin.mk                                   1.51
- security/openssl/distinfo                                     1.165

---
   Module Name:	pkgsrc
   Committed By:	jperkin
   Date:		Tue Feb  7 16:34:42 UTC 2023

   Modified Files:
   	pkgsrc/security/openssl: Makefile builtin.mk distinfo

   Log Message:
   openssl: Update to 1.1.1t.

   Changes between 1.1.1s and 1.1.1t [7 Feb 2023]

    *) Fixed X.400 address type confusion in X.509 GeneralName.

      There is a type confusion vulnerability relating to X.400 address processing
      inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
      but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
      vulnerability may allow an attacker who can provide a certificate chain and
      CRL (neither of which need have a valid signature) to pass arbitrary
      pointers to a memcmp call, creating a possible read primitive, subject to
      some constraints. Refer to the advisory for more information. Thanks to
      David Benjamin for discovering this issue. (CVE-2023-0286)

      This issue has been fixed by changing the public header file definition of
      GENERAL_NAME so that x400Address reflects the implementation. It was not
      possible for any existing application to successfully use the existing
      definition; however, if any application references the x400Address field
      (e.g. in dead code), note that the type of this field has changed. There is
      no ABI change.
      [Hugo Landau]

    *) Fixed Use-after-free following BIO_new_NDEF.

      The public API function BIO_new_NDEF is a helper function used for
      streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
      to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
      be called directly by end user applications.

      The function receives a BIO from the caller, prepends a new BIO_f_asn1
      filter BIO onto the front of it to form a BIO chain, and then returns
      the new head of the BIO chain to the caller. Under certain conditions,
      for example if a CMS recipient public key is invalid, the new filter BIO
      is freed and the function returns a NULL result indicating a failure.
      However, in this case, the BIO chain is not properly cleaned up and the
      BIO passed by the caller still retains internal pointers to the previously
      freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
      then a use-after-free will occur. This will most likely result in a crash.
      (CVE-2023-0215)
      [Viktor Dukhovni, Matt Caswell]

    *) Fixed Double free after calling PEM_read_bio_ex.

      The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
      decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
      data. If the function succeeds then the "name_out", "header" and "data"
      arguments are populated with pointers to buffers containing the relevant
      decoded data. The caller is responsible for freeing those buffers. It is
      possible to construct a PEM file that results in 0 bytes of payload data.
      In this case PEM_read_bio_ex() will return a failure code but will populate
      the header argument with a pointer to a buffer that has already been freed.
      If the caller also frees this buffer then a double free will occur. This
      will most likely lead to a crash.

      The functions PEM_read_bio() and PEM_read() are simple wrappers around
      PEM_read_bio_ex() and therefore these functions are also directly affected.

      These functions are also called indirectly by a number of other OpenSSL
      functions including PEM_X509_INFO_read_bio_ex() and
      SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
      internal uses of these functions are not vulnerable because the caller does
      not free the header argument if PEM_read_bio_ex() returns a failure code.
      (CVE-2022-4450)
      [Kurt Roeckx, Matt Caswell]

    *) Fixed Timing Oracle in RSA Decryption.

      A timing based side channel exists in the OpenSSL RSA Decryption
      implementation which could be sufficient to recover a plaintext across
      a network in a Bleichenbacher style attack. To achieve a successful
      decryption an attacker would have to be able to send a very large number
      of trial messages for decryption. The vulnerability affects all RSA padding
      modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
      (CVE-2022-4304)
      [Dmitry Belyavsky, Hubert Kario]

Revision 1.287: download - view: text, markup, annotated - select for diffs
Tue Feb 7 16:34:42 2023 UTC (21 months, 4 weeks ago) by jperkin
Branches: MAIN
Diff to: previous 1.286: preferred, colored
Changes since revision 1.286: +2 -2 lines
openssl: Update to 1.1.1t.

Changes between 1.1.1s and 1.1.1t [7 Feb 2023]

 *) Fixed X.400 address type confusion in X.509 GeneralName.

   There is a type confusion vulnerability relating to X.400 address processing
   inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
   but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
   vulnerability may allow an attacker who can provide a certificate chain and
   CRL (neither of which need have a valid signature) to pass arbitrary
   pointers to a memcmp call, creating a possible read primitive, subject to
   some constraints. Refer to the advisory for more information. Thanks to
   David Benjamin for discovering this issue. (CVE-2023-0286)

   This issue has been fixed by changing the public header file definition of
   GENERAL_NAME so that x400Address reflects the implementation. It was not
   possible for any existing application to successfully use the existing
   definition; however, if any application references the x400Address field
   (e.g. in dead code), note that the type of this field has changed. There is
   no ABI change.
   [Hugo Landau]

 *) Fixed Use-after-free following BIO_new_NDEF.

   The public API function BIO_new_NDEF is a helper function used for
   streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
   to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
   be called directly by end user applications.

   The function receives a BIO from the caller, prepends a new BIO_f_asn1
   filter BIO onto the front of it to form a BIO chain, and then returns
   the new head of the BIO chain to the caller. Under certain conditions,
   for example if a CMS recipient public key is invalid, the new filter BIO
   is freed and the function returns a NULL result indicating a failure.
   However, in this case, the BIO chain is not properly cleaned up and the
   BIO passed by the caller still retains internal pointers to the previously
   freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
   then a use-after-free will occur. This will most likely result in a crash.
   (CVE-2023-0215)
   [Viktor Dukhovni, Matt Caswell]

 *) Fixed Double free after calling PEM_read_bio_ex.

   The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
   decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
   data. If the function succeeds then the "name_out", "header" and "data"
   arguments are populated with pointers to buffers containing the relevant
   decoded data. The caller is responsible for freeing those buffers. It is
   possible to construct a PEM file that results in 0 bytes of payload data.
   In this case PEM_read_bio_ex() will return a failure code but will populate
   the header argument with a pointer to a buffer that has already been freed.
   If the caller also frees this buffer then a double free will occur. This
   will most likely lead to a crash.

   The functions PEM_read_bio() and PEM_read() are simple wrappers around
   PEM_read_bio_ex() and therefore these functions are also directly affected.

   These functions are also called indirectly by a number of other OpenSSL
   functions including PEM_X509_INFO_read_bio_ex() and
   SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
   internal uses of these functions are not vulnerable because the caller does
   not free the header argument if PEM_read_bio_ex() returns a failure code.
   (CVE-2022-4450)
   [Kurt Roeckx, Matt Caswell]

 *) Fixed Timing Oracle in RSA Decryption.

   A timing based side channel exists in the OpenSSL RSA Decryption
   implementation which could be sufficient to recover a plaintext across
   a network in a Bleichenbacher style attack. To achieve a successful
   decryption an attacker would have to be able to send a very large number
   of trial messages for decryption. The vulnerability affects all RSA padding
   modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
   (CVE-2022-4304)
   [Dmitry Belyavsky, Hubert Kario]

Revision 1.286: download - view: text, markup, annotated - select for diffs
Sat Nov 5 18:42:00 2022 UTC (2 years, 1 month ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2022Q4-base
Branch point for: pkgsrc-2022Q4
Diff to: previous 1.285: preferred, colored
Changes since revision 1.285: +2 -2 lines
openssl: update to 1.1.1s.

  Major changes between OpenSSL 1.1.1r and OpenSSL 1.1.1s [1 Nov 2022]

      o Fixed a regression introduced in OpenSSL 1.1.1r not refreshing the
        certificate data to be signed before signing the certificate.

  Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022]

      o Added a missing header for memcmp that caused compilation failure on
        some platforms

Revision 1.285: download - view: text, markup, annotated - select for diffs
Wed Oct 12 14:32:38 2022 UTC (2 years, 1 month ago) by wiz
Branches: MAIN
Diff to: previous 1.284: preferred, colored
Changes since revision 1.284: +1 -1 lines
openssl: downgrade to 1.1.1q

The tarball was retracted due to a regression, to quote:

We have received a report of a significant regression in the latest
3.0.6 and 1.1.1r versions. The regression is not thought to have
security consequences. While the regression is further investigated we
have taken the decision to withdraw the 3.0.6 and 1.1.1r versions and
instead recommend that users remain on the previous 3.0.5 and 1.1.1q
versions for now.

We will issue a new plan for the release of 3.0.7 and 1.1.1s soon.

From https://mta.openssl.org/pipermail/openssl-announce/2022-October/000237.html

Revision 1.284: download - view: text, markup, annotated - select for diffs
Wed Oct 12 13:38:23 2022 UTC (2 years, 1 month ago) by wiz
Branches: MAIN
Diff to: previous 1.283: preferred, colored
Changes since revision 1.283: +2 -2 lines
openssl: update to 1.1.1r.

  Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022]

      o Added a missing header for memcmp that caused compilation failure on
        some platforms

Revision 1.281.2.1: download - view: text, markup, annotated - select for diffs
Sat Aug 27 16:15:17 2022 UTC (2 years, 3 months ago) by spz
Branches: pkgsrc-2022Q2
Diff to: previous 1.281: preferred, colored; next MAIN 1.282: preferred, colored
Changes since revision 1.281: +2 -2 lines
Pullup ticket #6667 - requested by khorben
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.283
- security/openssl/distinfo                                     1.161

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Mon Jul 11 23:03:51 UTC 2022

   Modified Files:
           pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   openssl: update to 1.1.1q.

     Major changes between OpenSSL 1.1.1p and OpenSSL 1.1.1q [5 Jul 2022]

         o Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
           (CVE-2022-2097)


   To generate a diff of this commit:
   cvs rdiff -u -r1.282 -r1.283 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.160 -r1.161 pkgsrc/security/openssl/distinfo

Revision 1.283: download - view: text, markup, annotated - select for diffs
Mon Jul 11 23:03:51 2022 UTC (2 years, 4 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2022Q3-base, pkgsrc-2022Q3
Diff to: previous 1.282: preferred, colored
Changes since revision 1.282: +2 -3 lines
openssl: update to 1.1.1q.

  Major changes between OpenSSL 1.1.1p and OpenSSL 1.1.1q [5 Jul 2022]

      o Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
        (CVE-2022-2097)

Revision 1.282: download - view: text, markup, annotated - select for diffs
Tue Jun 28 11:35:38 2022 UTC (2 years, 5 months ago) by wiz
Branches: MAIN
Diff to: previous 1.281: preferred, colored
Changes since revision 1.281: +2 -1 lines
*: recursive bump for perl 5.36

Revision 1.281: download - view: text, markup, annotated - select for diffs
Tue Jun 21 18:48:39 2022 UTC (2 years, 5 months ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2022Q2-base
Branch point for: pkgsrc-2022Q2
Diff to: previous 1.280: preferred, colored
Changes since revision 1.280: +2 -2 lines
openssl: Update to 1.1.1p.

Approved during freeze by gdt@, tested on SmartOS and macOS.

Major changes between OpenSSL 1.1.1o and OpenSSL 1.1.1p [21 Jun 2022]

    o Fixed additional bugs in the c_rehash script which was not properly
      sanitising shell metacharacters to prevent command injection
      (CVE-2022-2068)

Revision 1.280: download - view: text, markup, annotated - select for diffs
Tue May 10 05:43:50 2022 UTC (2 years, 6 months ago) by wiz
Branches: MAIN
Diff to: previous 1.279: preferred, colored
Changes since revision 1.279: +2 -2 lines
openssl: update to 1.1.1o.

  Major changes between OpenSSL 1.1.1n and OpenSSL 1.1.1o [3 May 2022]

      o Fixed a bug in the c_rehash script which was not properly sanitising
        shell metacharacters to prevent command injection (CVE-2022-1292)

Revision 1.279: download - view: text, markup, annotated - select for diffs
Tue Mar 15 18:20:02 2022 UTC (2 years, 8 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1
Diff to: previous 1.278: preferred, colored
Changes since revision 1.278: +2 -2 lines
openssl: update to 1.1.1n.

  Major changes between OpenSSL 1.1.1m and OpenSSL 1.1.1n [15 Mar 2022]

      o Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
        forever for non-prime moduli ([CVE-2022-0778])

Revision 1.278: download - view: text, markup, annotated - select for diffs
Mon Feb 28 12:25:09 2022 UTC (2 years, 9 months ago) by wiz
Branches: MAIN
Diff to: previous 1.277: preferred, colored
Changes since revision 1.277: +2 -2 lines
openssl: update to 1.1.1m.

 Changes between 1.1.1l and 1.1.1m [14 Dec 2021]

  *) Avoid loading of a dynamic engine twice.
  *) Fixed building on Debian with kfreebsd kernels
  *) Prioritise DANE TLSA issuer certs over peer certs
  *) Fixed random API for MacOS prior to 10.12

Revision 1.277: download - view: text, markup, annotated - select for diffs
Tue Jan 11 11:10:39 2022 UTC (2 years, 10 months ago) by schmonz
Branches: MAIN
Diff to: previous 1.276: preferred, colored
Changes since revision 1.276: +5 -1 lines
Omit "-MT $@" from generated make rules, as it breaks SunPro builds and
"-o $@" is already sufficient.

Also for SunPro, set OPENSSL_HOST.SunOS-x86_64=solaris64-x86_64-cc
(that's cc, not gcc) to avoid this error linking libcrypto.so:

    cc: Warning: Option --libgcc passed to ld, if ld is invoked,
    ignored otherwise
    cc: No valid input files specified, no output generated

"make package" succeeds on:

- Solaris 11 with "Studio 12.6 Sun C 5.15"
- Tribblix m25.1 with pkgsrc gcc7
- CentOS 7 with pkgsrc gcc7
- FreeBSD 13 with system clang
- OpenBSD 7.0 with system clang
- NetBSD 9.2 and -current with system gcc
- CentOS 8 with system gcc
- Debian 11, 10, 9 with system gcc
- Devuan 4 with system gcc
- Ubuntu 21, 18, 16, 14 with system gcc
- Void with system gcc
- Gentoo with system gcc

Revision 1.276: download - view: text, markup, annotated - select for diffs
Wed Aug 25 15:22:05 2021 UTC (3 years, 3 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4, pkgsrc-2021Q3-base, pkgsrc-2021Q3
Diff to: previous 1.275: preferred, colored
Changes since revision 1.275: +2 -2 lines
openssl: fix building on Darwin

Revision 1.275: download - view: text, markup, annotated - select for diffs
Wed Aug 25 11:25:25 2021 UTC (3 years, 3 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.274: preferred, colored
Changes since revision 1.274: +3 -4 lines
openssl: Update to 1.1.1l.

Changes between 1.1.1k and 1.1.1l [24 Aug 2021]

*) Fixed an SM2 Decryption Buffer Overflow.

   In order to decrypt SM2 encrypted data an application is expected to call the
   API function EVP_PKEY_decrypt(). Typically an application will call this
   function twice. The first time, on entry, the "out" parameter can be NULL and,
   on exit, the "outlen" parameter is populated with the buffer size required to
   hold the decrypted plaintext. The application can then allocate a sufficiently
   sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL
   value for the "out" parameter.

   A bug in the implementation of the SM2 decryption code means that the
   calculation of the buffer size required to hold the plaintext returned by the
   first call to EVP_PKEY_decrypt() can be smaller than the actual size required by
   the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is
   called by the application a second time with a buffer that is too small.

   A malicious attacker who is able present SM2 content for decryption to an
   application could cause attacker chosen data to overflow the buffer by up to a
   maximum of 62 bytes altering the contents of other data held after the
   buffer, possibly changing application behaviour or causing the application to
   crash. The location of the buffer is application dependent but is typically
   heap allocated.
   (CVE-2021-3711)
   [Matt Caswell]

*) Fixed various read buffer overruns processing ASN.1 strings

   ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING
   structure which contains a buffer holding the string data and a field holding
   the buffer length. This contrasts with normal C strings which are repesented as
   a buffer for the string data which is terminated with a NUL (0) byte.

   Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's
   own "d2i" functions (and other similar parsing functions) as well as any string
   whose value has been set with the ASN1_STRING_set() function will additionally
   NUL terminate the byte array in the ASN1_STRING structure.

   However, it is possible for applications to directly construct valid ASN1_STRING
   structures which do not NUL terminate the byte array by directly setting the
   "data" and "length" fields in the ASN1_STRING array. This can also happen by
   using the ASN1_STRING_set0() function.

   Numerous OpenSSL functions that print ASN.1 data have been found to assume that
   the ASN1_STRING byte array will be NUL terminated, even though this is not
   guaranteed for strings that have been directly constructed. Where an application
   requests an ASN.1 structure to be printed, and where that ASN.1 structure
   contains ASN1_STRINGs that have been directly constructed by the application
   without NUL terminating the "data" field, then a read buffer overrun can occur.

   The same thing can also occur during name constraints processing of certificates
   (for example if a certificate has been directly constructed by the application
   instead of loading it via the OpenSSL parsing functions, and the certificate
   contains non NUL terminated ASN1_STRING structures). It can also occur in the
   X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions.

   If a malicious actor can cause an application to directly construct an
   ASN1_STRING and then process it through one of the affected OpenSSL functions
   then this issue could be hit. This might result in a crash (causing a Denial of
   Service attack). It could also result in the disclosure of private memory
   contents (such as private keys, or sensitive plaintext).
   (CVE-2021-3712)
   [Matt Caswell]

Revision 1.274: download - view: text, markup, annotated - select for diffs
Sun Jul 18 23:11:08 2021 UTC (3 years, 4 months ago) by dholland
Branches: MAIN
Diff to: previous 1.273: preferred, colored
Changes since revision 1.273: +2 -1 lines
PR 55733 Joern Clausen: use GNU m4 with security/openssl on Solaris.

Seems that Solaris's m4 overflows internal limits.

Revision 1.273: download - view: text, markup, annotated - select for diffs
Sat Jul 10 15:40:52 2021 UTC (3 years, 4 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.272: preferred, colored
Changes since revision 1.272: +1 -2 lines
openssl: Stop passing CFLAGS/LDFLAGS to configure.

If this ever worked it only did by accident.  Specifying, for example,
"-arch arm64" as used on macOS is enough to break its custom configure
script that assumes all arguments start with "-".

The flags seem to propogate through the environment normally.

Revision 1.272: download - view: text, markup, annotated - select for diffs
Fri Jul 9 18:22:56 2021 UTC (3 years, 4 months ago) by schmonz
Branches: MAIN
Diff to: previous 1.271: preferred, colored
Changes since revision 1.271: +6 -1 lines
On Mac OS X Snow Leopard with ABI=64, configure was selecting a 32-bit
build (and then failing in the assembler). Override its choice on
Darwin/x86_64 by specifying KERNEL_BITS=${ABI} in CONFIGURE_ENV.

Revision 1.271: download - view: text, markup, annotated - select for diffs
Mon May 24 19:53:55 2021 UTC (3 years, 6 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Diff to: previous 1.270: preferred, colored
Changes since revision 1.270: +2 -1 lines
*: recursive bump for perl 5.34

Revision 1.270: download - view: text, markup, annotated - select for diffs
Thu Apr 22 09:59:37 2021 UTC (3 years, 7 months ago) by nia
Branches: MAIN
Diff to: previous 1.269: preferred, colored
Changes since revision 1.269: +4 -1 lines
openssl: add note on updating

Revision 1.269: download - view: text, markup, annotated - select for diffs
Thu Mar 25 16:36:19 2021 UTC (3 years, 8 months ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Diff to: previous 1.268: preferred, colored
Changes since revision 1.268: +2 -2 lines
openssl: Update to 1.1.1k.

Approved by @wiz during freeze.

Changes between 1.1.1j and 1.1.1k [25 Mar 2021]

 *) Fixed a problem with verifying a certificate chain when using the
    X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks
    of the certificates present in a certificate chain. It is not set by
    default.

    Starting from OpenSSL version 1.1.1h a check to disallow certificates in
    the chain that have explicitly encoded elliptic curve parameters was added
    as an additional strict check.

    An error in the implementation of this check meant that the result of a
    previous check to confirm that certificates in the chain are valid CA
    certificates was overwritten. This effectively bypasses the check
    that non-CA certificates must not be able to issue other certificates.

    If a "purpose" has been configured then there is a subsequent opportunity
    for checks that the certificate is a valid CA.  All of the named "purpose"
    values implemented in libcrypto perform this check.  Therefore, where
    a purpose is set the certificate chain will still be rejected even when the
    strict flag has been used. A purpose is set by default in libssl client and
    server certificate verification routines, but it can be overridden or
    removed by an application.

    In order to be affected, an application must explicitly set the
    X509_V_FLAG_X509_STRICT verification flag and either not set a purpose
    for the certificate verification or, in the case of TLS client or server
    applications, override the default purpose.
    (CVE-2021-3450)
    [Tomáš Mráz]

 *) Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
    crafted renegotiation ClientHello message from a client. If a TLSv1.2
    renegotiation ClientHello omits the signature_algorithms extension (where
    it was present in the initial ClientHello), but includes a
    signature_algorithms_cert extension then a NULL pointer dereference will
    result, leading to a crash and a denial of service attack.

    A server is only vulnerable if it has TLSv1.2 and renegotiation enabled
    (which is the default configuration). OpenSSL TLS clients are not impacted
    by this issue.
    (CVE-2021-3449)
    [Peter Kästle and Samuel Sapalski]

Revision 1.268: download - view: text, markup, annotated - select for diffs
Sat Feb 20 08:53:23 2021 UTC (3 years, 9 months ago) by wiz
Branches: MAIN
Diff to: previous 1.267: preferred, colored
Changes since revision 1.267: +2 -2 lines
openssl: update to 1.1.1j.

  Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]

      o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
        function (CVE-2021-23841)
      o Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
        padding mode to correctly check for rollback attacks
      o Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
        EVP_DecryptUpdate functions (CVE-2021-23840)
      o Fixed SRP_Calc_client_key so that it runs in constant time

Revision 1.267: download - view: text, markup, annotated - select for diffs
Mon Jan 25 20:26:43 2021 UTC (3 years, 10 months ago) by schmonz
Branches: MAIN
Diff to: previous 1.266: preferred, colored
Changes since revision 1.266: +3 -2 lines
Fix build on OpenBSD by defining __STDC_NO_ATOMICS__.

Revision 1.263.2.1: download - view: text, markup, annotated - select for diffs
Fri Dec 11 08:50:56 2020 UTC (3 years, 11 months ago) by bsiegert
Branches: pkgsrc-2020Q3
Diff to: previous 1.263: preferred, colored; next MAIN 1.264: preferred, colored
Changes since revision 1.263: +4 -3 lines
Pullup ticket #6384 - requested by wiz
security/openssl: security fix

Revisions pulled up:
- security/openssl/Makefile                                     1.264-1.266
- security/openssl/PLIST                                        1.7
- security/openssl/distinfo                                     1.146-1.147
- security/openssl/patches/patch-Configurations_10-main.conf    deleted
- security/openssl/patches/patch-crypto_rand_rand__unix.c       deleted

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Sep 30 09:25:31 UTC 2020

   Modified Files:
   	pkgsrc/security/openssl: Makefile PLIST distinfo
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-crypto_rand_rand__unix.c

   Log Message:
   openssl: update to 1.1.1h.

     Major changes between OpenSSL 1.1.1g and OpenSSL 1.1.1h [22 Sep 2020]

         o Disallow explicit curve parameters in verifications chains when
           X509_V_FLAG_X509_STRICT is used
         o Enable 'MinProtocol' and 'MaxProtocol' to configure both TLS and DTLS
           contexts
         o Oracle Developer Studio will start reporting deprecation warnings

---
   Module Name:	pkgsrc
   Committed By:	maya
   Date:		Tue Oct 13 07:37:29 UTC 2020

   Modified Files:
   	pkgsrc/security/openssl: Makefile

   Log Message:
   openssl: add -lrt for the benefit of Solaris 10.

   PR pkg/55688
   PR pkg/54958

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Tue Dec  8 18:54:17 UTC 2020

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-Configurations_10-main.conf

   Log Message:
   openssl: update to 1.1.1i.

     Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020]

         o Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)

Revision 1.266: download - view: text, markup, annotated - select for diffs
Tue Dec 8 18:54:17 2020 UTC (3 years, 11 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Diff to: previous 1.265: preferred, colored
Changes since revision 1.265: +2 -2 lines
openssl: update to 1.1.1i.

  Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020]

      o Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)

Revision 1.265: download - view: text, markup, annotated - select for diffs
Tue Oct 13 07:37:29 2020 UTC (4 years, 1 month ago) by maya
Branches: MAIN
Diff to: previous 1.264: preferred, colored
Changes since revision 1.264: +3 -1 lines
openssl: add -lrt for the benefit of Solaris 10.

PR pkg/55688
PR pkg/54958

Revision 1.264: download - view: text, markup, annotated - select for diffs
Wed Sep 30 09:25:30 2020 UTC (4 years, 2 months ago) by wiz
Branches: MAIN
Diff to: previous 1.263: preferred, colored
Changes since revision 1.263: +2 -3 lines
openssl: update to 1.1.1h.

  Major changes between OpenSSL 1.1.1g and OpenSSL 1.1.1h [22 Sep 2020]

      o Disallow explicit curve parameters in verifications chains when
        X509_V_FLAG_X509_STRICT is used
      o Enable 'MinProtocol' and 'MaxProtocol' to configure both TLS and DTLS
        contexts
      o Oracle Developer Studio will start reporting deprecation warnings

Revision 1.263: download - view: text, markup, annotated - select for diffs
Mon Aug 31 18:11:09 2020 UTC (4 years, 3 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2020Q3-base
Branch point for: pkgsrc-2020Q3
Diff to: previous 1.262: preferred, colored
Changes since revision 1.262: +2 -2 lines
*: bump PKGREVISION for perl-5.32.

Revision 1.262: download - view: text, markup, annotated - select for diffs
Wed Jul 22 20:41:30 2020 UTC (4 years, 4 months ago) by sjmulder
Branches: MAIN
Diff to: previous 1.261: preferred, colored
Changes since revision 1.261: +2 -1 lines
security/openssl: Make compatible with Apple Silicon

Revision 1.261: download - view: text, markup, annotated - select for diffs
Mon Jul 13 11:35:54 2020 UTC (4 years, 4 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.260: preferred, colored
Changes since revision 1.260: +5 -3 lines
openssl: Fix c_rehash manual page entry.

Previously after the openssl-* renames it ended up as a dangling symlink,
causing "pkg_admin check" failures.  Bump PKGREVISION.

Revision 1.260: download - view: text, markup, annotated - select for diffs
Fri Jul 10 10:04:54 2020 UTC (4 years, 4 months ago) by hauke
Branches: MAIN
Diff to: previous 1.259: preferred, colored
Changes since revision 1.259: +8 -1 lines
Unbreak security/openssl build on pre-v9 Darwin.

(1) There is no {get,make,set}context support before Darwin 9

(2) Instead of failing the build on makedepend(8) malfunction, have
make(1) ignore its return value - which used to be the default for
previous OpenSSL versions.

Revision 1.259: download - view: text, markup, annotated - select for diffs
Thu May 21 10:41:36 2020 UTC (4 years, 6 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2
Diff to: previous 1.258: preferred, colored
Changes since revision 1.258: +2 -1 lines
openssl: Pass explicit libdir

Some linuxes have /lib64. pkgsrc should never use /lib64.

Pointed out by sobukus on freenode

Revision 1.258: download - view: text, markup, annotated - select for diffs
Thu Apr 30 11:21:57 2020 UTC (4 years, 7 months ago) by nia
Branches: MAIN
Diff to: previous 1.257: preferred, colored
Changes since revision 1.257: +2 -1 lines
openssl: Fix KERN_ARND usage on NetBSD.

XXX upstream

Revision 1.257: download - view: text, markup, annotated - select for diffs
Tue Apr 21 13:29:35 2020 UTC (4 years, 7 months ago) by sevan
Branches: MAIN
Diff to: previous 1.256: preferred, colored
Changes since revision 1.256: +2 -2 lines
Update to OpenSSL 1.1.1g

Major changes between OpenSSL 1.1.1f and OpenSSL 1.1.1g [21 Apr 2020]

   Fixed segmentation fault in SSL_check_chain() (CVE-2020-1967)

Revision 1.256: download - view: text, markup, annotated - select for diffs
Tue Mar 31 15:02:31 2020 UTC (4 years, 8 months ago) by sevan
Branches: MAIN
Diff to: previous 1.255: preferred, colored
Changes since revision 1.255: +2 -2 lines
Update to openssl 1.1.1f

Changes between 1.1.1e and 1.1.1f

* Revert the unexpected EOF reporting via SSL_ERROR_SSL

Revision 1.255: download - view: text, markup, annotated - select for diffs
Sun Mar 22 18:23:34 2020 UTC (4 years, 8 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Diff to: previous 1.254: preferred, colored
Changes since revision 1.254: +2 -3 lines
openssl: update to 1.1.1e.

  Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020]

      o Fixed an overflow bug in the x64_64 Montgomery squaring procedure
        used in exponentiation with 512-bit moduli (CVE-2019-1551)

Revision 1.254: download - view: text, markup, annotated - select for diffs
Wed Feb 12 19:49:23 2020 UTC (4 years, 9 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.253: preferred, colored
Changes since revision 1.253: +2 -2 lines
openssl: Spell x86_64 correctly.

Revision 1.253: download - view: text, markup, annotated - select for diffs
Wed Feb 12 15:14:57 2020 UTC (4 years, 9 months ago) by rillig
Branches: MAIN
Diff to: previous 1.252: preferred, colored
Changes since revision 1.252: +2 -2 lines
security/openssl: fix the recent fix for building on Solaris and HP-UX

Revision 1.252: download - view: text, markup, annotated - select for diffs
Tue Feb 11 17:23:11 2020 UTC (4 years, 9 months ago) by rillig
Branches: MAIN
Diff to: previous 1.251: preferred, colored
Changes since revision 1.251: +9 -1 lines
security/openssl: fix build on Solaris

This fixes PR pkg/54894.

Revision 1.251: download - view: text, markup, annotated - select for diffs
Tue Feb 11 09:58:50 2020 UTC (4 years, 9 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.250: preferred, colored
Changes since revision 1.250: +12 -1 lines
openssl: Handle i386 SunOS.

The OpenSSL config script isn't clever enough to detect multiarch platforms so
we need to manually specify the host OS.

Revision 1.250: download - view: text, markup, annotated - select for diffs
Sat Jan 18 21:48:23 2020 UTC (4 years, 10 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.249: preferred, colored
Changes since revision 1.249: +2 -2 lines
*: Recursive revision bump for openssl 1.1.1.

Revision 1.249: download - view: text, markup, annotated - select for diffs
Thu Jan 16 22:45:45 2020 UTC (4 years, 10 months ago) by wiz
Branches: MAIN
Diff to: previous 1.248: preferred, colored
Changes since revision 1.248: +2 -1 lines
openssl: rc5 patents expired some years ago

Remove its LICENSE line and enable rc5 option by default.
Bump PKGREVISION.

Revision 1.248: download - view: text, markup, annotated - select for diffs
Thu Jan 16 13:30:29 2020 UTC (4 years, 10 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.247: preferred, colored
Changes since revision 1.247: +27 -147 lines
openssl: Update to 1.1.1d.

This is a major upgrade to the current LTS release.  1.0.2 and 1.1.0 are now
out of support and should not be used.

pkgsrc changes include a large cleanup of patches and targets, many of which
were clearly bogus, for example a CONFLICTS entry against a package that has
never existed, and one that was removed in 1999.

Tested on SmartOS, macOS, and NetBSD.  Used for the SmartOS pkgsrc-2019Q4 LTS
release.

There are far too many individual changes to list, so the following text is
instead taken from the 1.1.1 blog announcement:

  --------------------------------------------------------------------------

After two years of work we are excited to be releasing our latest version today
- OpenSSL 1.1.1. This is also our new Long Term Support (LTS) version and so we
are committing to support it for at least five years.

OpenSSL 1.1.1 has been a huge team effort with nearly 5000 commits having been
made from over 200 individual contributors since the release of OpenSSL 1.1.0.
These statistics just illustrate the amazing vitality and diversity of the
OpenSSL community. The contributions didn't just come in the form of commits
though. There has been a great deal of interest in this new version so thanks
needs to be extended to the large number of users who have downloaded the beta
releases to test them out and report bugs.

The headline new feature is TLSv1.3. This new version of the Transport Layer
Security (formerly known as SSL) protocol was published by the IETF just one
month ago as RFC8446. This is a major rewrite of the standard and introduces
significant changes, features and improvements which have been reflected in the
new OpenSSL version.

What's more is that OpenSSL 1.1.1 is API and ABI compliant with OpenSSL 1.1.0
so most applications that work with 1.1.0 can gain many of the benefits of
TLSv1.3 simply by dropping in the new OpenSSL version. Since TLSv1.3 works very
differently to TLSv1.2 though there are a few caveats that may impact a
minority of applications. See the TLSv1.3 page on the OpenSSL wiki for more
details.

Some of the benefits of TLSv1.3 include:

 * Improved connection times due to a reduction in the number of round trips
   required between the client and server

 * The ability, in certain circumstances, for clients to start sending
   encrypted data to the server straight away without any round trips with the
   server required (a feature known as 0-RTT or “early data”).

 * Improved security due to the removal of various obsolete and insecure
   cryptographic algorithms and encryption of more of the connection handshake

Other features in the 1.1.1 release include:

 * Complete rewrite of the OpenSSL random number generator to introduce the
   following capabilities:

   * The default RAND method now utilizes an AES-CTR DRBG according to NIST
     standard SP 800-90Ar1.
   * Support for multiple DRBG instances with seed chaining.
   * There is a public and private DRBG instance.
   * The DRBG instances are fork-safe.
   * Keep all global DRBG instances on the secure heap if it is enabled.
   * The public and private DRBG instance are per thread for lock free
     operation

 * Support for various new cryptographic algorithms including:

   * SHA3
   * SHA512/224 and SHA512/256
   * EdDSA (including Ed25519 and Ed448)
   * X448 (adding to the existing X25519 support in 1.1.0)
   * Multi-prime RSA
   * SM2
   * SM3
   * SM4
   * SipHash
   * ARIA (including TLS support)

 * Signficant Side-Channel attack security improvements

 * Maximum Fragment Length TLS extension support

 * A new STORE module, which implements a uniform and URI based reader of
   stores that can contain keys, certificates, CRLs and numerous other objects.

Since 1.1.1 is our new LTS release we are strongly advising all users to
upgrade as soon as possible. For most applications this should be straight
forward if they are written to work with OpenSSL 1.1.0. Since OpenSSL 1.1.0 is
not an LTS release it will start receiving security fixes only with immediate
affect as per our previous announcement and as published in our release
strategy. It will cease receiving all support in one years time.

Our previous LTS release (OpenSSL 1.0.2) will continue to receive full support
until the end of this year. After that it will receive security fixes only. It
will stop receiving all support at the end of 2019. Users of that release are
strongly advised to upgrade to OpenSSL 1.1.1.

Revision 1.247: download - view: text, markup, annotated - select for diffs
Thu Jan 2 20:31:05 2020 UTC (4 years, 11 months ago) by sevan
Branches: MAIN
Diff to: previous 1.246: preferred, colored
Changes since revision 1.246: +2 -2 lines
Upgrade to OpenSSL 1.0.2u

Major changes between OpenSSL 1.0.2t and OpenSSL 1.0.2u [20 Dec 2019]

Fixed an an overflow bug in the x64_64 Montgomery squaring procedure used
in exponentiation with 512-bit moduli (CVE-2019-1551)

Revision 1.246: download - view: text, markup, annotated - select for diffs
Tue Nov 26 22:22:45 2019 UTC (5 years ago) by sevan
Branches: MAIN
CVS tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Diff to: previous 1.245: preferred, colored
Changes since revision 1.245: +2 -3 lines
Update to v1.0.2t

Changes between 1.0.2s and 1.0.2t [10 Sep 2019]

   *) For built-in EC curves, ensure an EC_GROUP built from the curve name is
      used even when parsing explicit parameters, when loading a serialized key
      or calling `EC_GROUP_new_from_ecpkparameters()`/
      `EC_GROUP_new_from_ecparameters()`.
      This prevents bypass of security hardening and performance gains,
      especially for curves with specialized EC_METHODs.
      By default, if a key encoded with explicit parameters is loaded and later
      serialized, the output is still encoded with explicit parameters, even if
      internally a "named" EC_GROUP is used for computation.
      [Nicola Tuveri]

  *) Compute ECC cofactors if not provided during EC_GROUP construction. Before
     this change, EC_GROUP_set_generator would accept order and/or cofactor as
     NULL. After this change, only the cofactor parameter can be NULL. It also
     does some minimal sanity checks on the passed order.
     (CVE-2019-1547)
     [Billy Bob Brumley]

  *) Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
     An attack is simple, if the first CMS_recipientInfo is valid but the
     second CMS_recipientInfo is chosen ciphertext. If the second
     recipientInfo decodes to PKCS #1 v1.5 form plaintext, the correct
     encryption key will be replaced by garbage, and the message cannot be
     decoded, but if the RSA decryption fails, the correct encryption key is
     used and the recipient will not notice the attack.
     As a work around for this potential attack the length of the decrypted
     key must be equal to the cipher default key length, in case the
     certifiate is not given and all recipientInfo are tried out.
     The old behaviour can be re-enabled in the CMS code by setting the
     CMS_DEBUG_DECRYPT flag.
     (CVE-2019-1563)
     [Bernd Edlinger]

  *) Document issue with installation paths in diverse Windows builds

     '/usr/local/ssl' is an unsafe prefix for location to install OpenSSL
     binaries and run-time config file.
     (CVE-2019-1552)
     [Richard Levitte]

Revision 1.245: download - view: text, markup, annotated - select for diffs
Sun Nov 24 01:45:12 2019 UTC (5 years ago) by gdt
Branches: MAIN
Diff to: previous 1.244: preferred, colored
Changes since revision 1.244: +3 -3 lines
security/openssl: Fix recent use of empty()

Should resolve build on SmartOS.
(Amazingly, the wrong expression worked fine on NetbSD with gcc when
it was tested.)

Revision 1.244: download - view: text, markup, annotated - select for diffs
Sat Nov 23 19:44:16 2019 UTC (5 years ago) by gdt
Branches: MAIN
Diff to: previous 1.243: preferred, colored
Changes since revision 1.243: +3 -3 lines
security/openssl: Check for compling with gcc and clang correctly

Revision 1.243: download - view: text, markup, annotated - select for diffs
Mon Nov 4 21:12:56 2019 UTC (5 years, 1 month ago) by rillig
Branches: MAIN
Diff to: previous 1.242: preferred, colored
Changes since revision 1.242: +2 -2 lines
security: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

No manual corrections.

Revision 1.242: download - view: text, markup, annotated - select for diffs
Sun Aug 11 13:22:48 2019 UTC (5 years, 3 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3
Diff to: previous 1.241: preferred, colored
Changes since revision 1.241: +2 -1 lines
Bump PKGREVISIONs for perl 5.30.0

Revision 1.241: download - view: text, markup, annotated - select for diffs
Sun Jun 30 22:52:54 2019 UTC (5 years, 5 months ago) by sevan
Branches: MAIN
Diff to: previous 1.240: preferred, colored
Changes since revision 1.240: +2 -2 lines
Update to 1.0.2
Tested on OS X Tiger PowerPC and NetBSD-HEAD amd64

Changes between 1.0.2r and 1.0.2s [28 May 2019]

  *) Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
     This changes the size when using the genpkey app when no size is given. It
     fixes an omission in earlier changes that changed all RSA, DSA and DH
     generation apps to use 2048 bits by default.
     [Kurt Roeckx]

  *) Add FIPS support for Android Arm 64-bit

     Support for Android Arm 64-bit was added to the OpenSSL FIPS Object
     Module in Version 2.0.10. For some reason, the corresponding target
     'android64-aarch64' was missing OpenSSL 1.0.2, whence it could not be
     built with FIPS support on Android Arm 64-bit. This omission has been
     fixed.
     [Matthias St. Pierre]

Changes between 1.0.2q and 1.0.2r [26 Feb 2019]

  *) 0-byte record padding oracle

     If an application encounters a fatal protocol error and then calls
     SSL_shutdown() twice (once to send a close_notify, and once to receive one)
     then OpenSSL can respond differently to the calling application if a 0 byte
     record is received with invalid padding compared to if a 0 byte record is
     received with an invalid MAC. If the application then behaves differently
     based on that in a way that is detectable to the remote peer, then this
     amounts to a padding oracle that could be used to decrypt data.

     In order for this to be exploitable "non-stitched" ciphersuites must be in
     use. Stitched ciphersuites are optimised implementations of certain
     commonly used ciphersuites. Also the application must call SSL_shutdown()
     twice even if a protocol error has occurred (applications should not do
     this but some do anyway).

     This issue was discovered by Juraj Somorovsky, Robert Merget and Nimrod
     Aviram, with additional investigation by Steven Collison and Andrew
     Hourselt. It was reported to OpenSSL on 10th December 2018.
     (CVE-2019-1559)
     [Matt Caswell]

  *) Move strictness check from EVP_PKEY_asn1_new() to EVP_PKEY_asn1_add0().
     [Richard Levitte]

 Changes between 1.0.2p and 1.0.2q [20 Nov 2018]

  *) Microarchitecture timing vulnerability in ECC scalar multiplication

     OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been
     shown to be vulnerable to a microarchitecture timing side channel attack.
     An attacker with sufficient access to mount local timing attacks during
     ECDSA signature generation could recover the private key.

     This issue was reported to OpenSSL on 26th October 2018 by Alejandro
     Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and
     Nicola Tuveri.
     (CVE-2018-5407)
     [Billy Brumley]

  *) Timing vulnerability in DSA signature generation

     The OpenSSL DSA signature algorithm has been shown to be vulnerable to a
     timing side channel attack. An attacker could use variations in the signing
     algorithm to recover the private key.

     This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser.
     (CVE-2018-0734)
     [Paul Dale]

  *) Resolve a compatibility issue in EC_GROUP handling with the FIPS Object
     Module, accidentally introduced while backporting security fixes from the
     development branch and hindering the use of ECC in FIPS mode.
     [Nicola Tuveri]

Revision 1.240: download - view: text, markup, annotated - select for diffs
Wed Sep 12 12:44:17 2018 UTC (6 years, 2 months ago) by fhajny
Branches: MAIN
CVS tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3
Diff to: previous 1.239: preferred, colored
Changes since revision 1.239: +2 -3 lines
security/openssl: Update to 1.0.2p.

- Client DoS due to large DH parameter

  During key agreement in a TLS handshake using a DH(E) based ciphersuite a
  malicious server can send a very large prime value to the client. This will
  cause the client to spend an unreasonably long period of time generating a
  key for this prime resulting in a hang until the client has finished. This
  could be exploited in a Denial Of Service attack.

  This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken
  (CVE-2018-0732)
  [Guido Vranken]

- Cache timing vulnerability in RSA Key Generation

  The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to
  a cache timing side channel attack. An attacker with sufficient access to
  mount cache timing attacks during the RSA key generation process could
  recover the private key.

  This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera
  Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.
  (CVE-2018-0737)
  [Billy Brumley]

- Make EVP_PKEY_asn1_new() a bit stricter about its input.  A NULL pem_str
  parameter is no longer accepted, as it leads to a corrupt table.  NULL
  pem_str is reserved for alias entries only.
  [Richard Levitte]

- Revert blinding in ECDSA sign and instead make problematic addition
  length-invariant. Switch even to fixed-length Montgomery multiplication.
  [Andy Polyakov]

- Change generating and checking of primes so that the error rate of not
  being prime depends on the intended use based on the size of the input.
  For larger primes this will result in more rounds of Miller-Rabin.
  The maximal error rate for primes with more than 1080 bits is lowered
  to 2^-128.
  [Kurt Roeckx, Annie Yousar]

- Increase the number of Miller-Rabin rounds for DSA key generating to 64.
  [Kurt Roeckx]

- Add blinding to ECDSA and DSA signatures to protect against side channel
  attacks discovered by Keegan Ryan (NCC Group).
  [Matt Caswell]

- When unlocking a pass phrase protected PEM file or PKCS#8 container, we
  now allow empty (zero character) pass phrases.
  [Richard Levitte]

- Certificate time validation (X509_cmp_time) enforces stricter
  compliance with RFC 5280. Fractional seconds and timezone offsets
  are no longer allowed.
  [Emilia Käsper]

Revision 1.239: download - view: text, markup, annotated - select for diffs
Wed Aug 22 09:46:19 2018 UTC (6 years, 3 months ago) by wiz
Branches: MAIN
Diff to: previous 1.238: preferred, colored
Changes since revision 1.238: +2 -1 lines
Recursive bump for perl5-5.28.0

Revision 1.238: download - view: text, markup, annotated - select for diffs
Thu Mar 29 11:08:44 2018 UTC (6 years, 8 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1
Diff to: previous 1.237: preferred, colored
Changes since revision 1.237: +2 -3 lines
openssl: update to 1.0.2o.

 Changes between 1.0.2n and 1.0.2o [27 Mar 2018]

  *) Constructed ASN.1 types with a recursive definition could exceed the stack

     Constructed ASN.1 types with a recursive definition (such as can be found
     in PKCS7) could eventually exceed the stack given malicious input with
     excessive recursion. This could result in a Denial Of Service attack. There
     are no such structures used within SSL/TLS that come from untrusted sources
     so this is considered safe.

     This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz
     project.
     (CVE-2018-0739)
     [Matt Caswell]

Revision 1.237: download - view: text, markup, annotated - select for diffs
Tue Jan 2 05:37:23 2018 UTC (6 years, 11 months ago) by maya
Branches: MAIN
Diff to: previous 1.236: preferred, colored
Changes since revision 1.236: +1 -3 lines
Remove traces of crypto restrictions from packages.

ok for idea riastradh.

Revision 1.236: download - view: text, markup, annotated - select for diffs
Thu Dec 14 20:44:20 2017 UTC (6 years, 11 months ago) by tron
Branches: MAIN
CVS tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4
Diff to: previous 1.235: preferred, colored
Changes since revision 1.235: +3 -1 lines
openssl: Fix packaging under macOS

The last change for fixing packaging under macOS did not work when
the object directory resides on a case insensitive file-system.

Revision 1.235: download - view: text, markup, annotated - select for diffs
Thu Dec 14 09:18:47 2017 UTC (6 years, 11 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.234: preferred, colored
Changes since revision 1.234: +12 -1 lines
openssl: Avoid case-sensitive issue on Darwin.  Bump PKGREVISION.

Revision 1.234: download - view: text, markup, annotated - select for diffs
Sat Dec 9 18:02:02 2017 UTC (6 years, 11 months ago) by fhajny
Branches: MAIN
Diff to: previous 1.233: preferred, colored
Changes since revision 1.233: +2 -2 lines
Update security/openssl to 1.0.2n.

Read/write after SSL object in error state (CVE-2017-3737)
==========================================================

Severity: Moderate

OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state"
mechanism. The intent was that if a fatal error occurred during a handshake then
OpenSSL would move into the error state and would immediately fail if you
attempted to continue the handshake. This works as designed for the explicit
handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()),
however due to a bug it does not work correctly if SSL_read() or SSL_write() is
called directly. In that scenario, if the handshake fails then a fatal error
will be returned in the initial function call. If SSL_read()/SSL_write() is
subsequently called by the application for the same SSL object then it will
succeed and the data is passed without being decrypted/encrypted directly from
the SSL/TLS record layer.

In order to exploit this issue an application bug would have to be present that
resulted in a call to SSL_read()/SSL_write() being issued after having already
received a fatal error.

rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
=========================================================

Severity: Low

There is an overflow bug in the AVX2 Montgomery multiplication procedure
used in exponentiation with 1024-bit moduli. No EC algorithms are affected.
Analysis suggests that attacks against RSA and DSA as a result of this defect
would be very difficult to perform and are not believed likely. Attacks
against DH1024 are considered just feasible, because most of the work
necessary to deduce information about a private key may be performed offline.
The amount of resources required for such an attack would be significant.
However, for an attack on TLS to be meaningful, the server would have to share
the DH1024 private key among multiple clients, which is no longer an option
since CVE-2016-0701.

This only affects processors that support the AVX2 but not ADX extensions
like Intel Haswell (4th generation).

Revision 1.233: download - view: text, markup, annotated - select for diffs
Fri Nov 24 20:34:23 2017 UTC (7 years ago) by bsiegert
Branches: MAIN
Diff to: previous 1.232: preferred, colored
Changes since revision 1.232: +2 -3 lines
Update openssl to 1.0.2m.

This is a recommended security update.

Changes between 1.0.2l and 1.0.2m [2 Nov 2017]

 *) bn_sqrx8x_internal carry bug on x86_64

    There is a carry propagating bug in the x86_64 Montgomery squaring
    procedure. No EC algorithms are affected. Analysis suggests that attacks
    against RSA and DSA as a result of this defect would be very difficult to
    perform and are not believed likely. Attacks against DH are considered just
    feasible (although very difficult) because most of the work necessary to
    deduce information about a private key may be performed offline. The amount
    of resources required for such an attack would be very significant and
    likely only accessible to a limited number of attackers. An attacker would
    additionally need online access to an unpatched system using the target
    private key in a scenario with persistent DH parameters and a private
    key that is shared between multiple clients.

    This only affects processors that support the BMI1, BMI2 and ADX extensions
    like Intel Broadwell (5th generation) and later or AMD Ryzen.

    This issue was reported to OpenSSL by the OSS-Fuzz project.
    (CVE-2017-3736)
    [Andy Polyakov]

 *) Malformed X.509 IPAddressFamily could cause OOB read

    If an X.509 certificate has a malformed IPAddressFamily extension,
    OpenSSL could do a one-byte buffer overread. The most likely result
    would be an erroneous display of the certificate in text format.

    This issue was reported to OpenSSL by the OSS-Fuzz project.
    (CVE-2017-3735)
    [Rich Salz]

Changes between 1.0.2k and 1.0.2l [25 May 2017]

 *) Have 'config' recognise 64-bit mingw and choose 'mingw64' as the target
    platform rather than 'mingw'.
    [Richard Levitte]

Revision 1.232: download - view: text, markup, annotated - select for diffs
Fri Sep 22 21:02:43 2017 UTC (7 years, 2 months ago) by tez
Branches: MAIN
CVS tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3
Diff to: previous 1.231: preferred, colored
Changes since revision 1.231: +1 -0 lines
openssl: fix for CVE-2017-3735

Revision 1.231: download - view: text, markup, annotated - select for diffs
Sat Aug 5 11:06:29 2017 UTC (7 years, 4 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.230: preferred, colored
Changes since revision 1.230: +9 -5 lines
Overhaul the platform selector logic, so that the right value is selected
for powerpc64 on Darwin. Fix for PR pkg/52114.

Revision 1.230: download - view: text, markup, annotated - select for diffs
Thu Jan 26 16:31:57 2017 UTC (7 years, 10 months ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1
Diff to: previous 1.229: preferred, colored
Changes since revision 1.229: +2 -3 lines
Update security/openssl to 1.0.2k.

Changes between 1.0.2j and 1.0.2k [26 Jan 2017]

  *) Truncated packet could crash via OOB read

     If one side of an SSL/TLS path is running on a 32-bit host and a specific
     cipher is being used, then a truncated packet can cause that host to
     perform an out-of-bounds read, usually resulting in a crash.

     This issue was reported to OpenSSL by Robert Święcki of Google.
     (CVE-2017-3731)
     [Andy Polyakov]

  *) BN_mod_exp may produce incorrect results on x86_64

     There is a carry propagating bug in the x86_64 Montgomery squaring
     procedure. No EC algorithms are affected. Analysis suggests that attacks
     against RSA and DSA as a result of this defect would be very difficult to
     perform and are not believed likely. Attacks against DH are considered just
     feasible (although very difficult) because most of the work necessary to
     deduce information about a private key may be performed offline. The amount
     of resources required for such an attack would be very significant and
     likely only accessible to a limited number of attackers. An attacker would
     additionally need online access to an unpatched system using the target
     private key in a scenario with persistent DH parameters and a private
     key that is shared between multiple clients. For example this can occur by
     default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very
     similar to CVE-2015-3193 but must be treated as a separate problem.

     This issue was reported to OpenSSL by the OSS-Fuzz project.
     (CVE-2017-3732)
     [Andy Polyakov]

  *) Montgomery multiplication may produce incorrect results

     There is a carry propagating bug in the Broadwell-specific Montgomery
     multiplication procedure that handles input lengths divisible by, but
     longer than 256 bits. Analysis suggests that attacks against RSA, DSA
     and DH private keys are impossible. This is because the subroutine in
     question is not used in operations with the private key itself and an input
     of the attacker's direct choice. Otherwise the bug can manifest itself as
     transient authentication and key negotiation failures or reproducible
     erroneous outcome of public-key operations with specially crafted input.
     Among EC algorithms only Brainpool P-512 curves are affected and one
     presumably can attack ECDH key negotiation. Impact was not analyzed in
     detail, because pre-requisites for attack are considered unlikely. Namely
     multiple clients have to choose the curve in question and the server has to
     share the private key among them, neither of which is default behaviour.
     Even then only clients that chose the curve will be affected.

     This issue was publicly reported as transient failures and was not
     initially recognized as a security issue. Thanks to Richard Morgan for
     providing reproducible case.
     (CVE-2016-7055)
     [Andy Polyakov]

  *) OpenSSL now fails if it receives an unrecognised record type in TLS1.0
     or TLS1.1. Previously this only happened in SSLv3 and TLS1.2. This is to
     prevent issues where no progress is being made and the peer continually
     sends unrecognised record types, using up resources processing them.
     [Matt Caswell]

Revision 1.229: download - view: text, markup, annotated - select for diffs
Tue Dec 6 18:18:54 2016 UTC (8 years ago) by marino
Branches: MAIN
CVS tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4
Diff to: previous 1.228: preferred, colored
Changes since revision 1.228: +2 -2 lines
security/openssl: USE_TOOLS+= makedepend

solves:
=> Bootstrap dependency digest>=20010302: found digest-20160304
===> Building for openssl-1.0.2jnb1
making depend in crypto...
gmake[1]: Entering directory '/construction/security/openssl/work/openssl-1.0.2j/crypto'
../util/domd: makedepend: not found

Revision 1.228: download - view: text, markup, annotated - select for diffs
Mon Oct 3 11:55:11 2016 UTC (8 years, 2 months ago) by wiz
Branches: MAIN
Diff to: previous 1.227: preferred, colored
Changes since revision 1.227: +2 -1 lines
Remove incorrect comment and resulting weird license.

idea and mdc2 patents expired, so enable them by default.
rc5 looks like it might be expired as well, but I didn't find
anything relevant on that topic, so I left it alone.

Bump PKGREVISION.

Revision 1.227: download - view: text, markup, annotated - select for diffs
Mon Sep 26 12:27:55 2016 UTC (8 years, 2 months ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3
Diff to: previous 1.226: preferred, colored
Changes since revision 1.226: +2 -2 lines
Update security/openssl to 1.0.2j.

 Changes between 1.0.2i and 1.0.2j [26 Sep 2016]

  *) Missing CRL sanity check

     A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0
     but was omitted from OpenSSL 1.0.2i. As a result any attempt to use
     CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.

     This issue only affects the OpenSSL 1.0.2i
     (CVE-2016-7052)
     [Matt Caswell]

Revision 1.226: download - view: text, markup, annotated - select for diffs
Thu Sep 22 12:28:55 2016 UTC (8 years, 2 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.225: preferred, colored
Changes since revision 1.225: +2 -3 lines
Update security/openssl to 1.0.2i.

 Changes between 1.0.2h and 1.0.2i [22 Sep 2016]

  *) OCSP Status Request extension unbounded memory growth

     A malicious client can send an excessively large OCSP Status Request
     extension. If that client continually requests renegotiation, sending a
     large OCSP Status Request extension each time, then there will be unbounded
     memory growth on the server. This will eventually lead to a Denial Of
     Service attack through memory exhaustion. Servers with a default
     configuration are vulnerable even if they do not support OCSP. Builds using
     the "no-ocsp" build time option are not affected.

     This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
     (CVE-2016-6304)
     [Matt Caswell]

  *) In order to mitigate the SWEET32 attack, the DES ciphers were moved from
     HIGH to MEDIUM.

     This issue was reported to OpenSSL Karthikeyan Bhargavan and Gaetan
     Leurent (INRIA)
     (CVE-2016-2183)
     [Rich Salz]

  *) OOB write in MDC2_Update()

     An overflow can occur in MDC2_Update() either if called directly or
     through the EVP_DigestUpdate() function using MDC2. If an attacker
     is able to supply very large amounts of input data after a previous
     call to EVP_EncryptUpdate() with a partial block then a length check
     can overflow resulting in a heap corruption.

     The amount of data needed is comparable to SIZE_MAX which is impractical
     on most platforms.

     This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
     (CVE-2016-6303)
     [Stephen Henson]

  *) Malformed SHA512 ticket DoS

     If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
     DoS attack where a malformed ticket will result in an OOB read which will
     ultimately crash.

     The use of SHA512 in TLS session tickets is comparatively rare as it requires
     a custom server callback and ticket lookup mechanism.

     This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
     (CVE-2016-6302)
     [Stephen Henson]

  *) OOB write in BN_bn2dec()

     The function BN_bn2dec() does not check the return value of BN_div_word().
     This can cause an OOB write if an application uses this function with an
     overly large BIGNUM. This could be a problem if an overly large certificate
     or CRL is printed out from an untrusted source. TLS is not affected because
     record limits will reject an oversized certificate before it is parsed.

     This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
     (CVE-2016-2182)
     [Stephen Henson]

  *) OOB read in TS_OBJ_print_bio()

     The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is
     the total length the OID text representation would use and not the amount
     of data written. This will result in OOB reads when large OIDs are
     presented.

     This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
     (CVE-2016-2180)
     [Stephen Henson]

  *) Pointer arithmetic undefined behaviour

     Avoid some undefined pointer arithmetic

     A common idiom in the codebase is to check limits in the following manner:
     "p + len > limit"

     Where "p" points to some malloc'd data of SIZE bytes and
     limit == p + SIZE

     "len" here could be from some externally supplied data (e.g. from a TLS
     message).

     The rules of C pointer arithmetic are such that "p + len" is only well
     defined where len <= SIZE. Therefore the above idiom is actually
     undefined behaviour.

     For example this could cause problems if some malloc implementation
     provides an address for "p" such that "p + len" actually overflows for
     values of len that are too big and therefore p + len < limit.

     This issue was reported to OpenSSL by Guido Vranken
     (CVE-2016-2177)
     [Matt Caswell]

  *) Constant time flag not preserved in DSA signing

     Operations in the DSA signing algorithm should run in constant time in
     order to avoid side channel attacks. A flaw in the OpenSSL DSA
     implementation means that a non-constant time codepath is followed for
     certain operations. This has been demonstrated through a cache-timing
     attack to be sufficient for an attacker to recover the private DSA key.

     This issue was reported by César Pereida (Aalto University), Billy Brumley
     (Tampere University of Technology), and Yuval Yarom (The University of
     Adelaide and NICTA).
     (CVE-2016-2178)
     [César Pereida]

  *) DTLS buffered message DoS

     In a DTLS connection where handshake messages are delivered out-of-order
     those messages that OpenSSL is not yet ready to process will be buffered
     for later use. Under certain circumstances, a flaw in the logic means that
     those messages do not get removed from the buffer even though the handshake
     has been completed. An attacker could force up to approx. 15 messages to
     remain in the buffer when they are no longer required. These messages will
     be cleared when the DTLS connection is closed. The default maximum size for
     a message is 100k. Therefore the attacker could force an additional 1500k
     to be consumed per connection. By opening many simulataneous connections an
     attacker could cause a DoS attack through memory exhaustion.

     This issue was reported to OpenSSL by Quan Luo.
     (CVE-2016-2179)
     [Matt Caswell]

  *) DTLS replay protection DoS

     A flaw in the DTLS replay attack protection mechanism means that records
     that arrive for future epochs update the replay protection "window" before
     the MAC for the record has been validated. This could be exploited by an
     attacker by sending a record for the next epoch (which does not have to
     decrypt or have a valid MAC), with a very large sequence number. This means
     that all subsequent legitimate packets are dropped causing a denial of
     service for a specific DTLS connection.

     This issue was reported to OpenSSL by the OCAP audit team.
     (CVE-2016-2181)
     [Matt Caswell]

  *) Certificate message OOB reads

     In OpenSSL 1.0.2 and earlier some missing message length checks can result
     in OOB reads of up to 2 bytes beyond an allocated buffer. There is a
     theoretical DoS risk but this has not been observed in practice on common
     platforms.

     The messages affected are client certificate, client certificate request
     and server certificate. As a result the attack can only be performed
     against a client or a server which enables client authentication.

     This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
     (CVE-2016-6306)
     [Stephen Henson]

Revision 1.225: download - view: text, markup, annotated - select for diffs
Sat Jul 9 06:38:56 2016 UTC (8 years, 5 months ago) by wiz
Branches: MAIN
Diff to: previous 1.224: preferred, colored
Changes since revision 1.224: +2 -2 lines
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.

Revision 1.224: download - view: text, markup, annotated - select for diffs
Thu Jun 2 07:47:46 2016 UTC (8 years, 6 months ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2016Q2-base, pkgsrc-2016Q2
Diff to: previous 1.223: preferred, colored
Changes since revision 1.223: +5 -5 lines
Make perl a runtime dependency, it is used by c_rehash.  Reported by
Jorge Schrauwen in joyent/pkgsrc#354.

Bump PKGREVISION.

Revision 1.222.2.1: download - view: text, markup, annotated - select for diffs
Wed May 11 15:04:17 2016 UTC (8 years, 6 months ago) by bsiegert
Branches: pkgsrc-2016Q1
Diff to: previous 1.222: preferred, colored; next MAIN 1.223: preferred, colored
Changes since revision 1.222: +2 -3 lines
Pullup ticket #5013 - requested by taca
security/openssl: security fix

Revisions pulled up:
- security/openssl/Makefile                                     1.223
- security/openssl/PLIST.common                                 1.29
- security/openssl/distinfo                                     1.122

---
   Module Name:	pkgsrc
   Committed By:	jperkin
   Date:		Tue May  3 14:51:17 UTC 2016

   Modified Files:
   	pkgsrc/security/openssl: Makefile PLIST.common distinfo

   Log Message:
   Update security/openssl to version 1.0.2h.

   Changes between 1.0.2g and 1.0.2h [3 May 2016]

   *) Prevent padding oracle in AES-NI CBC MAC check

     A MITM attacker can use a padding oracle attack to decrypt traffic
     when the connection uses an AES CBC cipher and the server support
     AES-NI.

     This issue was introduced as part of the fix for Lucky 13 padding
     attack (CVE-2013-0169). The padding check was rewritten to be in
     constant time by making sure that always the same bytes are read and
     compared against either the MAC or padding bytes. But it no longer
     checked that there was enough data to have both the MAC and padding
     bytes.

     This issue was reported by Juraj Somorovsky using TLS-Attacker.
     (CVE-2016-2107)
     [Kurt Roeckx]

   *) Fix EVP_EncodeUpdate overflow

     An overflow can occur in the EVP_EncodeUpdate() function which is used for
     Base64 encoding of binary data. If an attacker is able to supply very large
     amounts of input data then a length check can overflow resulting in a heap
     corruption.

     Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by
     the PEM_write_bio* family of functions. These are mainly used within the
     OpenSSL command line applications, so any application which processes data
     from an untrusted source and outputs it as a PEM file should be considered
     vulnerable to this issue. User applications that call these APIs directly
     with large amounts of untrusted data may also be vulnerable.

     This issue was reported by Guido Vranken.
     (CVE-2016-2105)
     [Matt Caswell]

   *) Fix EVP_EncryptUpdate overflow

     An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
     is able to supply very large amounts of input data after a previous call to
     EVP_EncryptUpdate() with a partial block then a length check can overflow
     resulting in a heap corruption. Following an analysis of all OpenSSL
     internal usage of the EVP_EncryptUpdate() function all usage is one of two
     forms. The first form is where the EVP_EncryptUpdate() call is known to be
     the first called function after an EVP_EncryptInit(), and therefore that
     specific call must be safe. The second form is where the length passed to
     EVP_EncryptUpdate() can be seen from the code to be some small value and
     therefore there is no possibility of an overflow. Since all instances are
     one of these two forms, it is believed that there can be no overflows in
     internal code due to this problem. It should be noted that
     EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths.
     Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances
     of these calls have also been analysed too and it is believed there are no
     instances in internal usage where an overflow could occur.

     This issue was reported by Guido Vranken.
     (CVE-2016-2106)
     [Matt Caswell]

   *) Prevent ASN.1 BIO excessive memory allocation

     When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
     a short invalid encoding can casuse allocation of large amounts of memory
     potentially consuming excessive resources or exhausting memory.

     Any application parsing untrusted data through d2i BIO functions is
     affected. The memory based functions such as d2i_X509() are *not* affected.
     Since the memory based functions are used by the TLS library, TLS
     applications are not affected.

     This issue was reported by Brian Carpenter.
     (CVE-2016-2109)
     [Stephen Henson]

   *) EBCDIC overread

     ASN1 Strings that are over 1024 bytes can cause an overread in applications
     using the X509_NAME_oneline() function on EBCDIC systems. This could result
     in arbitrary stack data being returned in the buffer.

     This issue was reported by Guido Vranken.
     (CVE-2016-2176)
     [Matt Caswell]

   *) Modify behavior of ALPN to invoke callback after SNI/servername
     callback, such that updates to the SSL_CTX affect ALPN.
     [Todd Short]

   *) Remove LOW from the DEFAULT cipher list.  This removes singles DES from the
     default.
     [Kurt Roeckx]

   *) Only remove the SSLv2 methods with the no-ssl2-method option. When the
     methods are enabled and ssl2 is disabled the methods return NULL.
     [Kurt Roeckx]

Revision 1.223: download - view: text, markup, annotated - select for diffs
Tue May 3 14:51:16 2016 UTC (8 years, 7 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.222: preferred, colored
Changes since revision 1.222: +2 -3 lines
Update security/openssl to version 1.0.2h.

Changes between 1.0.2g and 1.0.2h [3 May 2016]

*) Prevent padding oracle in AES-NI CBC MAC check

   A MITM attacker can use a padding oracle attack to decrypt traffic
   when the connection uses an AES CBC cipher and the server support
   AES-NI.

   This issue was introduced as part of the fix for Lucky 13 padding
   attack (CVE-2013-0169). The padding check was rewritten to be in
   constant time by making sure that always the same bytes are read and
   compared against either the MAC or padding bytes. But it no longer
   checked that there was enough data to have both the MAC and padding
   bytes.

   This issue was reported by Juraj Somorovsky using TLS-Attacker.
   (CVE-2016-2107)
   [Kurt Roeckx]

*) Fix EVP_EncodeUpdate overflow

   An overflow can occur in the EVP_EncodeUpdate() function which is used for
   Base64 encoding of binary data. If an attacker is able to supply very large
   amounts of input data then a length check can overflow resulting in a heap
   corruption.

   Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by
   the PEM_write_bio* family of functions. These are mainly used within the
   OpenSSL command line applications, so any application which processes data
   from an untrusted source and outputs it as a PEM file should be considered
   vulnerable to this issue. User applications that call these APIs directly
   with large amounts of untrusted data may also be vulnerable.

   This issue was reported by Guido Vranken.
   (CVE-2016-2105)
   [Matt Caswell]

*) Fix EVP_EncryptUpdate overflow

   An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
   is able to supply very large amounts of input data after a previous call to
   EVP_EncryptUpdate() with a partial block then a length check can overflow
   resulting in a heap corruption. Following an analysis of all OpenSSL
   internal usage of the EVP_EncryptUpdate() function all usage is one of two
   forms. The first form is where the EVP_EncryptUpdate() call is known to be
   the first called function after an EVP_EncryptInit(), and therefore that
   specific call must be safe. The second form is where the length passed to
   EVP_EncryptUpdate() can be seen from the code to be some small value and
   therefore there is no possibility of an overflow. Since all instances are
   one of these two forms, it is believed that there can be no overflows in
   internal code due to this problem. It should be noted that
   EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths.
   Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances
   of these calls have also been analysed too and it is believed there are no
   instances in internal usage where an overflow could occur.

   This issue was reported by Guido Vranken.
   (CVE-2016-2106)
   [Matt Caswell]

*) Prevent ASN.1 BIO excessive memory allocation

   When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
   a short invalid encoding can casuse allocation of large amounts of memory
   potentially consuming excessive resources or exhausting memory.

   Any application parsing untrusted data through d2i BIO functions is
   affected. The memory based functions such as d2i_X509() are *not* affected.
   Since the memory based functions are used by the TLS library, TLS
   applications are not affected.

   This issue was reported by Brian Carpenter.
   (CVE-2016-2109)
   [Stephen Henson]

*) EBCDIC overread

   ASN1 Strings that are over 1024 bytes can cause an overread in applications
   using the X509_NAME_oneline() function on EBCDIC systems. This could result
   in arbitrary stack data being returned in the buffer.

   This issue was reported by Guido Vranken.
   (CVE-2016-2176)
   [Matt Caswell]

*) Modify behavior of ALPN to invoke callback after SNI/servername
   callback, such that updates to the SSL_CTX affect ALPN.
   [Todd Short]

*) Remove LOW from the DEFAULT cipher list.  This removes singles DES from the
   default.
   [Kurt Roeckx]

*) Only remove the SSLv2 methods with the no-ssl2-method option. When the
   methods are enabled and ssl2 is disabled the methods return NULL.
   [Kurt Roeckx]

Revision 1.222: download - view: text, markup, annotated - select for diffs
Sat Mar 5 11:27:55 2016 UTC (8 years, 9 months ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2016Q1-base
Branch point for: pkgsrc-2016Q1
Diff to: previous 1.221: preferred, colored
Changes since revision 1.221: +2 -1 lines
Bump PKGREVISION for security/openssl ABI bump.

Revision 1.221: download - view: text, markup, annotated - select for diffs
Tue Mar 1 14:35:33 2016 UTC (8 years, 9 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.220: preferred, colored
Changes since revision 1.220: +2 -2 lines
Update security/openssl to version 1.0.2g.

Changes between 1.0.2f and 1.0.2g [1 Mar 2016]

  * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
    Builds that are not configured with "enable-weak-ssl-ciphers" will not
    provide any "EXPORT" or "LOW" strength ciphers.
    [Viktor Dukhovni]

  * Disable SSLv2 default build, default negotiation and weak ciphers.  SSLv2
    is by default disabled at build-time.  Builds that are not configured with
    "enable-ssl2" will not support SSLv2.  Even if "enable-ssl2" is used,
    users who want to negotiate SSLv2 via the version-flexible SSLv23_method()
    will need to explicitly call either of:

        SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
    or
        SSL_clear_options(ssl, SSL_OP_NO_SSLv2);

    as appropriate.  Even if either of those is used, or the application
    explicitly uses the version-specific SSLv2_method() or its client and
    server variants, SSLv2 ciphers vulnerable to exhaustive search key
    recovery have been removed.  Specifically, the SSLv2 40-bit EXPORT
    ciphers, and SSLv2 56-bit DES are no longer available.
    (CVE-2016-0800)
    [Viktor Dukhovni]

  *) Fix a double-free in DSA code

     A double free bug was discovered when OpenSSL parses malformed DSA private
     keys and could lead to a DoS attack or memory corruption for applications
     that receive DSA private keys from untrusted sources.  This scenario is
     considered rare.

     This issue was reported to OpenSSL by Adam Langley(Google/BoringSSL) using
     libFuzzer.
     (CVE-2016-0705)
     [Stephen Henson]

  *) Disable SRP fake user seed to address a server memory leak.

     Add a new method SRP_VBASE_get1_by_user that handles the seed properly.

     SRP_VBASE_get_by_user had inconsistent memory management behaviour.
     In order to fix an unavoidable memory leak, SRP_VBASE_get_by_user
     was changed to ignore the "fake user" SRP seed, even if the seed
     is configured.

     Users should use SRP_VBASE_get1_by_user instead. Note that in
     SRP_VBASE_get1_by_user, caller must free the returned value. Note
     also that even though configuring the SRP seed attempts to hide
     invalid usernames by continuing the handshake with fake
     credentials, this behaviour is not constant time and no strong
     guarantees are made that the handshake is indistinguishable from
     that of a valid user.
     (CVE-2016-0798)
     [Emilia Käsper]

  *) Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption

     In the BN_hex2bn function the number of hex digits is calculated using an
     int value |i|. Later |bn_expand| is called with a value of |i * 4|. For
     large values of |i| this can result in |bn_expand| not allocating any
     memory because |i * 4| is negative. This can leave the internal BIGNUM data
     field as NULL leading to a subsequent NULL ptr deref. For very large values
     of |i|, the calculation |i * 4| could be a positive value smaller than |i|.
     In this case memory is allocated to the internal BIGNUM data field, but it
     is insufficiently sized leading to heap corruption. A similar issue exists
     in BN_dec2bn. This could have security consequences if BN_hex2bn/BN_dec2bn
     is ever called by user applications with very large untrusted hex/dec data.
     This is anticipated to be a rare occurrence.

     All OpenSSL internal usage of these functions use data that is not expected
     to be untrusted, e.g. config file data or application command line
     arguments. If user developed applications generate config file data based
     on untrusted data then it is possible that this could also lead to security
     consequences. This is also anticipated to be rare.

     This issue was reported to OpenSSL by Guido Vranken.
     (CVE-2016-0797)
     [Matt Caswell]

  *) Fix memory issues in BIO_*printf functions

     The internal |fmtstr| function used in processing a "%s" format string in
     the BIO_*printf functions could overflow while calculating the length of a
     string and cause an OOB read when printing very long strings.

     Additionally the internal |doapr_outch| function can attempt to write to an
     OOB memory location (at an offset from the NULL pointer) in the event of a
     memory allocation failure. In 1.0.2 and below this could be caused where
     the size of a buffer to be allocated is greater than INT_MAX. E.g. this
     could be in processing a very long "%s" format string. Memory leaks can
     also occur.

     The first issue may mask the second issue dependent on compiler behaviour.
     These problems could enable attacks where large amounts of untrusted data
     is passed to the BIO_*printf functions. If applications use these functions
     in this way then they could be vulnerable. OpenSSL itself uses these
     functions when printing out human-readable dumps of ASN.1 data. Therefore
     applications that print this data could be vulnerable if the data is from
     untrusted sources. OpenSSL command line applications could also be
     vulnerable where they print out ASN.1 data, or if untrusted data is passed
     as command line arguments.

     Libssl is not considered directly vulnerable. Additionally certificates etc
     received via remote connections via libssl are also unlikely to be able to
     trigger these issues because of message size limits enforced within libssl.

     This issue was reported to OpenSSL Guido Vranken.
     (CVE-2016-0799)
     [Matt Caswell]

  *) Side channel attack on modular exponentiation

     A side-channel attack was found which makes use of cache-bank conflicts on
     the Intel Sandy-Bridge microarchitecture which could lead to the recovery
     of RSA keys.  The ability to exploit this issue is limited as it relies on
     an attacker who has control of code in a thread running on the same
     hyper-threaded core as the victim thread which is performing decryptions.

     This issue was reported to OpenSSL by Yuval Yarom, The University of
     Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and
     Nadia Heninger, University of Pennsylvania with more information at
     http://cachebleed.info.
     (CVE-2016-0702)
     [Andy Polyakov]

  *) Change the req app to generate a 2048-bit RSA/DSA key by default,
     if no keysize is specified with default_bits. This fixes an
     omission in an earlier change that changed all RSA/DSA key generation
     apps to use 2048 bits by default.
     [Emilia Käsper]

Revision 1.220: download - view: text, markup, annotated - select for diffs
Thu Jan 28 16:30:42 2016 UTC (8 years, 10 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.219: preferred, colored
Changes since revision 1.219: +2 -2 lines
Update security/openssl to version 1.0.2f.

Changes between 1.0.2e and 1.0.2f [28 Jan 2016]

  *) DH small subgroups

     Historically OpenSSL only ever generated DH parameters based on "safe"
     primes. More recently (in version 1.0.2) support was provided for
     generating X9.42 style parameter files such as those required for RFC 5114
     support. The primes used in such files may not be "safe". Where an
     application is using DH configured with parameters based on primes that are
     not "safe" then an attacker could use this fact to find a peer's private
     DH exponent. This attack requires that the attacker complete multiple
     handshakes in which the peer uses the same private DH exponent. For example
     this could be used to discover a TLS server's private DH exponent if it's
     reusing the private DH exponent or it's using a static DH ciphersuite.

     OpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in
     TLS. It is not on by default. If the option is not set then the server
     reuses the same private DH exponent for the life of the server process and
     would be vulnerable to this attack. It is believed that many popular
     applications do set this option and would therefore not be at risk.

     The fix for this issue adds an additional check where a "q" parameter is
     available (as is the case in X9.42 based parameters). This detects the
     only known attack, and is the only possible defense for static DH
     ciphersuites. This could have some performance impact.

     Additionally the SSL_OP_SINGLE_DH_USE option has been switched on by
     default and cannot be disabled. This could have some performance impact.

     This issue was reported to OpenSSL by Antonio Sanso (Adobe).
     (CVE-2016-0701)
     [Matt Caswell]

  *) SSLv2 doesn't block disabled ciphers

     A malicious client can negotiate SSLv2 ciphers that have been disabled on
     the server and complete SSLv2 handshakes even if all SSLv2 ciphers have
     been disabled, provided that the SSLv2 protocol was not also disabled via
     SSL_OP_NO_SSLv2.

     This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram
     and Sebastian Schinzel.
     (CVE-2015-3197)
     [Viktor Dukhovni]

  *) Reject DH handshakes with parameters shorter than 1024 bits.
     [Kurt Roeckx]

Revision 1.219: download - view: text, markup, annotated - select for diffs
Sun Jan 24 16:14:45 2016 UTC (8 years, 10 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.218: preferred, colored
Changes since revision 1.218: +4 -2 lines
Attempt to bring sanity to how ABI and MACHINE_ARCH are set.

Previously there were at least 5 different ways MACHINE_ARCH could be set,
some statically and some at run time, and in many cases these settings
differed, leading to issues at pkg_add time where there was conflict
between the setting encoded into the package and that used by pkg_install.

Instead, move to a single source of truth where the correct value based on
the host and the chosen (or default) ABI is determined in the bootstrap
script.  The value can still be overridden in mk.conf if necessary, e.g.
for cross-compiling.

ABI is now set by default and if unset a default is calculated based on
MACHINE_ARCH.  This fixes some OS, e.g. Linux, where the wrong default was
previously chosen.

As a result of the refactoring there is no need for LOWER_ARCH, with
references to it replaced by MACHINE_ARCH.  SPARC_TARGET_ARCH is also
removed.

Revision 1.213.2.1: download - view: text, markup, annotated - select for diffs
Sat Dec 26 23:07:24 2015 UTC (8 years, 11 months ago) by bsiegert
Branches: pkgsrc-2015Q3
Diff to: previous 1.213: preferred, colored; next MAIN 1.214: preferred, colored
Changes since revision 1.213: +7 -3 lines
Pullup ticket #4877 - requested by cyber
security/openssl: security fix

Revisions pulled up:
- security/openssl/Makefile                                     1.214-1.216
- security/openssl/PLIST.common                                 1.26
- security/openssl/distinfo                                     1.116,1.118
- security/openssl/patches/patch-Makefile.shared                1.3

---
   Module Name:    pkgsrc
   Committed By:   jperkin
   Date:           Fri Oct  9 11:44:48 UTC 2015

   Modified Files:
           pkgsrc/security/openssl: Makefile

   Log Message:
   Force the "linux-elf" Configure target for Linux 32-bit, fixes the build when
   running with ABI=32 on a 64-bit native host.

---
   Module Name:    pkgsrc
   Committed By:   jperkin
   Date:           Mon Oct 26 09:42:47 UTC 2015

   Modified Files:
           pkgsrc/security/openssl: Makefile distinfo
           pkgsrc/security/openssl/patches: patch-Makefile.shared

   Log Message:
   Support SunOS/clang and pass -h linker argument correctly.  Doesn't fully
   fix the build yet, an additional patch to remove LD_LIBRARY_PATH is required
   but needs wider testing.

---
   Module Name:    pkgsrc
   Committed By:   jperkin
   Date:           Mon Dec  7 15:57:42 UTC 2015

   Modified Files:
           pkgsrc/security/openssl: Makefile PLIST.common distinfo

   Log Message:
   Update security/openssl to 1.0.2e.

   pkgsrc changes:

     - We now need to run 'make depend' after configure to pick up algorithm
       selection changes.

   Upstream changes:

    Changes between 1.0.2d and 1.0.2e [3 Dec 2015]

     *) BN_mod_exp may produce incorrect results on x86_64

        There is a carry propagating bug in the x86_64 Montgomery squaring
        procedure. No EC algorithms are affected. Analysis suggests that attacks
        against RSA and DSA as a result of this defect would be very difficult to
        perform and are not believed likely. Attacks against DH are considered just
        feasible (although very difficult) because most of the work necessary to
        deduce information about a private key may be performed offline. The amount
        of resources required for such an attack would be very significant and
        likely only accessible to a limited number of attackers. An attacker would
        additionally need online access to an unpatched system using the target
        private key in a scenario with persistent DH parameters and a private
        key that is shared between multiple clients. For example this can occur by
        default in OpenSSL DHE based SSL/TLS ciphersuites.

        This issue was reported to OpenSSL by Hanno Böck.
        (CVE-2015-3193)
        [Andy Polyakov]

     *) Certificate verify crash with missing PSS parameter

        The signature verification routines will crash with a NULL pointer
        dereference if presented with an ASN.1 signature using the RSA PSS
        algorithm and absent mask generation function parameter. Since these
        routines are used to verify certificate signature algorithms this can be
        used to crash any certificate verification operation and exploited in a
        DoS attack. Any application which performs certificate verification is
        vulnerable including OpenSSL clients and servers which enable client
        authentication.

        This issue was reported to OpenSSL by Loïc Jonas Etienne (Qnective AG).
        (CVE-2015-3194)
        [Stephen Henson]

     *) X509_ATTRIBUTE memory leak

        When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
        memory. This structure is used by the PKCS#7 and CMS routines so any
        application which reads PKCS#7 or CMS data from untrusted sources is
        affected. SSL/TLS is not affected.

        This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using
        libFuzzer.
        (CVE-2015-3195)
        [Stephen Henson]

     *) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
        This changes the decoding behaviour for some invalid messages,
        though the change is mostly in the more lenient direction, and
        legacy behaviour is preserved as much as possible.
        [Emilia Käsper]

     *) In DSA_generate_parameters_ex, if the provided seed is too short,
        return an error
        [Rich Salz and Ismo Puustinen <ismo.puustinen%intel.com@localhost>]

Revision 1.218: download - view: text, markup, annotated - select for diffs
Fri Dec 11 10:20:13 2015 UTC (8 years, 11 months ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2015Q4-base, pkgsrc-2015Q4
Diff to: previous 1.217: preferred, colored
Changes since revision 1.217: +3 -3 lines
Fix the CC=gcc change differently, previous version didn't actually work
due to the default being set later in the environment.

Revision 1.217: download - view: text, markup, annotated - select for diffs
Tue Dec 8 16:51:33 2015 UTC (9 years ago) by jperkin
Branches: MAIN
Diff to: previous 1.216: preferred, colored
Changes since revision 1.216: +7 -1 lines
Work around an issue on platforms where CC=cc (set by default in sys.mk from
bootstrap-mk-files).  OpenSSL specifically checks for CC=gcc before using it as
a makedepend replacement, whereas CC=cc will fall back to requiring a real
'makedepend' which may not be installed.  Tested on Linux by kamil@

Revision 1.216: download - view: text, markup, annotated - select for diffs
Mon Dec 7 15:57:42 2015 UTC (9 years ago) by jperkin
Branches: MAIN
Diff to: previous 1.215: preferred, colored
Changes since revision 1.215: +3 -2 lines
Update security/openssl to 1.0.2e.

pkgsrc changes:

  - We now need to run 'make depend' after configure to pick up algorithm
    selection changes.

Upstream changes:

 Changes between 1.0.2d and 1.0.2e [3 Dec 2015]

  *) BN_mod_exp may produce incorrect results on x86_64

     There is a carry propagating bug in the x86_64 Montgomery squaring
     procedure. No EC algorithms are affected. Analysis suggests that attacks
     against RSA and DSA as a result of this defect would be very difficult to
     perform and are not believed likely. Attacks against DH are considered just
     feasible (although very difficult) because most of the work necessary to
     deduce information about a private key may be performed offline. The amount
     of resources required for such an attack would be very significant and
     likely only accessible to a limited number of attackers. An attacker would
     additionally need online access to an unpatched system using the target
     private key in a scenario with persistent DH parameters and a private
     key that is shared between multiple clients. For example this can occur by
     default in OpenSSL DHE based SSL/TLS ciphersuites.

     This issue was reported to OpenSSL by Hanno Böck.
     (CVE-2015-3193)
     [Andy Polyakov]

  *) Certificate verify crash with missing PSS parameter

     The signature verification routines will crash with a NULL pointer
     dereference if presented with an ASN.1 signature using the RSA PSS
     algorithm and absent mask generation function parameter. Since these
     routines are used to verify certificate signature algorithms this can be
     used to crash any certificate verification operation and exploited in a
     DoS attack. Any application which performs certificate verification is
     vulnerable including OpenSSL clients and servers which enable client
     authentication.

     This issue was reported to OpenSSL by Loïc Jonas Etienne (Qnective AG).
     (CVE-2015-3194)
     [Stephen Henson]

  *) X509_ATTRIBUTE memory leak

     When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
     memory. This structure is used by the PKCS#7 and CMS routines so any
     application which reads PKCS#7 or CMS data from untrusted sources is
     affected. SSL/TLS is not affected.

     This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using
     libFuzzer.
     (CVE-2015-3195)
     [Stephen Henson]

  *) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
     This changes the decoding behaviour for some invalid messages,
     though the change is mostly in the more lenient direction, and
     legacy behaviour is preserved as much as possible.
     [Emilia Käsper]

  *) In DSA_generate_parameters_ex, if the provided seed is too short,
     return an error
     [Rich Salz and Ismo Puustinen <ismo.puustinen@intel.com>]

Revision 1.215: download - view: text, markup, annotated - select for diffs
Mon Oct 26 09:42:47 2015 UTC (9 years, 1 month ago) by jperkin
Branches: MAIN
Diff to: previous 1.214: preferred, colored
Changes since revision 1.214: +2 -2 lines
Support SunOS/clang and pass -h linker argument correctly.  Doesn't fully
fix the build yet, an additional patch to remove LD_LIBRARY_PATH is required
but needs wider testing.

Revision 1.214: download - view: text, markup, annotated - select for diffs
Fri Oct 9 11:44:47 2015 UTC (9 years, 2 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.213: preferred, colored
Changes since revision 1.213: +4 -1 lines
Force the "linux-elf" Configure target for Linux 32-bit, fixes the build when
running with ABI=32 on a 64-bit native host.

Revision 1.213: download - view: text, markup, annotated - select for diffs
Mon Aug 31 19:49:44 2015 UTC (9 years, 3 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2015Q3-base
Branch point for: pkgsrc-2015Q3
Diff to: previous 1.212: preferred, colored
Changes since revision 1.212: +2 -2 lines
Restore https URL, as discussed with schmonz.

Systems without https support in their fetch tools can get the distfiles
from ftp.NetBSD.org.

Revision 1.212: download - view: text, markup, annotated - select for diffs
Mon Aug 31 15:26:31 2015 UTC (9 years, 3 months ago) by schmonz
Branches: MAIN
Diff to: previous 1.211: preferred, colored
Changes since revision 1.211: +2 -2 lines
Go back to using the non-https MASTER_SITES, because NetBSD 6.x's
/usr/bin/ftp (at least) can't fetch https URLs, and we verify
distfiles by checksum anyway.

Revision 1.211: download - view: text, markup, annotated - select for diffs
Sun Jul 12 19:02:47 2015 UTC (9 years, 4 months ago) by wiz
Branches: MAIN
Diff to: previous 1.210: preferred, colored
Changes since revision 1.210: +2 -2 lines
Fix pattern; perl will never be <5.16 again.

Revision 1.209.2.1: download - view: text, markup, annotated - select for diffs
Sun Jul 12 10:48:58 2015 UTC (9 years, 4 months ago) by tron
Branches: pkgsrc-2015Q2
Diff to: previous 1.209: preferred, colored; next MAIN 1.210: preferred, colored
Changes since revision 1.209: +2 -2 lines
Pullup ticket #4770 - requested by wiz
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.210
- security/openssl/PLIST.common                                 1.25
- security/openssl/distinfo                                     1.115

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Thu Jul  9 13:37:56 UTC 2015

   Modified Files:
   	pkgsrc/security/openssl: Makefile PLIST.common distinfo

   Log Message:
   Update to 1.0.2d:

     Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015]

         o Alternate chains certificate forgery (CVE-2015-1793)

Revision 1.210: download - view: text, markup, annotated - select for diffs
Thu Jul 9 13:37:56 2015 UTC (9 years, 5 months ago) by wiz
Branches: MAIN
Diff to: previous 1.209: preferred, colored
Changes since revision 1.209: +2 -2 lines
Update to 1.0.2d:

  Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015]

      o Alternate chains certificate forgery (CVE-2015-1793)

Revision 1.204.2.1: download - view: text, markup, annotated - select for diffs
Sat Jun 13 07:03:28 2015 UTC (9 years, 5 months ago) by spz
Branches: pkgsrc-2015Q1
Diff to: previous 1.204: preferred, colored; next MAIN 1.205: preferred, colored
Changes since revision 1.204: +4 -4 lines
Pullup ticket #4747 - requested by tron
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.208-1.209
- security/openssl/PLIST.common                                 1.24
- security/openssl/distinfo                                     1.113-1.114
- security/openssl/patches/patch-Configure                      1.5

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Fri Jun 12 17:02:24 UTC 2015

   Modified Files:
   	pkgsrc/security/openssl: Makefile PLIST.common distinfo
   	pkgsrc/security/openssl/patches: patch-Configure

   Log Message:
   Update "openssl" package to version 1.0.2b. Changes since version 1.0.2a:
   - Malformed ECParameters causes infinite loop
     When processing an ECParameters structure OpenSSL enters an infinite loop
     if the curve specified is over a specially malformed binary polynomial
     field.
     This can be used to perform denial of service against any
     system which processes public keys, certificate requests or
     certificates.  This includes TLS clients and TLS servers with
     client authentication enabled.
     This issue was reported to OpenSSL by Joseph Barr-Pixton.
     (CVE-2015-1788)
     [Andy Polyakov]
   - Exploitable out-of-bounds read in X509_cmp_time
     X509_cmp_time does not properly check the length of the ASN1_TIME
     string and can read a few bytes out of bounds. In addition,
     X509_cmp_time accepts an arbitrary number of fractional seconds in the
     time string.
     An attacker can use this to craft malformed certificates and CRLs of
     various sizes and potentially cause a segmentation fault, resulting in
     a DoS on applications that verify certificates or CRLs. TLS clients
     that verify CRLs are affected. TLS clients and servers with client
     authentication enabled may be affected if they use custom verification
     callbacks.
     This issue was reported to OpenSSL by Robert Swiecki (Google), and
     independently by Hanno B?ck.
     (CVE-2015-1789)
     [Emilia K?sper]
   - PKCS7 crash with missing EnvelopedContent
     The PKCS#7 parsing code does not handle missing inner EncryptedContent
     correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
     with missing content and trigger a NULL pointer dereference on parsing.
     Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
     structures from untrusted sources are affected. OpenSSL clients and
     servers are not affected.
     This issue was reported to OpenSSL by Michal Zalewski (Google).
     (CVE-2015-1790)
     [Emilia K?sper]
   - CMS verify infinite loop with unknown hash function
     When verifying a signedData message the CMS code can enter an infinite lo=
   op
     if presented with an unknown hash function OID. This can be used to perfo=
   rm
     denial of service against any system which verifies signedData messages u=
   sing
     the CMS code.
     This issue was reported to OpenSSL by Johannes Bauer.
     (CVE-2015-1792)
     [Stephen Henson]
   - Race condition handling NewSessionTicket
     If a NewSessionTicket is received by a multi-threaded client when
     attempting to reuse a previous ticket then a race condition can occur
     potentially leading to a double free of the ticket data.
     (CVE-2015-1791)
     [Matt Caswell]
   - Removed support for the two export grade static DH ciphersuites
     EXP-DH-RSA-DES-CBC-SHA and EXP-DH-DSS-DES-CBC-SHA. These two ciphersuites
     were newly added (along with a number of other static DH ciphersuites) to
     1.0.2. However the two export ones have *never* worked since they were
     introduced. It seems strange in any case to be adding new export
     ciphersuites, and given "logjam" it also does not seem correct to fix the=
   m.
     [Matt Caswell]
   - Only support 256-bit or stronger elliptic curves with the
     'ecdh_auto' setting (server) or by default (client). Of supported
     curves, prefer P-256 (both).
     [Emilia Kasper]
   - Reject DH handshakes with parameters shorter than 768 bits.
     [Kurt Roeckx and Emilia Kasper]


   To generate a diff of this commit:
   cvs rdiff -u -r1.207 -r1.208 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.23 -r1.24 pkgsrc/security/openssl/PLIST.common
   cvs rdiff -u -r1.112 -r1.113 pkgsrc/security/openssl/distinfo
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/security/openssl/patches/patch-Configure

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Fri Jun 12 17:32:32 UTC 2015

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update "openssl" package to version 1.0.2b. Changes since version 1.0.2c:
   - Fix HMAC ABI incompatibility. The previous version introduced an ABI
     incompatibility in the handling of HMAC. The previous ABI has now been
     restored.


   To generate a diff of this commit:
   cvs rdiff -u -r1.208 -r1.209 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.113 -r1.114 pkgsrc/security/openssl/distinfo

Revision 1.209: download - view: text, markup, annotated - select for diffs
Fri Jun 12 17:32:32 2015 UTC (9 years, 5 months ago) by tron
Branches: MAIN
CVS tags: pkgsrc-2015Q2-base
Branch point for: pkgsrc-2015Q2
Diff to: previous 1.208: preferred, colored
Changes since revision 1.208: +4 -4 lines
Update "openssl" package to version 1.0.2b. Changes since version 1.0.2c:
- Fix HMAC ABI incompatibility. The previous version introduced an ABI
  incompatibility in the handling of HMAC. The previous ABI has now been
  restored.

Revision 1.208: download - view: text, markup, annotated - select for diffs
Fri Jun 12 17:02:24 2015 UTC (9 years, 5 months ago) by tron
Branches: MAIN
Diff to: previous 1.207: preferred, colored
Changes since revision 1.207: +2 -3 lines
Update "openssl" package to version 1.0.2b. Changes since version 1.0.2a:
- Malformed ECParameters causes infinite loop
  When processing an ECParameters structure OpenSSL enters an infinite loop
  if the curve specified is over a specially malformed binary polynomial
  field.
  This can be used to perform denial of service against any
  system which processes public keys, certificate requests or
  certificates.  This includes TLS clients and TLS servers with
  client authentication enabled.
  This issue was reported to OpenSSL by Joseph Barr-Pixton.
  (CVE-2015-1788)
  [Andy Polyakov]
- Exploitable out-of-bounds read in X509_cmp_time
  X509_cmp_time does not properly check the length of the ASN1_TIME
  string and can read a few bytes out of bounds. In addition,
  X509_cmp_time accepts an arbitrary number of fractional seconds in the
  time string.
  An attacker can use this to craft malformed certificates and CRLs of
  various sizes and potentially cause a segmentation fault, resulting in
  a DoS on applications that verify certificates or CRLs. TLS clients
  that verify CRLs are affected. TLS clients and servers with client
  authentication enabled may be affected if they use custom verification
  callbacks.
  This issue was reported to OpenSSL by Robert Swiecki (Google), and
  independently by Hanno Bck.
  (CVE-2015-1789)
  [Emilia Ksper]
- PKCS7 crash with missing EnvelopedContent
  The PKCS#7 parsing code does not handle missing inner EncryptedContent
  correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
  with missing content and trigger a NULL pointer dereference on parsing.
  Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
  structures from untrusted sources are affected. OpenSSL clients and
  servers are not affected.
  This issue was reported to OpenSSL by Michal Zalewski (Google).
  (CVE-2015-1790)
  [Emilia Ksper]
- CMS verify infinite loop with unknown hash function
  When verifying a signedData message the CMS code can enter an infinite loop
  if presented with an unknown hash function OID. This can be used to perform
  denial of service against any system which verifies signedData messages using
  the CMS code.
  This issue was reported to OpenSSL by Johannes Bauer.
  (CVE-2015-1792)
  [Stephen Henson]
- Race condition handling NewSessionTicket
  If a NewSessionTicket is received by a multi-threaded client when
  attempting to reuse a previous ticket then a race condition can occur
  potentially leading to a double free of the ticket data.
  (CVE-2015-1791)
  [Matt Caswell]
- Removed support for the two export grade static DH ciphersuites
  EXP-DH-RSA-DES-CBC-SHA and EXP-DH-DSS-DES-CBC-SHA. These two ciphersuites
  were newly added (along with a number of other static DH ciphersuites) to
  1.0.2. However the two export ones have *never* worked since they were
  introduced. It seems strange in any case to be adding new export
  ciphersuites, and given "logjam" it also does not seem correct to fix them.
  [Matt Caswell]
- Only support 256-bit or stronger elliptic curves with the
  'ecdh_auto' setting (server) or by default (client). Of supported
  curves, prefer P-256 (both).
  [Emilia Kasper]
- Reject DH handshakes with parameters shorter than 768 bits.
  [Kurt Roeckx and Emilia Kasper]

Revision 1.207: download - view: text, markup, annotated - select for diffs
Fri Jun 12 10:51:03 2015 UTC (9 years, 5 months ago) by wiz
Branches: MAIN
Diff to: previous 1.206: preferred, colored
Changes since revision 1.206: +2 -1 lines
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.

Revision 1.206: download - view: text, markup, annotated - select for diffs
Tue Apr 28 14:38:45 2015 UTC (9 years, 7 months ago) by tnn
Branches: MAIN
Diff to: previous 1.205: preferred, colored
Changes since revision 1.205: +2 -2 lines
hppa -> hppa64

Revision 1.205: download - view: text, markup, annotated - select for diffs
Sun Apr 19 09:02:02 2015 UTC (9 years, 7 months ago) by tnn
Branches: MAIN
Diff to: previous 1.204: preferred, colored
Changes since revision 1.204: +3 -3 lines
guard against undefined ABI

Revision 1.204: download - view: text, markup, annotated - select for diffs
Thu Mar 19 22:11:22 2015 UTC (9 years, 8 months ago) by tron
Branches: MAIN
CVS tags: pkgsrc-2015Q1-base
Branch point for: pkgsrc-2015Q1
Diff to: previous 1.203: preferred, colored
Changes since revision 1.203: +3 -3 lines
Update "openssl" package to version 1.0.2. Changes since version 1.0.2a:
- ClientHello sigalgs DoS fix

  If a client connects to an OpenSSL 1.0.2 server and renegotiates with an
  invalid signature algorithms extension a NULL pointer dereference will
  occur. This can be exploited in a DoS attack against the server.

  This issue was was reported to OpenSSL by David Ramos of Stanford
  University.
  (CVE-2015-0291)
  [Stephen Henson and Matt Caswell]

- Multiblock corrupted pointer fix

  OpenSSL 1.0.2 introduced the "multiblock" performance improvement. This
  feature only applies on 64 bit x86 architecture platforms that support AES
  NI instructions. A defect in the implementation of "multiblock" can cause
  OpenSSL's internal write buffer to become incorrectly set to NULL when
  using non-blocking IO. Typically, when the user application is using a
  socket BIO for writing, this will only result in a failed connection.
  However if some other BIO is used then it is likely that a segmentation
  fault will be triggered, thus enabling a potential DoS attack.

  This issue was reported to OpenSSL by Daniel Danner and Rainer Mueller.
  (CVE-2015-0290)
  [Matt Caswell]

- Segmentation fault in DTLSv1_listen fix

  The DTLSv1_listen function is intended to be stateless and processes the
  initial ClientHello from many peers. It is common for user code to loop
  over the call to DTLSv1_listen until a valid ClientHello is received with
  an associated cookie. A defect in the implementation of DTLSv1_listen means
  that state is preserved in the SSL object from one invocation to the next
  that can lead to a segmentation fault. Errors processing the initial
  ClientHello can trigger this scenario. An example of such an error could be
  that a DTLS1.0 only client is attempting to connect to a DTLS1.2 only
  server.

  This issue was reported to OpenSSL by Per Allansson.
  (CVE-2015-0207)
  [Matt Caswell]

- Segmentation fault in ASN1_TYPE_cmp fix

  The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is
  made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check
  certificate signature algorithm consistency this can be used to crash any
  certificate verification operation and exploited in a DoS attack. Any
  application which performs certificate verification is vulnerable including
  OpenSSL clients and servers which enable client authentication.
  (CVE-2015-0286)
  [Stephen Henson]

- Segmentation fault for invalid PSS parameters fix

  The signature verification routines will crash with a NULL pointer
  dereference if presented with an ASN.1 signature using the RSA PSS
  algorithm and invalid parameters. Since these routines are used to verify
  certificate signature algorithms this can be used to crash any
  certificate verification operation and exploited in a DoS attack. Any
  application which performs certificate verification is vulnerable including
  OpenSSL clients and servers which enable client authentication.

  This issue was was reported to OpenSSL by Brian Carpenter.
  (CVE-2015-0208)
  [Stephen Henson]

- ASN.1 structure reuse memory corruption fix

  Reusing a structure in ASN.1 parsing may allow an attacker to cause
  memory corruption via an invalid write. Such reuse is and has been
  strongly discouraged and is believed to be rare.

  Applications that parse structures containing CHOICE or ANY DEFINED BY
  components may be affected. Certificate parsing (d2i_X509 and related
  functions) are however not affected. OpenSSL clients and servers are
  not affected.
  (CVE-2015-0287)
  [Stephen Henson]

- PKCS7 NULL pointer dereferences fix

  The PKCS#7 parsing code does not handle missing outer ContentInfo
  correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with
  missing content and trigger a NULL pointer dereference on parsing.

  Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or
  otherwise parse PKCS#7 structures from untrusted sources are
  affected. OpenSSL clients and servers are not affected.

  This issue was reported to OpenSSL by Michal Zalewski (Google).
  (CVE-2015-0289)
  [Emilia Ksper]

- DoS via reachable assert in SSLv2 servers fix

  A malicious client can trigger an OPENSSL_assert (i.e., an abort) in
  servers that both support SSLv2 and enable export cipher suites by sending
  a specially crafted SSLv2 CLIENT-MASTER-KEY message.

  This issue was discovered by Sean Burford (Google) and Emilia Ksper
  (OpenSSL development team).
  (CVE-2015-0293)
  [Emilia Ksper]

- Empty CKE with client auth and DHE fix

  If client auth is used then a server can seg fault in the event of a DHE
  ciphersuite being selected and a zero length ClientKeyExchange message
  being sent by the client. This could be exploited in a DoS attack.
  (CVE-2015-1787)
  [Matt Caswell]

- Handshake with unseeded PRNG fix

  Under certain conditions an OpenSSL 1.0.2 client can complete a handshake
  with an unseeded PRNG. The conditions are:
  - The client is on a platform where the PRNG has not been seeded
  automatically, and the user has not seeded manually
  - A protocol specific client method version has been used (i.e. not
  SSL_client_methodv23)
  - A ciphersuite is used that does not require additional random data from
  the PRNG beyond the initial ClientHello client random (e.g. PSK-RC4-SHA).

  If the handshake succeeds then the client random that has been used will
  have been generated from a PRNG with insufficient entropy and therefore the
  output may be predictable.

  For example using the following command with an unseeded openssl will
  succeed on an unpatched platform:

  openssl s_client -psk 1a2b3c4d -tls1_2 -cipher PSK-RC4-SHA
  (CVE-2015-0285)
  [Matt Caswell]

- Use After Free following d2i_ECPrivatekey error fix

  A malformed EC private key file consumed via the d2i_ECPrivateKey function
  could cause a use after free condition. This, in turn, could cause a double
  free in several private key parsing functions (such as d2i_PrivateKey
  or EVP_PKCS82PKEY) and could lead to a DoS attack or memory corruption
  for applications that receive EC private keys from untrusted
  sources. This scenario is considered rare.

  This issue was discovered by the BoringSSL project and fixed in their
  commit 517073cd4b.
  (CVE-2015-0209)
  [Matt Caswell]

- X509_to_X509_REQ NULL pointer deref fix

  The function X509_to_X509_REQ will crash with a NULL pointer dereference if
  the certificate key is invalid. This function is rarely used in practice.

  This issue was discovered by Brian Carpenter.
  (CVE-2015-0288)
  [Stephen Henson]

- Removed the export ciphers from the DEFAULT ciphers
  [Kurt Roeckx]

Revision 1.203: download - view: text, markup, annotated - select for diffs
Wed Mar 11 22:49:40 2015 UTC (9 years, 8 months ago) by tnn
Branches: MAIN
Diff to: previous 1.202: preferred, colored
Changes since revision 1.202: +2 -3 lines
unconditionally wants dlopen

Revision 1.202: download - view: text, markup, annotated - select for diffs
Thu Feb 12 13:08:53 2015 UTC (9 years, 9 months ago) by adam
Branches: MAIN
Diff to: previous 1.201: preferred, colored
Changes since revision 1.201: +19 -23 lines
Changes 1.0.2:
Suite B support for TLS 1.2 and DTLS 1.2
Support for DTLS 1.2
TLS automatic EC curve selection.
API to set TLS supported signature algorithms and curves
SSL_CONF configuration API.
TLS Brainpool support.
ALPN support.
CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.

Revision 1.200.2.1: download - view: text, markup, annotated - select for diffs
Sun Jan 11 19:52:04 2015 UTC (9 years, 10 months ago) by tron
Branches: pkgsrc-2014Q4
Diff to: previous 1.200: preferred, colored; next MAIN 1.201: preferred, colored
Changes since revision 1.200: +2 -2 lines
Pullup ticket #4586 - requested by wiz
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.201
- security/openssl/distinfo                                     1.110
- security/openssl/patches/patch-crypto_dso_dso__dlfcn.c        deleted

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Thu Jan  8 16:58:25 UTC 2015

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-crypto_dso_dso__dlfcn.c

   Log Message:
   Update to 1.0.1k:

    Changes between 1.0.1j and 1.0.1k [8 Jan 2015]

     *) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS
        message can cause a segmentation fault in OpenSSL due to a NULL pointer
        dereference. This could lead to a Denial Of Service attack. Thanks to
        Markus Stenberg of Cisco Systems, Inc. for reporting this issue.
        (CVE-2014-3571)
        [Steve Henson]

     *) Fix DTLS memory leak in dtls1_buffer_record. A memory leak can occur in the
        dtls1_buffer_record function under certain conditions. In particular this
        could occur if an attacker sent repeated DTLS records with the same
        sequence number but for the next epoch. The memory leak could be exploited
        by an attacker in a Denial of Service attack through memory exhaustion.
        Thanks to Chris Mueller for reporting this issue.
        (CVE-2015-0206)
        [Matt Caswell]

     *) Fix issue where no-ssl3 configuration sets method to NULL. When openssl is
        built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
        method would be set to NULL which could later result in a NULL pointer
        dereference. Thanks to Frank Schmirler for reporting this issue.
        (CVE-2014-3569)
        [Kurt Roeckx]

     *) Abort handshake if server key exchange message is omitted for ephemeral
        ECDH ciphersuites.

        Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
        reporting this issue.
        (CVE-2014-3572)
        [Steve Henson]

     *) Remove non-export ephemeral RSA code on client and server. This code
        violated the TLS standard by allowing the use of temporary RSA keys in
        non-export ciphersuites and could be used by a server to effectively
        downgrade the RSA key length used to a value smaller than the server
        certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
        INRIA or reporting this issue.
        (CVE-2015-0204)
        [Steve Henson]

     *) Fixed issue where DH client certificates are accepted without verification.
        An OpenSSL server will accept a DH certificate for client authentication
        without the certificate verify message. This effectively allows a client to
        authenticate without the use of a private key. This only affects servers
        which trust a client certificate authority which issues certificates
        containing DH keys: these are extremely rare and hardly ever encountered.
        Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting
        this issue.
        (CVE-2015-0205)
        [Steve Henson]

     *) Ensure that the session ID context of an SSL is updated when its
        SSL_CTX is updated via SSL_set_SSL_CTX.

        The session ID context is typically set from the parent SSL_CTX,
        and can vary with the CTX.
        [Adam Langley]

     *) Fix various certificate fingerprint issues.

        By using non-DER or invalid encodings outside the signed portion of a
        certificate the fingerprint can be changed without breaking the signature.
        Although no details of the signed portion of the certificate can be changed
        this can cause problems with some applications: e.g. those using the
        certificate fingerprint for blacklists.

        1. Reject signatures with non zero unused bits.

        If the BIT STRING containing the signature has non zero unused bits reject
        the signature. All current signature algorithms require zero unused bits.

        2. Check certificate algorithm consistency.

        Check the AlgorithmIdentifier inside TBS matches the one in the
        certificate signature. NB: this will result in signature failure
        errors for some broken certificates.

        Thanks to Konrad Kraszewski from Google for reporting this issue.

        3. Check DSA/ECDSA signatures use DER.

        Reencode DSA/ECDSA signatures and compare with the original received
        signature. Return an error if there is a mismatch.

        This will reject various cases including garbage after signature
        (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
        program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
        (negative or with leading zeroes).

        Further analysis was conducted and fixes were developed by Stephen Henson
        of the OpenSSL core team.

        (CVE-2014-8275)
        [Steve Henson]

      *) Correct Bignum squaring. Bignum squaring (BN_sqr) may produce incorrect
         results on some platforms, including x86_64. This bug occurs at random
         with a very low probability, and is not known to be exploitable in any
         way, though its exact impact is difficult to determine. Thanks to Pieter
         Wuille (Blockstream) who reported this issue and also suggested an initial
         fix. Further analysis was conducted by the OpenSSL development team and
         Adam Langley of Google. The final fix was developed by Andy Polyakov of
         the OpenSSL core team.
         (CVE-2014-3570)
         [Andy Polyakov]

      *) Do not resume sessions on the server if the negotiated protocol
         version does not match the session's version. Resuming with a different
         version, while not strictly forbidden by the RFC, is of questionable
         sanity and breaks all known clients.
         [David Benjamin, Emilia K?sper]

      *) Tighten handling of the ChangeCipherSpec (CCS) message: reject
         early CCS messages during renegotiation. (Note that because
         renegotiation is encrypted, this early CCS was not exploitable.)
         [Emilia K?sper]

      *) Tighten client-side session ticket handling during renegotiation:
         ensure that the client only accepts a session ticket if the server sends
         the extension anew in the ServerHello. Previously, a TLS client would
         reuse the old extension state and thus accept a session ticket if one was
         announced in the initial ServerHello.

         Similarly, ensure that the client requires a session ticket if one
         was advertised in the ServerHello. Previously, a TLS client would
         ignore a missing NewSessionTicket message.
         [Emilia K?sper]

Revision 1.201: download - view: text, markup, annotated - select for diffs
Thu Jan 8 16:58:25 2015 UTC (9 years, 11 months ago) by wiz
Branches: MAIN
Diff to: previous 1.200: preferred, colored
Changes since revision 1.200: +2 -2 lines
Update to 1.0.1k:

 Changes between 1.0.1j and 1.0.1k [8 Jan 2015]

  *) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS
     message can cause a segmentation fault in OpenSSL due to a NULL pointer
     dereference. This could lead to a Denial Of Service attack. Thanks to
     Markus Stenberg of Cisco Systems, Inc. for reporting this issue.
     (CVE-2014-3571)
     [Steve Henson]

  *) Fix DTLS memory leak in dtls1_buffer_record. A memory leak can occur in the
     dtls1_buffer_record function under certain conditions. In particular this
     could occur if an attacker sent repeated DTLS records with the same
     sequence number but for the next epoch. The memory leak could be exploited
     by an attacker in a Denial of Service attack through memory exhaustion.
     Thanks to Chris Mueller for reporting this issue.
     (CVE-2015-0206)
     [Matt Caswell]

  *) Fix issue where no-ssl3 configuration sets method to NULL. When openssl is
     built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
     method would be set to NULL which could later result in a NULL pointer
     dereference. Thanks to Frank Schmirler for reporting this issue.
     (CVE-2014-3569)
     [Kurt Roeckx]

  *) Abort handshake if server key exchange message is omitted for ephemeral
     ECDH ciphersuites.

     Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
     reporting this issue.
     (CVE-2014-3572)
     [Steve Henson]

  *) Remove non-export ephemeral RSA code on client and server. This code
     violated the TLS standard by allowing the use of temporary RSA keys in
     non-export ciphersuites and could be used by a server to effectively
     downgrade the RSA key length used to a value smaller than the server
     certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
     INRIA or reporting this issue.
     (CVE-2015-0204)
     [Steve Henson]

  *) Fixed issue where DH client certificates are accepted without verification.
     An OpenSSL server will accept a DH certificate for client authentication
     without the certificate verify message. This effectively allows a client to
     authenticate without the use of a private key. This only affects servers
     which trust a client certificate authority which issues certificates
     containing DH keys: these are extremely rare and hardly ever encountered.
     Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting
     this issue.
     (CVE-2015-0205)
     [Steve Henson]

  *) Ensure that the session ID context of an SSL is updated when its
     SSL_CTX is updated via SSL_set_SSL_CTX.

     The session ID context is typically set from the parent SSL_CTX,
     and can vary with the CTX.
     [Adam Langley]

  *) Fix various certificate fingerprint issues.

     By using non-DER or invalid encodings outside the signed portion of a
     certificate the fingerprint can be changed without breaking the signature.
     Although no details of the signed portion of the certificate can be changed
     this can cause problems with some applications: e.g. those using the
     certificate fingerprint for blacklists.

     1. Reject signatures with non zero unused bits.

     If the BIT STRING containing the signature has non zero unused bits reject
     the signature. All current signature algorithms require zero unused bits.

     2. Check certificate algorithm consistency.

     Check the AlgorithmIdentifier inside TBS matches the one in the
     certificate signature. NB: this will result in signature failure
     errors for some broken certificates.

     Thanks to Konrad Kraszewski from Google for reporting this issue.

     3. Check DSA/ECDSA signatures use DER.

     Reencode DSA/ECDSA signatures and compare with the original received
     signature. Return an error if there is a mismatch.

     This will reject various cases including garbage after signature
     (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
     program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
     (negative or with leading zeroes).

     Further analysis was conducted and fixes were developed by Stephen Henson
     of the OpenSSL core team.

     (CVE-2014-8275)
     [Steve Henson]

   *) Correct Bignum squaring. Bignum squaring (BN_sqr) may produce incorrect
      results on some platforms, including x86_64. This bug occurs at random
      with a very low probability, and is not known to be exploitable in any
      way, though its exact impact is difficult to determine. Thanks to Pieter
      Wuille (Blockstream) who reported this issue and also suggested an initial
      fix. Further analysis was conducted by the OpenSSL development team and
      Adam Langley of Google. The final fix was developed by Andy Polyakov of
      the OpenSSL core team.
      (CVE-2014-3570)
      [Andy Polyakov]

   *) Do not resume sessions on the server if the negotiated protocol
      version does not match the session's version. Resuming with a different
      version, while not strictly forbidden by the RFC, is of questionable
      sanity and breaks all known clients.
      [David Benjamin, Emilia Ksper]

   *) Tighten handling of the ChangeCipherSpec (CCS) message: reject
      early CCS messages during renegotiation. (Note that because
      renegotiation is encrypted, this early CCS was not exploitable.)
      [Emilia Ksper]

   *) Tighten client-side session ticket handling during renegotiation:
      ensure that the client only accepts a session ticket if the server sends
      the extension anew in the ServerHello. Previously, a TLS client would
      reuse the old extension state and thus accept a session ticket if one was
      announced in the initial ServerHello.

      Similarly, ensure that the client requires a session ticket if one
      was advertised in the ServerHello. Previously, a TLS client would
      ignore a missing NewSessionTicket message.
      [Emilia Ksper]

Revision 1.200: download - view: text, markup, annotated - select for diffs
Wed Oct 15 19:04:40 2014 UTC (10 years, 1 month ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2014Q4-base
Branch point for: pkgsrc-2014Q4
Diff to: previous 1.199: preferred, colored
Changes since revision 1.199: +2 -2 lines
Update to openssl-1.0.1j.

 Changes between 1.0.1i and 1.0.1j [15 Oct 2014]

  *) SRTP Memory Leak.

     A flaw in the DTLS SRTP extension parsing code allows an attacker, who
     sends a carefully crafted handshake message, to cause OpenSSL to fail
     to free up to 64k of memory causing a memory leak. This could be
     exploited in a Denial Of Service attack. This issue affects OpenSSL
     1.0.1 server implementations for both SSL/TLS and DTLS regardless of
     whether SRTP is used or configured. Implementations of OpenSSL that
     have been compiled with OPENSSL_NO_SRTP defined are not affected.

     The fix was developed by the OpenSSL team.
     (CVE-2014-3513)
     [OpenSSL team]

  *) Session Ticket Memory Leak.

     When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
     integrity of that ticket is first verified. In the event of a session
     ticket integrity check failing, OpenSSL will fail to free memory
     causing a memory leak. By sending a large number of invalid session
     tickets an attacker could exploit this issue in a Denial Of Service
     attack.
     (CVE-2014-3567)
     [Steve Henson]

  *) Build option no-ssl3 is incomplete.

     When OpenSSL is configured with "no-ssl3" as a build option, servers
     could accept and complete a SSL 3.0 handshake, and clients could be
     configured to send them.
     (CVE-2014-3568)
     [Akamai and the OpenSSL team]

  *) Add support for TLS_FALLBACK_SCSV.
     Client applications doing fallback retries should call
     SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV).
     (CVE-2014-3566)
     [Adam Langley, Bodo Moeller]

  *) Add additional DigestInfo checks.

     Reencode DigestInto in DER and check against the original when
     verifying RSA signature: this will reject any improperly encoded
     DigestInfo structures.

     Note: this is a precautionary measure and no attacks are currently known.

     [Steve Henson]

Revision 1.199: download - view: text, markup, annotated - select for diffs
Thu Oct 9 14:06:52 2014 UTC (10 years, 2 months ago) by wiz
Branches: MAIN
Diff to: previous 1.198: preferred, colored
Changes since revision 1.198: +1 -3 lines
Remove pkgviews: don't set PKG_INSTALLATION_TYPES in Makefiles.

Revision 1.198: download - view: text, markup, annotated - select for diffs
Thu Oct 9 13:44:53 2014 UTC (10 years, 2 months ago) by wiz
Branches: MAIN
Diff to: previous 1.197: preferred, colored
Changes since revision 1.197: +1 -2 lines
Remove SVR4_PKGNAME, per discussion on tech-pkg.

Revision 1.197: download - view: text, markup, annotated - select for diffs
Thu Aug 21 15:48:52 2014 UTC (10 years, 3 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3
Diff to: previous 1.196: preferred, colored
Changes since revision 1.196: +3 -3 lines
Fix typo in previous. From PR 49131.

Revision 1.196: download - view: text, markup, annotated - select for diffs
Thu Aug 21 08:02:56 2014 UTC (10 years, 3 months ago) by wiz
Branches: MAIN
Diff to: previous 1.195: preferred, colored
Changes since revision 1.195: +16 -1 lines
On AIX, openssl ignores $CC & defaults to using the aix-cc profile
& building with /usr/vac/bin/cc, add the necessary checks to Makefile
to use the correct profile depending on what CC/ABI is set to.

Patch from Sevan Janiyan in PR 49131, but moved a few lines to not
affect Darwin.

Revision 1.193.2.1: download - view: text, markup, annotated - select for diffs
Sat Aug 9 20:43:14 2014 UTC (10 years, 3 months ago) by spz
Branches: pkgsrc-2014Q2
Diff to: previous 1.193: preferred, colored; next MAIN 1.194: preferred, colored
Changes since revision 1.193: +2 -2 lines
Pullup ticket #4471 - requested by obache
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.195
- security/openssl/PLIST.common                                 1.19
- security/openssl/distinfo                                     1.108

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Thu Aug  7 01:29:45 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile PLIST.common distinfo

   Log Message:
   Update openssl to 1.0.1i.

    Changes between 1.0.1h and 1.0.1i [6 Aug 2014]

     *) Fix SRP buffer overrun vulnerability. Invalid parameters passed to the
        SRP code can be overrun an internal buffer. Add sanity check that
        g, A, B < N to SRP code.

        Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
        Group for discovering this issue.
        (CVE-2014-3512)
        [Steve Henson]

     *) A flaw in the OpenSSL SSL/TLS server code causes the server to
   negotiate      TLS 1.0 instead of higher protocol versions when the
   ClientHello message      is badly fragmented. This allows a
   man-in-the-middle attacker to force a      downgrade to TLS 1.0 even if
   both the server and the client support a      higher protocol version, by
   modifying the client's TLS records.

        Thanks to David Benjamin and Adam Langley (Google) for discovering and
        researching this issue.
        (CVE-2014-3511)
        [David Benjamin]

     *) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are =
   subject
        to a denial of service attack. A malicious server can crash the client
        with a null pointer dereference (read) by specifying an anonymous
   (EC)DH      ciphersuite and sending carefully crafted handshake messages.

        Thanks to Felix Grvbert (Google) for discovering and researching this
        issue.
        (CVE-2014-3510)
        [Emilia K=E4=B3=B0er]

     *) By sending carefully crafted DTLS packets an attacker could cause
   openssl      to leak memory. This can be exploited through a Denial of
   Service attack.      Thanks to Adam Langley for discovering and researching
   this issue.      (CVE-2014-3507)
        [Adam Langley]

     *) An attacker can force openssl to consume large amounts of memory =
   whilst
        processing DTLS handshake messages. This can be exploited through a
        Denial of Service attack.
        Thanks to Adam Langley for discovering and researching this issue.
        (CVE-2014-3506)
        [Adam Langley]

     *) An attacker can force an error condition which causes openssl to crash
        whilst processing DTLS packets due to memory being freed twice. This
        can be exploited through a Denial of Service attack.
        Thanks to Adam Langley and Wan-Teh Chang for discovering and
   researching      this issue.
        (CVE-2014-3505)
        [Adam Langley]

     *) If a multithreaded client connects to a malicious server using a
   resumed      session and the server sends an ec point format extension it
   could write      up to 255 bytes to freed memory.

        Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching
   this      issue.
        (CVE-2014-3509)
        [Gabor Tyukasz]

     *) A malicious server can crash an OpenSSL client with a null pointer
        dereference (read) by specifying an SRP ciphersuite even though it was
   not      properly negotiated with the client. This can be exploited through
   a      Denial of Service attack.

        Thanks to Joonas Kuorilehto and Riku Hietam=E4=AB=A9 (Codenomicon) for
        discovering and researching this issue.
        (CVE-2014-5139)
        [Steve Henson]

     *) A flaw in OBJ_obj2txt may cause pretty printing functions such as
        X509_name_oneline, X509_name_print_ex et al. to leak some information
        from the stack. Applications may be affected if they echo pretty
   printing      output to the attacker.

        Thanks to Ivan Fratric (Google) for discovering this issue.
        (CVE-2014-3508)
        [Emilia K=E4=B3=B0er, and Steve Henson]

     *) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.)
        for corner cases. (Certain input points at infinity could lead to
        bogus results, with non-infinity inputs mapped to infinity too.)
        [Bodo Moeller]


   To generate a diff of this commit:
   cvs rdiff -u -r1.194 -r1.195 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/security/openssl/PLIST.common
   cvs rdiff -u -r1.107 -r1.108 pkgsrc/security/openssl/distinfo

Revision 1.195: download - view: text, markup, annotated - select for diffs
Thu Aug 7 01:29:45 2014 UTC (10 years, 4 months ago) by obache
Branches: MAIN
Diff to: previous 1.194: preferred, colored
Changes since revision 1.194: +2 -2 lines
Update openssl to 1.0.1i.

 Changes between 1.0.1h and 1.0.1i [6 Aug 2014]

  *) Fix SRP buffer overrun vulnerability. Invalid parameters passed to the
     SRP code can be overrun an internal buffer. Add sanity check that
     g, A, B < N to SRP code.

     Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
     Group for discovering this issue.
     (CVE-2014-3512)
     [Steve Henson]

  *) A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate
     TLS 1.0 instead of higher protocol versions when the ClientHello message
     is badly fragmented. This allows a man-in-the-middle attacker to force a
     downgrade to TLS 1.0 even if both the server and the client support a
     higher protocol version, by modifying the client's TLS records.

     Thanks to David Benjamin and Adam Langley (Google) for discovering and
     researching this issue.
     (CVE-2014-3511)
     [David Benjamin]

  *) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject
     to a denial of service attack. A malicious server can crash the client
     with a null pointer dereference (read) by specifying an anonymous (EC)DH
     ciphersuite and sending carefully crafted handshake messages.

     Thanks to Felix Grbert (Google) for discovering and researching this
     issue.
     (CVE-2014-3510)
     [Emilia Ksper]

  *) By sending carefully crafted DTLS packets an attacker could cause openssl
     to leak memory. This can be exploited through a Denial of Service attack.
     Thanks to Adam Langley for discovering and researching this issue.
     (CVE-2014-3507)
     [Adam Langley]

  *) An attacker can force openssl to consume large amounts of memory whilst
     processing DTLS handshake messages. This can be exploited through a
     Denial of Service attack.
     Thanks to Adam Langley for discovering and researching this issue.
     (CVE-2014-3506)
     [Adam Langley]

  *) An attacker can force an error condition which causes openssl to crash
     whilst processing DTLS packets due to memory being freed twice. This
     can be exploited through a Denial of Service attack.
     Thanks to Adam Langley and Wan-Teh Chang for discovering and researching
     this issue.
     (CVE-2014-3505)
     [Adam Langley]

  *) If a multithreaded client connects to a malicious server using a resumed
     session and the server sends an ec point format extension it could write
     up to 255 bytes to freed memory.

     Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this
     issue.
     (CVE-2014-3509)
     [Gabor Tyukasz]

  *) A malicious server can crash an OpenSSL client with a null pointer
     dereference (read) by specifying an SRP ciphersuite even though it was not
     properly negotiated with the client. This can be exploited through a
     Denial of Service attack.

     Thanks to Joonas Kuorilehto and Riku Hietamki (Codenomicon) for
     discovering and researching this issue.
     (CVE-2014-5139)
     [Steve Henson]

  *) A flaw in OBJ_obj2txt may cause pretty printing functions such as
     X509_name_oneline, X509_name_print_ex et al. to leak some information
     from the stack. Applications may be affected if they echo pretty printing
     output to the attacker.

     Thanks to Ivan Fratric (Google) for discovering this issue.
     (CVE-2014-3508)
     [Emilia Ksper, and Steve Henson]

  *) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.)
     for corner cases. (Certain input points at infinity could lead to
     bogus results, with non-infinity inputs mapped to infinity too.)
     [Bodo Moeller]

Revision 1.194: download - view: text, markup, annotated - select for diffs
Fri Jul 18 10:32:37 2014 UTC (10 years, 4 months ago) by ryoon
Branches: MAIN
Diff to: previous 1.193: preferred, colored
Changes since revision 1.193: +4 -1 lines
SCO OpenServer 5.0.7/3.2 does not support SSSE3.

Revision 1.185.2.2: download - view: text, markup, annotated - select for diffs
Thu Jun 5 13:20:18 2014 UTC (10 years, 6 months ago) by tron
Branches: pkgsrc-2014Q1
Diff to: previous 1.185.2.1: preferred, colored; branchpoint 1.185: preferred, colored; next MAIN 1.186: preferred, colored
Changes since revision 1.185.2.1: +5 -2 lines
Pullup ticket #4431 - requested by wiz
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.193
- security/openssl/builtin.mk                                   1.42
- security/openssl/distinfo                                     1.106-1.107
- security/openssl/patches/patch-Configure                      1.2
- security/openssl/patches/patch-Makefile.org                   1.2
- security/openssl/patches/patch-Makefile.shared                1.2
- security/openssl/patches/patch-apps_Makefile                  1.2
- security/openssl/patches/patch-config                         1.2
- security/openssl/patches/patch-crypto_bn_bn__prime.pl         1.2
- security/openssl/patches/patch-crypto_des_Makefile            1.1
- security/openssl/patches/patch-crypto_dso_dso__dlfcn.c        1.2
- security/openssl/patches/patch-doc_apps_cms.pod               deleted
- security/openssl/patches/patch-doc_apps_smine.pod             deleted
- security/openssl/patches/patch-doc_ssl_SSL__COMP__add__compression__method.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__add__session.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__load__verify__locations.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__session__id__context.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__ssl__version.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__accept.pod        deleted
- security/openssl/patches/patch-doc_ssl_SSL__clear.pod         deleted
- security/openssl/patches/patch-doc_ssl_SSL__connect.pod       deleted
- security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__read.pod          deleted
- security/openssl/patches/patch-doc_ssl_SSL__session__reused.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__set__fd.pod       deleted
- security/openssl/patches/patch-doc_ssl_SSL__set__session.pod  deleted
- security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod      deleted
- security/openssl/patches/patch-doc_ssl_SSL__write.pod         deleted
- security/openssl/patches/patch-engines_ccgost_Makefile        1.2
- security/openssl/patches/patch-tools_Makefile                 1.2

---
   Module Name:	pkgsrc
   Committed By:	rodent
   Date:		Tue May 13 02:23:11 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: distinfo
   	pkgsrc/security/openssl/patches: patch-Configure patch-Makefile.org
   	    patch-Makefile.shared patch-apps_Makefile patch-config
   	    patch-crypto_bn_bn__prime.pl patch-crypto_dso_dso__dlfcn.c
   	    patch-doc_apps_cms.pod patch-doc_apps_smine.pod
   	    patch-doc_ssl_SSL__COMP__add__compression__method.pod
   	    patch-doc_ssl_SSL__CTX__add__session.pod
   	    patch-doc_ssl_SSL__CTX__load__verify__locations.pod
   	    patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
   	    patch-doc_ssl_SSL__CTX__set__session__id__context.pod
   	    patch-doc_ssl_SSL__CTX__set__ssl__version.pod
   	    patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
   	    patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__clear.pod
   	    patch-doc_ssl_SSL__connect.pod patch-doc_ssl_SSL__do__handshake.pod
   	    patch-doc_ssl_SSL__read.pod patch-doc_ssl_SSL__session__reused.pod
   	    patch-doc_ssl_SSL__set__fd.pod patch-doc_ssl_SSL__set__session.pod
   	    patch-doc_ssl_SSL__shutdown.pod patch-doc_ssl_SSL__write.pod
   	    patch-engines_ccgost_Makefile patch-tools_Makefile
   Added Files:
   	pkgsrc/security/openssl/patches: patch-crypto_des_Makefile

   Log Message:
   Fix build on OpenBSD/sparc64. Defuzz patches (sorry if this is annoying).

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Thu Jun  5 12:16:06 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile builtin.mk distinfo
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-doc_apps_cms.pod
   	    patch-doc_apps_smine.pod
   	    patch-doc_ssl_SSL__COMP__add__compression__method.pod
   	    patch-doc_ssl_SSL__CTX__add__session.pod
   	    patch-doc_ssl_SSL__CTX__load__verify__locations.pod
   	    patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
   	    patch-doc_ssl_SSL__CTX__set__session__id__context.pod
   	    patch-doc_ssl_SSL__CTX__set__ssl__version.pod
   	    patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
   	    patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__clear.pod
   	    patch-doc_ssl_SSL__connect.pod patch-doc_ssl_SSL__do__handshake.pod
   	    patch-doc_ssl_SSL__read.pod patch-doc_ssl_SSL__session__reused.pod
   	    patch-doc_ssl_SSL__set__fd.pod patch-doc_ssl_SSL__set__session.pod
   	    patch-doc_ssl_SSL__shutdown.pod patch-doc_ssl_SSL__write.pod

   Log Message:
   Update to 1.0.1h:

     Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]

         o Fix for CVE-2014-0224
         o Fix for CVE-2014-0221
         o Fix for CVE-2014-0195
         o Fix for CVE-2014-3470
         o Fix for CVE-2010-5298

Revision 1.193: download - view: text, markup, annotated - select for diffs
Thu Jun 5 12:16:06 2014 UTC (10 years, 6 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2014Q2-base
Branch point for: pkgsrc-2014Q2
Diff to: previous 1.192: preferred, colored
Changes since revision 1.192: +2 -3 lines
Update to 1.0.1h:

  Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]

      o Fix for CVE-2014-0224
      o Fix for CVE-2014-0221
      o Fix for CVE-2014-0195
      o Fix for CVE-2014-3470
      o Fix for CVE-2010-5298

Revision 1.192: download - view: text, markup, annotated - select for diffs
Thu Jun 5 03:14:05 2014 UTC (10 years, 6 months ago) by obache
Branches: MAIN
Diff to: previous 1.191: preferred, colored
Changes since revision 1.191: +5 -2 lines
Fixes missing override of pc files.
PR pkg/48871.

Bump PKGREVISION.

Revision 1.191: download - view: text, markup, annotated - select for diffs
Thu Jun 5 02:53:18 2014 UTC (10 years, 6 months ago) by obache
Branches: MAIN
Diff to: previous 1.190: preferred, colored
Changes since revision 1.190: +1 -2 lines
No reason to require gtar.

Revision 1.190: download - view: text, markup, annotated - select for diffs
Thu May 29 23:37:20 2014 UTC (10 years, 6 months ago) by wiz
Branches: MAIN
Diff to: previous 1.189: preferred, colored
Changes since revision 1.189: +2 -1 lines
Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.

Revision 1.189: download - view: text, markup, annotated - select for diffs
Thu May 15 09:59:32 2014 UTC (10 years, 6 months ago) by wiz
Branches: MAIN
Diff to: previous 1.188: preferred, colored
Changes since revision 1.188: +2 -1 lines
Set LICENSE.

Revision 1.185.2.1: download - view: text, markup, annotated - select for diffs
Tue Apr 8 10:09:26 2014 UTC (10 years, 8 months ago) by tron
Branches: pkgsrc-2014Q1
Diff to: previous 1.185: preferred, colored
Changes since revision 1.185: +3 -3 lines
Pullup ticket #4359 - requested by obache
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.186-1.188
- security/openssl/distinfo                                     1.103-1.104
- security/openssl/patches/patch-Configure                      1.1
- security/openssl/patches/patch-Makefile.org                   1.1
- security/openssl/patches/patch-Makefile.shared                1.1
- security/openssl/patches/patch-aa                             deleted
- security/openssl/patches/patch-ac                             deleted
- security/openssl/patches/patch-ad                             deleted
- security/openssl/patches/patch-ae                             deleted
- security/openssl/patches/patch-af                             deleted
- security/openssl/patches/patch-ag                             deleted
- security/openssl/patches/patch-ak                             deleted
- security/openssl/patches/patch-apps_Makefile                  1.1
- security/openssl/patches/patch-config                         1.1
- security/openssl/patches/patch-crypto_bn_bn__prime.pl         1.1
- security/openssl/patches/patch-tools_Makefile                 1.1

---
   Module Name:	pkgsrc
   Committed By:	he
   Date:		Wed Apr  2 12:11:35 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Added Files:
   	pkgsrc/security/openssl/patches: patch-Configure patch-Makefile.org
   	    patch-Makefile.shared patch-apps_Makefile patch-config
   	    patch-crypto_bn_bn.h patch-crypto_bn_bn__lib.c
   	    patch-crypto_bn_bn__prime.pl patch-crypto_ec_ec2__mult.c
   	    patch-tools_Makefile
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-aa patch-ac patch-ad patch-ae
   	    patch-af patch-ag patch-ak

   Log Message:
   Rename all remaining patch-?? files using the newer naming convention.

   Add a fix for CVE-2014-0076:

     Fix for the attack described in the paper "Recovering OpenSSL
     ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
     by Yuval Yarom and Naomi Benger. Details can be obtained from:
     http://eprint.iacr.org/2014/140

     Thanks to Yuval Yarom and Naomi Benger for discovering this
     flaw and to Yuval Yarom for supplying a fix.

   Fix from culled from
   http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f
   91e57d247d0fc667aef29

   Bump PKGREVISION.

---
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Tue Apr  8 02:48:38 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile

   Log Message:
   p5-Perl4-CoreLibs is not required for perl<5.16

---
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Tue Apr  8 06:20:44 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-crypto_bn_bn.h
   	    patch-crypto_bn_bn__lib.c patch-crypto_ec_ec2__mult.c

   Log Message:
   Update openssl to 1.0.1g.
   (CVE-2014-0076 is already fixed in pkgsrc).

    OpenSSL CHANGES
    _______________

    Changes between 1.0.1f and 1.0.1g [7 Apr 2014]

     *) A missing bounds check in the handling of the TLS heartbeat extension
        can be used to reveal up to 64k of memory to a connected client or
        server.

        Thanks for Neel Mehta of Google Security for discovering this bug and
   to
        Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
        preparing the fix (CVE-2014-0160)
        [Adam Langley, Bodo Moeller]

     *) Fix for the attack described in the paper "Recovering OpenSSL
        ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
        by Yuval Yarom and Naomi Benger. Details can be obtained from:
        http://eprint.iacr.org/2014/140

        Thanks to Yuval Yarom and Naomi Benger for discovering this
        flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
        [Yuval Yarom and Naomi Benger]

     *) TLS pad extension: draft-agl-tls-padding-03

        Workaround for the "TLS hang bug" (see FAQ and opensslPR#2771): if the
        TLS client Hello record length value would otherwise be > 255 and
        less that 512 pad with a dummy extension containing zeroes so it
        is at least 512 bytes long.

        [Adam Langley, Steve Henson]

Revision 1.188: download - view: text, markup, annotated - select for diffs
Tue Apr 8 06:20:44 2014 UTC (10 years, 8 months ago) by obache
Branches: MAIN
Diff to: previous 1.187: preferred, colored
Changes since revision 1.187: +2 -3 lines
Update openssl to 1.0.1g.
(CVE-2014-0076 is already fixed in pkgsrc).

 OpenSSL CHANGES
 _______________

 Changes between 1.0.1f and 1.0.1g [7 Apr 2014]

  *) A missing bounds check in the handling of the TLS heartbeat extension
     can be used to reveal up to 64k of memory to a connected client or
     server.

     Thanks for Neel Mehta of Google Security for discovering this bug and to
     Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
     preparing the fix (CVE-2014-0160)
     [Adam Langley, Bodo Moeller]

  *) Fix for the attack described in the paper "Recovering OpenSSL
     ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
     by Yuval Yarom and Naomi Benger. Details can be obtained from:
     http://eprint.iacr.org/2014/140

     Thanks to Yuval Yarom and Naomi Benger for discovering this
     flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
     [Yuval Yarom and Naomi Benger]

  *) TLS pad extension: draft-agl-tls-padding-03

     Workaround for the "TLS hang bug" (see FAQ and opensslPR#2771): if the
     TLS client Hello record length value would otherwise be > 255 and
     less that 512 pad with a dummy extension containing zeroes so it
     is at least 512 bytes long.

     [Adam Langley, Steve Henson]

Revision 1.187: download - view: text, markup, annotated - select for diffs
Tue Apr 8 02:48:38 2014 UTC (10 years, 8 months ago) by obache
Branches: MAIN
Diff to: previous 1.186: preferred, colored
Changes since revision 1.186: +2 -2 lines
p5-Perl4-CoreLibs is not required for perl<5.16

Revision 1.186: download - view: text, markup, annotated - select for diffs
Wed Apr 2 12:11:35 2014 UTC (10 years, 8 months ago) by he
Branches: MAIN
Diff to: previous 1.185: preferred, colored
Changes since revision 1.185: +2 -1 lines
Rename all remaining patch-?? files using the newer naming convention.

Add a fix for CVE-2014-0076:

  Fix for the attack described in the paper "Recovering OpenSSL
  ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
  by Yuval Yarom and Naomi Benger. Details can be obtained from:
  http://eprint.iacr.org/2014/140

  Thanks to Yuval Yarom and Naomi Benger for discovering this
  flaw and to Yuval Yarom for supplying a fix.

Fix from culled from
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29

Bump PKGREVISION.

Revision 1.185: download - view: text, markup, annotated - select for diffs
Thu Mar 13 11:08:52 2014 UTC (10 years, 8 months ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2014Q1-base
Branch point for: pkgsrc-2014Q1
Diff to: previous 1.184: preferred, colored
Changes since revision 1.184: +3 -1 lines
Set USE_GCC_RUNTIME=yes for packages which build shared libraries but do
not use libtool to do so.  This is required to correctly depend upon a
gcc runtime package (e.g. gcc47-libs) when using USE_PKGSRC_GCC_RUNTIME.

Revision 1.184: download - view: text, markup, annotated - select for diffs
Sat Mar 8 08:53:14 2014 UTC (10 years, 9 months ago) by obache
Branches: MAIN
Diff to: previous 1.183: preferred, colored
Changes since revision 1.183: +1 -3 lines
Cygwin also has shlib.

Revision 1.182.2.1: download - view: text, markup, annotated - select for diffs
Fri Jan 10 18:00:39 2014 UTC (10 years, 10 months ago) by spz
Branches: pkgsrc-2013Q4
Diff to: previous 1.182: preferred, colored; next MAIN 1.183: preferred, colored
Changes since revision 1.182: +2 -3 lines
Pullup ticket #4293 - requested by tron
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.183
- security/openssl/distinfo                                     1.101
- security/openssl/patches/patch-doc_crypto_X509__STORE__CTX__get__error.pod deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod 1.2
- security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod 1.2
- security/openssl/patches/patch-doc_ssl_SSL__accept.pod        1.2
- security/openssl/patches/patch-doc_ssl_SSL__connect.pod       1.2
- security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod 1.2
- security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod      1.2

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Fri Jan 10 14:32:42 UTC 2014

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   	pkgsrc/security/openssl/patches:
   	    patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
   	    patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
   	    patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__connect.pod
   	    patch-doc_ssl_SSL__do__handshake.pod
   	    patch-doc_ssl_SSL__shutdown.pod
   Removed Files:
   	pkgsrc/security/openssl/patches:
   	    patch-doc_crypto_X509__STORE__CTX__get__error.pod

   Log Message:
   Update "openssl" package to version 1.0.1f. Changes since 1.0.1e:
   - Fix for TLS record tampering bug. A carefully crafted invalid
     handshake could crash OpenSSL with a NULL pointer exception.
     Thanks to Anton Johansson for reporting this issues.
     (CVE-2013-4353)
   - Keep original DTLS digest and encryption contexts in retransmission
     structures so we can use the previous session parameters if they need
     to be resent. (CVE-2013-6450)
     [Steve Henson]
   - Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
     avoids preferring ECDHE-ECDSA ciphers when the client appears to be
     Safari on OS X.  Safari on OS X 10.8..10.8.3 advertises support for
     several ECDHE-ECDSA ciphers, but fails to negotiate them.  The bug
     is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
     10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
     [Rob Stradling, Adam Langley]


   To generate a diff of this commit:
   cvs rdiff -u -r1.182 -r1.183 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.100 -r1.101 pkgsrc/security/openssl/distinfo
   cvs rdiff -u -r1.1 -r0 \
       pkgsrc/security/openssl/patches/patch-doc_crypto_X509__STORE__CTX__get__error.pod
   cvs rdiff -u -r1.1 -r1.2 \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__accept.pod \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__connect.pod \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod

Revision 1.183: download - view: text, markup, annotated - select for diffs
Fri Jan 10 14:32:42 2014 UTC (10 years, 10 months ago) by tron
Branches: MAIN
Diff to: previous 1.182: preferred, colored
Changes since revision 1.182: +2 -3 lines
Update "openssl" package to version 1.0.1f. Changes since 1.0.1e:
- Fix for TLS record tampering bug. A carefully crafted invalid
  handshake could crash OpenSSL with a NULL pointer exception.
  Thanks to Anton Johansson for reporting this issues.
  (CVE-2013-4353)
- Keep original DTLS digest and encryption contexts in retransmission
  structures so we can use the previous session parameters if they need
  to be resent. (CVE-2013-6450)
  [Steve Henson]
- Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
  avoids preferring ECDHE-ECDSA ciphers when the client appears to be
  Safari on OS X.  Safari on OS X 10.8..10.8.3 advertises support for
  several ECDHE-ECDSA ciphers, but fails to negotiate them.  The bug
  is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
  10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
  [Rob Stradling, Adam Langley]

Revision 1.179.2.1: download - view: text, markup, annotated - select for diffs
Tue Nov 5 07:05:41 2013 UTC (11 years, 1 month ago) by spz
Branches: pkgsrc-2013Q3
Diff to: previous 1.179: preferred, colored; next MAIN 1.180: preferred, colored
Changes since revision 1.179: +6 -1 lines
Pullup ticket #4250 - requested by joerg
security/openssl: build fix for Linux/POWERPC64

Revisions pulled up:
- security/openssl/Makefile                               by patch

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	joerg
   Date:		Tue Oct 29 21:33:21 UTC 2013

   Modified Files:
   	pkgsrc/security/openssl: Makefile

   Log Message:
   For Linux/POWERPC64 override the default target, otherwise bad things
   happen (TM).


   To generate a diff of this commit:
   cvs rdiff -u -r1.181 -r1.182 pkgsrc/security/openssl/Makefile

Revision 1.182: download - view: text, markup, annotated - select for diffs
Tue Oct 29 21:33:21 2013 UTC (11 years, 1 month ago) by joerg
Branches: MAIN
CVS tags: pkgsrc-2013Q4-base
Branch point for: pkgsrc-2013Q4
Diff to: previous 1.181: preferred, colored
Changes since revision 1.181: +6 -1 lines
For Linux/POWERPC64 override the default target, otherwise bad things
happen (TM).

Revision 1.181: download - view: text, markup, annotated - select for diffs
Sat Oct 5 07:01:06 2013 UTC (11 years, 2 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.180: preferred, colored
Changes since revision 1.180: +2 -1 lines
Unbreak previous.

Revision 1.180: download - view: text, markup, annotated - select for diffs
Thu Oct 3 11:15:48 2013 UTC (11 years, 2 months ago) by joerg
Branches: MAIN
Diff to: previous 1.179: preferred, colored
Changes since revision 1.179: +7 -10 lines
Don't mess with the normal PLIST.${OPSYS} logic. Use a variable to
control whether PLIST.shlib should be included or not.

Revision 1.179: download - view: text, markup, annotated - select for diffs
Fri Jul 26 11:27:02 2013 UTC (11 years, 4 months ago) by ryoon
Branches: MAIN
CVS tags: pkgsrc-2013Q3-base
Branch point for: pkgsrc-2013Q3
Diff to: previous 1.178: preferred, colored
Changes since revision 1.178: +2 -2 lines
Bump PKGREVISION.

* For DragonFly, use its own condition.
* Add Debian GNU/kFreeBSD support.

Revision 1.178: download - view: text, markup, annotated - select for diffs
Fri Jun 7 07:17:15 2013 UTC (11 years, 6 months ago) by obache
Branches: MAIN
CVS tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Diff to: previous 1.177: preferred, colored
Changes since revision 1.177: +2 -2 lines
require `fgrep' as a tool.

fixes build on Haiku, noticed by diger in pkgsrc-users@.

Revision 1.177: download - view: text, markup, annotated - select for diffs
Fri May 31 12:41:52 2013 UTC (11 years, 6 months ago) by wiz
Branches: MAIN
Diff to: previous 1.176: preferred, colored
Changes since revision 1.176: +2 -1 lines
Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.

Revision 1.176: download - view: text, markup, annotated - select for diffs
Wed Feb 13 14:35:19 2013 UTC (11 years, 9 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1
Diff to: previous 1.175: preferred, colored
Changes since revision 1.175: +2 -3 lines
Update OpenSSL to 1.0.1e.  ("Corrected fix" was already incorporated in pkgsrc.)

OpenSSL version 1.0.1e released
===============================

OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/

The OpenSSL project team is pleased to announce the release of
version 1.0.1e of our open source toolkit for SSL/TLS. This new
OpenSSL version is a new feature release. For a complete
list of changes, please see

    http://www.openssl.org/source/exp/CHANGES.

The most significant changes are:

   o Corrected fix for CVE-2013-0169

Revision 1.170.2.1: download - view: text, markup, annotated - select for diffs
Fri Feb 8 16:18:59 2013 UTC (11 years, 9 months ago) by tron
Branches: pkgsrc-2012Q4
Diff to: previous 1.170: preferred, colored; next MAIN 1.171: preferred, colored
Changes since revision 1.170: +2 -3 lines
Pullup ticket #4055 - requested by taca
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.172
- security/openssl/distinfo                                     1.91

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Feb  5 15:54:31 UTC 2013

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update openssl to 0.9.8y.

    Changes between 0.9.8x and 0.9.8y [5 Feb 2013]

     *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time=
   .=


        This addresses the flaw in CBC record processing discovered by
        Nadhem Alfardan and Kenny Paterson. Details of this attack can be =
   found
        at: http://www.isg.rhul.ac.uk/tls/

        Thanks go to Nadhem Alfardan and Kenny Paterson of the Information=

        Security Group at Royal Holloway, University of London
        (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley an=
   d
        Emilia K=E4sper for the initial patch.
        (CVE-2013-0169)
        [Emilia K=E4sper, Adam Langley, Ben Laurie, Andy Polyakov, Steve H=
   enson]

     *) Return an error when checking OCSP signatures when key is NULL.
        This fixes a DoS attack. (CVE-2013-0166)
        [Steve Henson]

     *) Call OCSP Stapling callback after ciphersuite has been chosen, so
        the right response is stapled. Also change SSL_get_certificate()
        so it returns the certificate actually sent.
        See http://rt.openssl.org/Ticket/Display.html?id=3D2836.
        (This is a backport)
        [Rob Stradling <rob.stradling@comodo.com>]

     *) Fix possible deadlock when decoding public keys.
        [Steve Henson]

Revision 1.175: download - view: text, markup, annotated - select for diffs
Fri Feb 8 14:11:08 2013 UTC (11 years, 9 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.174: preferred, colored
Changes since revision 1.174: +2 -2 lines
Apply upstream patch to fix data corruption.

Bump PKGREVISION.

Revision 1.174: download - view: text, markup, annotated - select for diffs
Wed Feb 6 23:20:57 2013 UTC (11 years, 10 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.173: preferred, colored
Changes since revision 1.173: +2 -1 lines
PKGREVISION bumps for the security/openssl 1.0.1d update.

Revision 1.173: download - view: text, markup, annotated - select for diffs
Wed Feb 6 21:40:33 2013 UTC (11 years, 10 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.172: preferred, colored
Changes since revision 1.172: +3 -22 lines
Update OpenSSL to 1.0.1d.  Changes are far too numerous to list, the main one being
that we can now take advantage of AES-NI support in modern processors to significantly
increase performance.

Miscellaneous pkgsrc changes:

 - Remove unnecessary warning message on Solaris.
 - Fix RPATH for libgost.so.
 - MD2 support is optional, enabled by default for compatability.

Revision 1.172: download - view: text, markup, annotated - select for diffs
Tue Feb 5 15:54:30 2013 UTC (11 years, 10 months ago) by taca
Branches: MAIN
Diff to: previous 1.171: preferred, colored
Changes since revision 1.171: +2 -3 lines
Update openssl to 0.9.8y.


 Changes between 0.9.8x and 0.9.8y [5 Feb 2013]

  *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.

     This addresses the flaw in CBC record processing discovered by
     Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
     at: http://www.isg.rhul.ac.uk/tls/

     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
     Security Group at Royal Holloway, University of London
     (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
     Emilia Käsper for the initial patch.
     (CVE-2013-0169)
     [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]

  *) Return an error when checking OCSP signatures when key is NULL.
     This fixes a DoS attack. (CVE-2013-0166)
     [Steve Henson]

  *) Call OCSP Stapling callback after ciphersuite has been chosen, so
     the right response is stapled. Also change SSL_get_certificate()
     so it returns the certificate actually sent.
     See http://rt.openssl.org/Ticket/Display.html?id=2836.
     (This is a backport)
     [Rob Stradling <rob.stradling@comodo.com>]

  *) Fix possible deadlock when decoding public keys.
     [Steve Henson]

Revision 1.171: download - view: text, markup, annotated - select for diffs
Fri Feb 1 13:13:22 2013 UTC (11 years, 10 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.170: preferred, colored
Changes since revision 1.170: +2 -2 lines
Fix the first master site.

Revision 1.170: download - view: text, markup, annotated - select for diffs
Tue Oct 23 18:16:38 2012 UTC (12 years, 1 month ago) by asau
Branches: MAIN
CVS tags: pkgsrc-2012Q4-base
Branch point for: pkgsrc-2012Q4
Diff to: previous 1.169: preferred, colored
Changes since revision 1.169: +1 -2 lines
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

Revision 1.169: download - view: text, markup, annotated - select for diffs
Fri Oct 5 09:36:31 2012 UTC (12 years, 2 months ago) by wiz
Branches: MAIN
Diff to: previous 1.168: preferred, colored
Changes since revision 1.168: +4 -1 lines
Add build dependency on p5-Perl4-CoreLibs, needed since a script
uses find.pl.
Reported by Jörn Clausen in PR 47036.

Revision 1.168: download - view: text, markup, annotated - select for diffs
Wed Oct 3 21:57:25 2012 UTC (12 years, 2 months ago) by wiz
Branches: MAIN
Diff to: previous 1.167: preferred, colored
Changes since revision 1.167: +2 -1 lines
Bump all packages that use perl, or depend on a p5-* package, or
are called p5-*.

I hope that's all of them.

Revision 1.164.2.3: download - view: text, markup, annotated - select for diffs
Fri May 11 14:56:49 2012 UTC (12 years, 6 months ago) by tron
Branches: pkgsrc-2012Q1
Diff to: previous 1.164.2.2: preferred, colored; branchpoint 1.164: preferred, colored; next MAIN 1.165: preferred, colored
Changes since revision 1.164.2.2: +2 -2 lines
Pullup ticket #3782 - requested by taca
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.167
- security/openssl/distinfo                                     1.89

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri May 11 13:27:27 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update openssl to 0.9.8x.

    OpenSSL CHANGES
    _______________

    Changes between 0.9.8w and 0.9.8x [10 May 2012]

     *) Sanity check record length before skipping explicit IV in DTLS
        to fix DoS attack.

        Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
        fuzzing as a service testing platform.
        (CVE-2012-2333)
        [Steve Henson]

     *) Initialise tkeylen properly when encrypting CMS messages.
        Thanks to Solar Designer of Openwall for reporting this issue.
        [Steve Henson]

Revision 1.167: download - view: text, markup, annotated - select for diffs
Fri May 11 13:27:26 2012 UTC (12 years, 6 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2
Diff to: previous 1.166: preferred, colored
Changes since revision 1.166: +2 -2 lines
Update openssl to 0.9.8x.


 OpenSSL CHANGES
 _______________

 Changes between 0.9.8w and 0.9.8x [10 May 2012]

  *) Sanity check record length before skipping explicit IV in DTLS
     to fix DoS attack.

     Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
     fuzzing as a service testing platform.
     (CVE-2012-2333)
     [Steve Henson]

  *) Initialise tkeylen properly when encrypting CMS messages.
     Thanks to Solar Designer of Openwall for reporting this issue.
     [Steve Henson]

Revision 1.164.2.2: download - view: text, markup, annotated - select for diffs
Tue Apr 24 07:47:28 2012 UTC (12 years, 7 months ago) by sbd
Branches: pkgsrc-2012Q1
Diff to: previous 1.164.2.1: preferred, colored; branchpoint 1.164: preferred, colored
Changes since revision 1.164.2.1: +2 -2 lines
Pullup ticket #3755 - requested by taca
security/openssl security update.

Revisions pulled up:
- security/openssl/Makefile                                     1.166
- security/openssl/distinfo                                     1.88

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Apr 24 05:03:49 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update openssl package to 0.9.8w.

   Security fix for CVS-2012-2131.

    Changes between 0.9.8v and 0.9.8w [23 Apr 2012]

     *) The fix for CVE-2012-2110 did not take into account that the
        'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
        int in OpenSSL 0.9.8, making it still vulnerable. Fix by
        rejecting negative len parameter. (CVE-2012-2131)
        [Tomas Hoger <thoger@redhat.com>]

Revision 1.166: download - view: text, markup, annotated - select for diffs
Tue Apr 24 05:03:48 2012 UTC (12 years, 7 months ago) by taca
Branches: MAIN
Diff to: previous 1.165: preferred, colored
Changes since revision 1.165: +2 -2 lines
Update openssl package to 0.9.8w.

Security fix for CVS-2012-2131.

 Changes between 0.9.8v and 0.9.8w [23 Apr 2012]

  *) The fix for CVE-2012-2110 did not take into account that the
     'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
     int in OpenSSL 0.9.8, making it still vulnerable. Fix by
     rejecting negative len parameter. (CVE-2012-2131)
     [Tomas Hoger <thoger@redhat.com>]

Revision 1.164.2.1: download - view: text, markup, annotated - select for diffs
Sun Apr 22 15:21:43 2012 UTC (12 years, 7 months ago) by spz
Branches: pkgsrc-2012Q1
Diff to: previous 1.164: preferred, colored
Changes since revision 1.164: +2 -2 lines
Pullup ticket #3749 - requested by taca
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.165
- security/openssl/distinfo                                     1.87

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Apr 21 07:38:14 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update openssl package to 0.9.8v.

   NEWS
   ====

   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.

   Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v:

       o Fix for ASN1 overflow bug CVE-2012-2110


   To generate a diff of this commit:
   cvs rdiff -u -r1.164 -r1.165 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.86 -r1.87 pkgsrc/security/openssl/distinfo

Revision 1.165: download - view: text, markup, annotated - select for diffs
Sat Apr 21 07:38:14 2012 UTC (12 years, 7 months ago) by taca
Branches: MAIN
Diff to: previous 1.164: preferred, colored
Changes since revision 1.164: +2 -2 lines
Update openssl package to 0.9.8v.


NEWS
====

This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.

Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v:

    o Fix for ASN1 overflow bug CVE-2012-2110

Revision 1.164: download - view: text, markup, annotated - select for diffs
Wed Mar 14 22:48:58 2012 UTC (12 years, 8 months ago) by cegger
Branches: MAIN
CVS tags: pkgsrc-2012Q1-base
Branch point for: pkgsrc-2012Q1
Diff to: previous 1.163: preferred, colored
Changes since revision 1.163: +3 -1 lines
configure script expects darwin-ppc-cc and not darwin-powerpc-cc.
'should be ok' joerg@

Revision 1.159.2.3: download - view: text, markup, annotated - select for diffs
Wed Mar 14 14:48:33 2012 UTC (12 years, 8 months ago) by tron
Branches: pkgsrc-2011Q4
Diff to: previous 1.159.2.2: preferred, colored; branchpoint 1.159: preferred, colored; next MAIN 1.160: preferred, colored
Changes since revision 1.159.2.2: +1 -2 lines
Pullup ticket #3702 - requested by taca
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.163
- security/openssl/distinfo                                     1.86
- security/openssl/patches/patch-asn_mime.c                     deleted

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Mar 13 03:11:32 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-asn_mime.c

   Log Message:
   Update openssl pacakge to 0.9.8u.

    Changes between 0.9.8t and 0.9.8u [12 Mar 2012]

     *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
        in CMS and PKCS7 code. When RSA decryption fails use a random key for
        content decryption and always return the same error. Note: this attack
        needs on average 2^20 messages so it only affects automated senders. The
        old behaviour can be reenabled in the CMS code by setting the
        CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
        an MMA defence is not necessary.
        Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
        this issue. (CVE-2012-0884)
        [Steve Henson]

     *) Fix CVE-2011-4619: make sure we really are receiving a
        client hello before rejecting multiple SGC restarts. Thanks to
        Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
        [Steve Henson]

Revision 1.163: download - view: text, markup, annotated - select for diffs
Tue Mar 13 03:11:32 2012 UTC (12 years, 8 months ago) by taca
Branches: MAIN
Diff to: previous 1.162: preferred, colored
Changes since revision 1.162: +2 -3 lines
Update openssl pacakge to 0.9.8u.

 Changes between 0.9.8t and 0.9.8u [12 Mar 2012]

  *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
     in CMS and PKCS7 code. When RSA decryption fails use a random key for
     content decryption and always return the same error. Note: this attack
     needs on average 2^20 messages so it only affects automated senders. The
     old behaviour can be reenabled in the CMS code by setting the
     CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
     an MMA defence is not necessary.
     Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
     this issue. (CVE-2012-0884)
     [Steve Henson]

  *) Fix CVE-2011-4619: make sure we really are receiving a
     client hello before rejecting multiple SGC restarts. Thanks to
     Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
     [Steve Henson]

Revision 1.159.2.2: download - view: text, markup, annotated - select for diffs
Tue Mar 6 10:29:29 2012 UTC (12 years, 9 months ago) by tron
Branches: pkgsrc-2011Q4
Diff to: previous 1.159.2.1: preferred, colored; branchpoint 1.159: preferred, colored
Changes since revision 1.159.2.1: +2 -1 lines
Pullup ticket #3698 - requested by pettai
security/openssl: security patch

Revisions pulled up:
- security/openssl/Makefile                                     1.162
- security/openssl/distinfo                                     1.85
- security/openssl/patches/patch-asn_mime.c                     1.1

---
   Module Name:	pkgsrc
   Committed By:	pettai
   Date:		Mon Mar  5 00:26:55 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Added Files:
   	pkgsrc/security/openssl/patches: patch-asn_mime.c

   Log Message:
   Add fix for CVE-2006-7250

Revision 1.162: download - view: text, markup, annotated - select for diffs
Mon Mar 5 00:26:54 2012 UTC (12 years, 9 months ago) by pettai
Branches: MAIN
Diff to: previous 1.161: preferred, colored
Changes since revision 1.161: +2 -1 lines
Add fix for CVE-2006-7250

Revision 1.161: download - view: text, markup, annotated - select for diffs
Tue Jan 31 05:51:52 2012 UTC (12 years, 10 months ago) by sno
Branches: MAIN
Diff to: previous 1.160: preferred, colored
Changes since revision 1.160: +20 -1 lines
add HP-UX handling for Configure parameters

Revision 1.159.2.1: download - view: text, markup, annotated - select for diffs
Thu Jan 19 06:11:48 2012 UTC (12 years, 10 months ago) by sbd
Branches: pkgsrc-2011Q4
Diff to: previous 1.159: preferred, colored
Changes since revision 1.159: +2 -2 lines
Pullup ticket #3656 - requested by taca
security/openssl security fix

Revisions pulled up:
- security/openssl/Makefile                                     1.160
- security/openssl/distinfo                                     1.84

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Jan 19 00:51:23 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update security/openssl package to 0.9.8t.

    OpenSSL CHANGES
    _______________

    Changes between 0.9.8s and 0.9.8t [18 Jan 2012]

     *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
        Thanks to Antonio Martin, Enterprise Secure Access Research and
        Development, Cisco Systems, Inc. for discovering this bug and
        preparing a fix. (CVE-2012-0050)
        [Antonio Martin]

Revision 1.160: download - view: text, markup, annotated - select for diffs
Thu Jan 19 00:51:23 2012 UTC (12 years, 10 months ago) by taca
Branches: MAIN
Diff to: previous 1.159: preferred, colored
Changes since revision 1.159: +2 -2 lines
Update security/openssl package to 0.9.8t.

 OpenSSL CHANGES
 _______________

 Changes between 0.9.8s and 0.9.8t [18 Jan 2012]

  *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
     Thanks to Antonio Martin, Enterprise Secure Access Research and
     Development, Cisco Systems, Inc. for discovering this bug and
     preparing a fix. (CVE-2012-0050)
     [Antonio Martin]

Revision 1.159: download - view: text, markup, annotated - select for diffs
Fri Jan 6 03:26:23 2012 UTC (12 years, 11 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2011Q4-base
Branch point for: pkgsrc-2011Q4
Diff to: previous 1.158: preferred, colored
Changes since revision 1.158: +2 -3 lines
Update openssl pacakge to 0.9.8s.


 OpenSSL CHANGES
 _______________

 Changes between 0.9.8r and 0.9.8s [4 Jan 2012]

  *) Nadhem Alfardan and Kenny Paterson have discovered an extension
     of the Vaudenay padding oracle attack on CBC mode encryption
     which enables an efficient plaintext recovery attack against
     the OpenSSL implementation of DTLS. Their attack exploits timing
     differences arising during decryption processing. A research
     paper describing this attack can be found at:
                  http://www.isg.rhul.ac.uk/~kp/dtls.pdf
     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
     Security Group at Royal Holloway, University of London
     (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann
     <seggelmann@fh-muenster.de> and Michael Tuexen <tuexen@fh-muenster.de>
     for preparing the fix. (CVE-2011-4108)
     [Robin Seggelmann, Michael Tuexen]

  *) Stop policy check failure freeing same buffer twice. (CVE-2011-4109)
     [Ben Laurie, Kasper <ekasper@google.com>]

  *) Clear bytes used for block padding of SSL 3.0 records.
     (CVE-2011-4576)
     [Adam Langley (Google)]

  *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
     [Adam Langley (Google)]

  *) Prevent malformed RFC3779 data triggering an assertion failure.
     Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
     and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577)
     [Rob Austein <sra@hactrn.net>]

  *) Fix ssl_ciph.c set-up race.
     [Adam Langley (Google)]

  *) Fix spurious failures in ecdsatest.c.
     [Emilia Kper (Google)]

  *) Fix the BIO_f_buffer() implementation (which was mixing different
     interpretations of the '..._len' fields).
     [Adam Langley (Google)]

  *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than
     BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent
     threads won't reuse the same blinding coefficients.

     This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING
     lock to call BN_BLINDING_invert_ex, and avoids one use of
     BN_BLINDING_update for each BN_BLINDING structure (previously,
     the last update always remained unused).
     [Emilia Kper (Google)]

  *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
     for multi-threaded use of ECDH.
     [Adam Langley (Google)]

  *) Fix x509_name_ex_d2i memory leak on bad inputs.
     [Bodo Moeller]

  *) Add protection against ECDSA timing attacks as mentioned in the paper
     by Billy Bob Brumley and Nicola Tuveri, see:

	http://eprint.iacr.org/2011/232.pdf

     [Billy Bob Brumley and Nicola Tuveri]

 Changes between 0.9.8q and 0.9.8r [8 Feb 2011]

  *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
     [Neel Mehta, Adam Langley, Bodo Moeller (Google)]

  *) Fix bug in string printing code: if *any* escaping is enabled we must
     escape the escape character (backslash) or the resulting string is
     ambiguous.
     [Steve Henson]

 Changes between 0.9.8p and 0.9.8q [2 Dec 2010]

  *) Disable code workaround for ancient and obsolete Netscape browsers
     and servers: an attacker can use it in a ciphersuite downgrade attack.
     Thanks to Martin Rex for discovering this bug. CVE-2010-4180
     [Steve Henson]

  *) Fixed J-PAKE implementation error, originally discovered by
     Sebastien Martini, further info and confirmation from Stefan
     Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
     [Ben Laurie]

Revision 1.158: download - view: text, markup, annotated - select for diffs
Wed Nov 2 22:51:07 2011 UTC (13 years, 1 month ago) by jnemeth
Branches: MAIN
Diff to: previous 1.157: preferred, colored
Changes since revision 1.157: +2 -2 lines
Add a new threads option which is on by default.  The purpose of this is
to allow other packages that can't handle threads to link against this.

No revbump since there is no change to binary packages.

Revision 1.157: download - view: text, markup, annotated - select for diffs
Mon Jul 4 14:42:56 2011 UTC (13 years, 5 months ago) by tez
Branches: MAIN
CVS tags: pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2
Diff to: previous 1.156: preferred, colored
Changes since revision 1.156: +1 -1 lines
Correct the fix for http://secunia.com/advisories/44572/
See the thread here:
  http://www.mail-archive.com/openssl-dev@openssl.org/msg29283.html

Revision 1.155.2.1: download - view: text, markup, annotated - select for diffs
Sat Jun 4 01:42:24 2011 UTC (13 years, 6 months ago) by sbd
Branches: pkgsrc-2011Q1
Diff to: previous 1.155: preferred, colored; next MAIN 1.156: preferred, colored
Changes since revision 1.155: +2 -2 lines
Pullup ticket #3447 - requested by tez
security/openssl security fix

Revisions pulled up:
- security/openssl/Makefile                                     1.156
- security/openssl/distinfo                                     1.81
- security/openssl/patches/patch-crypto_ecdsa_ecs__ossl.c       1.1

---
   Module Name:    pkgsrc
   Committed By:   tez
   Date:           Tue May 31 17:18:42 UTC 2011

   Modified Files:
           pkgsrc/security/openssl: Makefile distinfo
   Added Files:
           pkgsrc/security/openssl/patches: patch-crypto_ecdsa_ecs__ossl.c

   Log Message:
   Add protection against ECDSA timing attacks as mentioned in the paper
   by Billy Bob Brumley and Nicola Tuveri, see:
     http://eprint.iacr.org/2011/232.pdf
   [Billy Bob Brumley and Nicola Tuveri]

   (patch confirmed in upstream cvs)

Revision 1.156: download - view: text, markup, annotated - select for diffs
Tue May 31 17:18:42 2011 UTC (13 years, 6 months ago) by tez
Branches: MAIN
Diff to: previous 1.155: preferred, colored
Changes since revision 1.155: +2 -2 lines
Add protection against ECDSA timing attacks as mentioned in the paper
by Billy Bob Brumley and Nicola Tuveri, see:
  http://eprint.iacr.org/2011/232.pdf
[Billy Bob Brumley and Nicola Tuveri]

(patch confirmed in upstream cvs)

Revision 1.155: download - view: text, markup, annotated - select for diffs
Fri Apr 1 21:02:48 2011 UTC (13 years, 8 months ago) by tez
Branches: MAIN
CVS tags: pkgsrc-2011Q1-base
Branch point for: pkgsrc-2011Q1
Diff to: previous 1.154: preferred, colored
Changes since revision 1.154: +3 -3 lines
Use solaris64 rather than solaris for ABI=64 build using gcc in SunOS
fixes PR#44769

Revision 1.153.2.1: download - view: text, markup, annotated - select for diffs
Fri Feb 11 04:26:39 2011 UTC (13 years, 9 months ago) by sbd
Branches: pkgsrc-2010Q4
Diff to: previous 1.153: preferred, colored; next MAIN 1.154: preferred, colored
Changes since revision 1.153: +2 -1 lines
Pullup ticket #3347 - requested by taca
security/openssl security fix

Revisions pulled up:
- pkgsrc/security/openssl/Makefile			1.154
- pkgsrc/security/openssl/distinfo			1.80
- pkgsrc/security/openssl/patches/patch-ssl_t1__lib.c	1.1

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Feb  9 00:15:30 UTC 2011

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Added Files:
   	pkgsrc/security/openssl/patches: patch-ssl_t1__lib.c

   Log Message:
   Add fix for security issue CVE-2011-0014.

   Bump PKGREVISION.

Revision 1.154: download - view: text, markup, annotated - select for diffs
Wed Feb 9 00:15:30 2011 UTC (13 years, 10 months ago) by taca
Branches: MAIN
Diff to: previous 1.153: preferred, colored
Changes since revision 1.153: +2 -1 lines
Add fix for security issue CVE-2011-0014.

Bump PKGREVISION.

Revision 1.151.2.2: download - view: text, markup, annotated - select for diffs
Fri Dec 3 04:34:47 2010 UTC (14 years ago) by sbd
Branches: pkgsrc-2010Q3
Diff to: previous 1.151.2.1: preferred, colored; branchpoint 1.151: preferred, colored; next MAIN 1.152: preferred, colored
Changes since revision 1.151.2.1: +3 -2 lines
Pullup ticket #3292 - requested by taca
pkgsrc/security/openssl security update

Revisions pulled up:
pkgsrc/security/openssl/Makefile	1.153
pkgsrc/security/openssl/distinfo	1.79

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Dec  3 00:17:21 UTC 2010

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update openssl package to 0.9.8q.

      OpenSSL version 0.9.8q released
      ===============================

      OpenSSL - The Open Source toolkit for SSL/TLS
      http://www.openssl.org/

      The OpenSSL project team is pleased to announce the release of
      version 0.9.8q of our open source toolkit for SSL/TLS. This new
      OpenSSL version is a security and bugfix release. For a complete
      list of changes, please see

          http://www.openssl.org/source/exp/CHANGES.

      The most significant changes are:

         o Fix for security issue CVE-2010-4180
         o Fix for CVE-2010-4252


   To generate a diff of this commit:
   cvs rdiff -u -r1.152 -r1.153 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.78 -r1.79 pkgsrc/security/openssl/distinfo

Revision 1.153: download - view: text, markup, annotated - select for diffs
Fri Dec 3 00:17:21 2010 UTC (14 years ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2010Q4-base
Branch point for: pkgsrc-2010Q4
Diff to: previous 1.152: preferred, colored
Changes since revision 1.152: +3 -2 lines
Update openssl package to 0.9.8q.


   OpenSSL version 0.9.8q released
   ===============================

   OpenSSL - The Open Source toolkit for SSL/TLS
   http://www.openssl.org/

   The OpenSSL project team is pleased to announce the release of
   version 0.9.8q of our open source toolkit for SSL/TLS. This new
   OpenSSL version is a security and bugfix release. For a complete
   list of changes, please see

       http://www.openssl.org/source/exp/CHANGES.

   The most significant changes are:

      o Fix for security issue CVE-2010-4180
      o Fix for CVE-2010-4252

Revision 1.151.2.1: download - view: text, markup, annotated - select for diffs
Wed Nov 17 18:47:28 2010 UTC (14 years ago) by tron
Branches: pkgsrc-2010Q3
Diff to: previous 1.151: preferred, colored
Changes since revision 1.151: +2 -3 lines
Pullup ticket #3276 - requested by taca
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile			1.152
- security/openssl/distinfo			1.78
- security/openssl/patches/patch-bd		delete
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Wed Nov 17 00:52:26 UTC 2010

Modified Files:
	pkgsrc/security/openssl: Makefile distinfo
Removed Files:
	pkgsrc/security/openssl/patches: patch-bd

Log Message:
Update security/openssl package to 0.9.8p.

   OpenSSL version 0.9.8p released
   ===============================

   OpenSSL - The Open Source toolkit for SSL/TLS
   http://www.openssl.org/

   The OpenSSL project team is pleased to announce the release of
   version 0.9.8p of our open source toolkit for SSL/TLS. This new
   OpenSSL version is a security and bugfix release which addresses
   CVE-2010-3864. For a complete list of changes,
   please see http://www.openssl.org/source/exp/CHANGES.

Revision 1.152: download - view: text, markup, annotated - select for diffs
Wed Nov 17 00:52:25 2010 UTC (14 years ago) by taca
Branches: MAIN
Diff to: previous 1.151: preferred, colored
Changes since revision 1.151: +2 -3 lines
Update security/openssl package to 0.9.8p.

   OpenSSL version 0.9.8p released
   ===============================

   OpenSSL - The Open Source toolkit for SSL/TLS
   http://www.openssl.org/

   The OpenSSL project team is pleased to announce the release of
   version 0.9.8p of our open source toolkit for SSL/TLS. This new
   OpenSSL version is a security and bugfix release which addresses
   CVE-2010-3864. For a complete list of changes,
   please see http://www.openssl.org/source/exp/CHANGES.

Revision 1.151: download - view: text, markup, annotated - select for diffs
Fri Oct 8 20:04:58 2010 UTC (14 years, 2 months ago) by tez
Branches: MAIN
CVS tags: pkgsrc-2010Q3-base
Branch point for: pkgsrc-2010Q3
Diff to: previous 1.150: preferred, colored
Changes since revision 1.150: +2 -1 lines
Fix for CVE-2010-2939

Revision 1.150: download - view: text, markup, annotated - select for diffs
Sun Aug 1 05:24:00 2010 UTC (14 years, 4 months ago) by obache
Branches: MAIN
Diff to: previous 1.149: preferred, colored
Changes since revision 1.149: +2 -2 lines
ABI is not defined on old Darwin.

Revision 1.146.2.1: download - view: text, markup, annotated - select for diffs
Thu Jun 3 08:33:32 2010 UTC (14 years, 6 months ago) by spz
Branches: pkgsrc-2010Q1
Diff to: previous 1.146: preferred, colored; next MAIN 1.147: preferred, colored
Changes since revision 1.146: +9 -3 lines
Pullup ticket 3135 - requested by taca
security update

Revisions pulled up:
- pkgsrc/security/openssl/Makefile	1.149
- pkgsrc/security/openssl/distinfo	1.75

Files removed:
pkgsrc/security/openssl/patches/patch-bc

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Mon Apr 12 14:19:17 UTC 2010

   Modified Files:
           pkgsrc/security/openssl: Makefile distinfo
   Removed Files:
           pkgsrc/security/openssl/patches: patch-bc

   Log Message:
   Update openssl package from 0.9.8m to 0.9.8n.

    Changes between 0.9.8m and 0.9.8n [24 Mar 2010]

     *) When rejecting SSL/TLS records due to an incorrect version number, never
        update s->server with a new major version number.  As of
        - OpenSSL 0.9.8m if 'short' is a 16-bit type,
        - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
        the previous behavior could result in a read attempt at NULL when
        receiving specific incorrect SSL/TLS records once record payload
        protection is active.  (CVE-2010-0740)
        [Bodo Moeller, Adam Langley <agl@chromium.org>]

     *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
        could be crashed if the relevant tables were not present (e.g. chrooted).
        [Tomas Hoger <thoger@redhat.com>]


   To generate a diff of this commit:
   cvs rdiff -u -r1.146 -r1.147 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.73 -r1.74 pkgsrc/security/openssl/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/security/openssl/patches/patch-bc

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Sat May  8 06:33:41 UTC 2010

   Modified Files:
           pkgsrc/security/openssl: Makefile

   Log Message:
   Set correct architecture on Darwin


   To generate a diff of this commit:
   cvs rdiff -u -r1.147 -r1.148 pkgsrc/security/openssl/Makefile

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Wed Jun  2 13:30:11 UTC 2010

   Modified Files:
           pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update security/openssl package to 0.9.8o.

    OpenSSL CHANGES
    _______________

    Changes between 0.9.8n and 0.9.8o [01 Jun 2010]

     *) Correct a typo in the CMS ASN1 module which can result in invalid memory
        access or freeing data twice (CVE-2010-0742)
        [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]

     *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
        common in certificates and some applications which only call
        SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
        [Steve Henson]

     *) VMS fixes:
        Reduce copying into .apps and .test in makevms.com
        Don't try to use blank CA certificate in CA.com
        Allow use of C files from original directories in maketests.com
        [Steven M. Schweda" <sms@antinode.info>]


   To generate a diff of this commit:
   cvs rdiff -u -r1.148 -r1.149 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.74 -r1.75 pkgsrc/security/openssl/distinfo

Revision 1.149: download - view: text, markup, annotated - select for diffs
Wed Jun 2 13:30:11 2010 UTC (14 years, 6 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2010Q2-base, pkgsrc-2010Q2
Diff to: previous 1.148: preferred, colored
Changes since revision 1.148: +2 -2 lines
Update security/openssl package to 0.9.8o.


 OpenSSL CHANGES
 _______________

 Changes between 0.9.8n and 0.9.8o [01 Jun 2010]

  *) Correct a typo in the CMS ASN1 module which can result in invalid memory
     access or freeing data twice (CVE-2010-0742)
     [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]

  *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
     common in certificates and some applications which only call
     SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
     [Steve Henson]

  *) VMS fixes:
     Reduce copying into .apps and .test in makevms.com
     Don't try to use blank CA certificate in CA.com
     Allow use of C files from original directories in maketests.com
     [Steven M. Schweda" <sms@antinode.info>]

Revision 1.148: download - view: text, markup, annotated - select for diffs
Sat May 8 06:33:41 2010 UTC (14 years, 7 months ago) by adam
Branches: MAIN
Diff to: previous 1.147: preferred, colored
Changes since revision 1.147: +8 -1 lines
Set correct architecture on Darwin

Revision 1.147: download - view: text, markup, annotated - select for diffs
Mon Apr 12 14:19:17 2010 UTC (14 years, 7 months ago) by taca
Branches: MAIN
Diff to: previous 1.146: preferred, colored
Changes since revision 1.146: +2 -3 lines
Update openssl package from 0.9.8m to 0.9.8n.


 Changes between 0.9.8m and 0.9.8n [24 Mar 2010]

  *) When rejecting SSL/TLS records due to an incorrect version number, never
     update s->server with a new major version number.  As of
     - OpenSSL 0.9.8m if 'short' is a 16-bit type,
     - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
     the previous behavior could result in a read attempt at NULL when
     receiving specific incorrect SSL/TLS records once record payload
     protection is active.  (CVE-2010-0740)
     [Bodo Moeller, Adam Langley <agl@chromium.org>]

  *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
     could be crashed if the relevant tables were not present (e.g. chrooted).
     [Tomas Hoger <thoger@redhat.com>]

Revision 1.142.2.2: download - view: text, markup, annotated - select for diffs
Sat Mar 27 14:44:42 2010 UTC (14 years, 8 months ago) by tron
Branches: pkgsrc-2009Q4
Diff to: previous 1.142.2.1: preferred, colored; branchpoint 1.142: preferred, colored; next MAIN 1.143: preferred, colored
Changes since revision 1.142.2.1: +4 -2 lines
Pullup ticket #3065 - requested by taca
openssl: security update

Revisions pulled up:
- security/openssl/Makefile			1.144-1.1.146
- security/openssl/PLIST.common			1.17
- security/openssl/distinfo			1.72-1.73
- security/openssl/patches/patch-aa		1.23
- security/openssl/patches/patch-ac		1.38
- security/openssl/patches/patch-af		1.24
- security/openssl/patches/patch-ax		delete
- security/openssl/patches/patch-ay		delete
- security/openssl/patches/patch-az		delete
- security/openssl/patches/patch-ba		delete
- security/openssl/patches/patch-bb		delete
- security/openssl/patches/patch-bc		1.1
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Fri Feb 26 03:15:14 UTC 2010

Modified Files:
	pkgsrc/security/openssl: Makefile distinfo
	pkgsrc/security/openssl/patches: patch-aa patch-ac patch-af
Removed Files:
	pkgsrc/security/openssl/patches: patch-ax patch-ay patch-az patch-ba
	    patch-bb

Log Message:
Update openssl to 0.9.8m.

   The OpenSSL project team is pleased to announce the release of
   version 0.9.8m of our open source toolkit for SSL/TLS. This new
   OpenSSL version is a security and bugfix release which implements
   RFC5746 to address renegotiation vulnerabilities mentioned in
   CVE-2009-3555.  For a complete list of changes,
   please see http://www.openssl.org/source/exp/CHANGES.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Mar  1 08:15:40 UTC 2010

Modified Files:
	pkgsrc/security/openssl: Makefile PLIST.common

Log Message:
Fix broken PLIST.
(I wonder why "make print-PLIST" generated wrong result before...")

Bump PKGREVISION.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Fri Mar 26 00:20:49 UTC 2010

Modified Files:
	pkgsrc/security/openssl: Makefile distinfo
Added Files:
	pkgsrc/security/openssl/patches: patch-bc

Log Message:
Add a patch for Fix for CVE-2010-0740, DoS problem.

http://www.openssl.org/news/secadv_20100324.txt

Bump PKGREVISION.

Revision 1.146: download - view: text, markup, annotated - select for diffs
Fri Mar 26 00:20:49 2010 UTC (14 years, 8 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2010Q1-base
Branch point for: pkgsrc-2010Q1
Diff to: previous 1.145: preferred, colored
Changes since revision 1.145: +2 -2 lines
Add a patch for Fix for CVE-2010-0740, DoS problem.

http://www.openssl.org/news/secadv_20100324.txt

Bump PKGREVISION.

Revision 1.145: download - view: text, markup, annotated - select for diffs
Mon Mar 1 08:15:40 2010 UTC (14 years, 9 months ago) by taca
Branches: MAIN
Diff to: previous 1.144: preferred, colored
Changes since revision 1.144: +2 -1 lines
Fix broken PLIST.
(I wonder why "make print-PLIST" generated wrong result before...")

Bump PKGREVISION.

Revision 1.144: download - view: text, markup, annotated - select for diffs
Fri Feb 26 03:15:13 2010 UTC (14 years, 9 months ago) by taca
Branches: MAIN
Diff to: previous 1.143: preferred, colored
Changes since revision 1.143: +4 -3 lines
Update openssl to 0.9.8m.

   The OpenSSL project team is pleased to announce the release of
   version 0.9.8m of our open source toolkit for SSL/TLS. This new
   OpenSSL version is a security and bugfix release which implements
   RFC5746 to address renegotiation vulnerabilities mentioned in
   CVE-2009-3555.  For a complete list of changes,
   please see http://www.openssl.org/source/exp/CHANGES.

Revision 1.142.2.1: download - view: text, markup, annotated - select for diffs
Sun Jan 24 10:56:27 2010 UTC (14 years, 10 months ago) by tron
Branches: pkgsrc-2009Q4
Diff to: previous 1.142: preferred, colored
Changes since revision 1.142: +2 -1 lines
Pullup ticket #2967 - requested by taca
openssl: security patch

Revisions pulled up:
- security/openssl/Makefile			1.143
- security/openssl/distinfo			1.71
- security/openssl/patches/patch-bb		1.1
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Fri Jan 22 03:35:10 UTC 2010

Modified Files:
	pkgsrc/security/openssl: Makefile distinfo
Added Files:
	pkgsrc/security/openssl/patches: patch-bb

Log Message:
Add a patch from OpenSSL's repositroy to deal with CVE-2009-4355.

Bump PKGREVISION.

Revision 1.143: download - view: text, markup, annotated - select for diffs
Fri Jan 22 03:35:10 2010 UTC (14 years, 10 months ago) by taca
Branches: MAIN
Diff to: previous 1.142: preferred, colored
Changes since revision 1.142: +2 -1 lines
Add a patch from OpenSSL's repositroy to deal with CVE-2009-4355.

Bump PKGREVISION.

Revision 1.142: download - view: text, markup, annotated - select for diffs
Fri Jan 15 04:55:30 2010 UTC (14 years, 10 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2009Q4-base
Branch point for: pkgsrc-2009Q4
Diff to: previous 1.141: preferred, colored
Changes since revision 1.141: +3 -4 lines
Update openssl package to 0.9.8l, fixing security problem.
Approved by agc@.


Changes between 0.9.8k and 0.9.8l  [5 Nov 2009]

 *) Disable renegotiation completely - this fixes a severe security
    problem (CVE-2009-3555) at the cost of breaking all
    renegotiation. Renegotiation can be re-enabled by setting
    SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
    run-time. This is really not recommended unless you know what
    you're doing.
    [Ben Laurie]

Revision 1.141: download - view: text, markup, annotated - select for diffs
Fri Dec 25 11:58:06 2009 UTC (14 years, 11 months ago) by obache
Branches: MAIN
Diff to: previous 1.140: preferred, colored
Changes since revision 1.140: +8 -1 lines
Fixes and improvement for Interix
* Not only interix-3, but also treat all interix release, allow to build on SUA.
* Gave up randomized image base, use 0x5e000000, as in mk/platform/Interix.mk.
  It is workaround of PR 42369.
* Use -D_REENTRANT flags for threads.
* replace -Wl,soname= linker flags with -Wl,h, for Interix

Revision 1.138.2.1: download - view: text, markup, annotated - select for diffs
Fri Jun 12 11:02:42 2009 UTC (15 years, 5 months ago) by tron
Branches: pkgsrc-2009Q1
Diff to: previous 1.138: preferred, colored; next MAIN 1.139: preferred, colored
Changes since revision 1.138: +2 -1 lines
Pullup ticket #2794 - requested by tez
openssl: security patch

Revisions pulled up:
- security/openssl/Makefile			1.140
- security/openssl/distinfo			1.68
- security/openssl/patches/patch-ax		1.1
- security/openssl/patches/patch-ay		1.1
- security/openssl/patches/patch-az		1.1
- security/openssl/patches/patch-ba		1.1
---
Module Name:    pkgsrc
Committed By:   tez
Date:           Wed Jun 10 13:57:08 UTC 2009

Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
Added Files:
        pkgsrc/security/openssl/patches: patch-ax patch-ay patch-az patch-ba

Log Message:
Patches for CVE-2009-1377, CVE-2009-1378 & CVE-2009-1379 from
http://cvs.openssl.org/filediff?f=openssl/ssl/d1_both.c&v1=1.4.2.9&v2=1.4.2.10
http://cvs.openssl.org/filediff?f=openssl/ssl/d1_both.c&v1=1.4.2.13&v2=1.4.2.15
http://cvs.openssl.org/filediff?f=openssl/crypto/pqueue/pqueue.c&v1=1.2.2.4&v2=1.2.2.5
http://cvs.openssl.org/filediff?f=openssl/crypto/pqueue/pqueue.h&v1=1.2.2.1&v2=1.2.2.2
http://cvs.openssl.org/filediff?f=openssl/ssl/d1_pkt.c&v1=1.4.2.17&v2=1.4.2.18

Revision 1.140: download - view: text, markup, annotated - select for diffs
Wed Jun 10 13:57:08 2009 UTC (15 years, 6 months ago) by tez
Branches: MAIN
CVS tags: pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2
Diff to: previous 1.139: preferred, colored
Changes since revision 1.139: +2 -1 lines
Patches for CVE-2009-1377, CVE-2009-1378 & CVE-2009-1379 from
http://cvs.openssl.org/filediff?f=openssl/ssl/d1_both.c&v1=1.4.2.9&v2=1.4.2.10
http://cvs.openssl.org/filediff?f=openssl/ssl/d1_both.c&v1=1.4.2.13&v2=1.4.2.15
http://cvs.openssl.org/filediff?f=openssl/crypto/pqueue/pqueue.c&v1=1.2.2.4&v2=1.2.2.5
http://cvs.openssl.org/filediff?f=openssl/crypto/pqueue/pqueue.h&v1=1.2.2.1&v2=1.2.2.2
http://cvs.openssl.org/filediff?f=openssl/ssl/d1_pkt.c&v1=1.4.2.17&v2=1.4.2.18

Revision 1.139: download - view: text, markup, annotated - select for diffs
Thu May 21 21:37:28 2009 UTC (15 years, 6 months ago) by zafer
Branches: MAIN
Diff to: previous 1.138: preferred, colored
Changes since revision 1.138: +4 -7 lines
clean up mirrors. use official up to date ones.

Revision 1.138: download - view: text, markup, annotated - select for diffs
Sun Apr 5 15:50:17 2009 UTC (15 years, 8 months ago) by tnn
Branches: MAIN
CVS tags: pkgsrc-2009Q1-base
Branch point for: pkgsrc-2009Q1
Diff to: previous 1.137: preferred, colored
Changes since revision 1.137: +2 -2 lines
Update to openssl-0.9.8k.

Changes between 0.9.8j and 0.9.8k  [25 Mar 2009]
*) Don't set val to NULL when freeing up structures, it is freed up by
   underlying code. If sizeof(void *) > sizeof(long) this can result in
   zeroing past the valid field. (CVE-2009-0789)
*) Fix bug where return value of CMS_SignerInfo_verify_content() was not
   checked correctly. This would allow some invalid signed attributes to
   appear to verify correctly. (CVE-2009-0591)
*) Reject UniversalString and BMPString types with invalid lengths. This
   prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
   a legal length. (CVE-2009-0590)
*) Set S/MIME signing as the default purpose rather than setting it
   unconditionally. This allows applications to override it at the store
   level.
*) Permit restricted recursion of ASN1 strings. This is needed in practice
   to handle some structures.
*) Improve efficiency of mem_gets: don't search whole buffer each time
   for a '\n'
*) New -hex option for openssl rand.
*) Print out UTF8String and NumericString when parsing ASN1.
*) Support NumericString type for name components.
*) Allow CC in the environment to override the automatically chosen
   compiler. Note that nothing is done to ensure flags work with the
   chosen compiler.

Revision 1.136.2.1: download - view: text, markup, annotated - select for diffs
Thu Jan 8 18:11:26 2009 UTC (15 years, 11 months ago) by tron
Branches: pkgsrc-2008Q4
Diff to: previous 1.136: preferred, colored; next MAIN 1.137: preferred, colored
Changes since revision 1.136: +3 -4 lines
Pullup ticket #2628 - requested by tnn
openssl: security update

Revisions pulled up:
- security/openssl/Makefile			1.137
- security/openssl/PLIST.common			1.14
- security/openssl/distinfo			1.65
- security/openssl/patches/patch-af		1.22
- security/openssl/patches/patch-am		1.6
---
Module Name:	pkgsrc
Committed By:	tnn
Date:		Thu Jan  8 16:38:22 UTC 2009

Modified Files:
	pkgsrc/security/openssl: Makefile PLIST.common distinfo
	pkgsrc/security/openssl/patches: patch-af patch-am

Log Message:
Update to openssl-0.9.8j. Fixes CVE-2008-5077.

Revision 1.137: download - view: text, markup, annotated - select for diffs
Thu Jan 8 16:38:22 2009 UTC (15 years, 11 months ago) by tnn
Branches: MAIN
Diff to: previous 1.136: preferred, colored
Changes since revision 1.136: +3 -4 lines
Update to openssl-0.9.8j. Fixes CVE-2008-5077.

Changes between 0.9.8i and 0.9.8j  [07 Jan 2009]
*) Properly check EVP_VerifyFinal() and similar return values
   (CVE-2008-5077).
*) Allow the CHIL engine to be loaded, whether the application is
   multithreaded or not. (This does not release the developer from the
   obligation to set up the dynamic locking callbacks.)
*) Use correct exit code if there is an error in dgst command.
*) Tweak Configure so that you need to say "experimental-jpake" to enable
   JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications.
*) Add experimental JPAKE support, including demo authentication in
   s_client and s_server.
*) Set the comparison function in v3_addr_canonize().
*) Add support for XMPP STARTTLS in s_client.
*) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
   to ensure that even with this option, only ciphersuites in the
   server's preference list will be accepted.  (Note that the option
   applies only when resuming a session, so the earlier behavior was
   just about the algorithm choice for symmetric cryptography.)

Changes between 0.9.8h and 0.9.8i  [15 Sep 2008]
*) Fix a state transitition in s3_srvr.c and d1_srvr.c
   (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...).
*) The fix in 0.9.8c that supposedly got rid of unsafe
   double-checked locking was incomplete for RSA blinding,
   addressing just one layer of what turns out to have been
   doubly unsafe triple-checked locking.
   So now fix this for real by retiring the MONT_HELPER macro
   in crypto/rsa/rsa_eay.c.
*) Various precautionary measures:
   - Avoid size_t integer overflow in HASH_UPDATE (md32_common.h).
   - Avoid a buffer overflow in d2i_SSL_SESSION() (ssl_asn1.c).
     (NB: This would require knowledge of the secret session ticket key
     to exploit, in which case you'd be SOL either way.)
   - Change bn_nist.c so that it will properly handle input BIGNUMs
     outside the expected range.
   - Enforce the 'num' check in BN_div() (bn_div.c) for non-BN_DEBUG
     builds.
*) Allow engines to be "soft loaded" - i.e. optionally don't die if
   the load fails. Useful for distros.
*) Add support for Local Machine Keyset attribute in PKCS#12 files.
*) Fix BN_GF2m_mod_arr() top-bit cleanup code.
*) Expand ENGINE to support engine supplied SSL client certificate functions.
   This work was sponsored by Logica.
*) Add CryptoAPI ENGINE to support use of RSA and DSA keys held in Windows
   keystores. Support for SSL/TLS client authentication too.
   Not compiled unless enable-capieng specified to Configure.
   This work was sponsored by Logica.
*) Fix bug in X509_ATTRIBUTE creation: dont set attribute using
   ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain
   attribute creation routines such as certifcate requests and PKCS#12
   files.

Revision 1.136: download - view: text, markup, annotated - select for diffs
Sat Oct 25 12:03:35 2008 UTC (16 years, 1 month ago) by adrianp
Branches: MAIN
CVS tags: pkgsrc-2008Q4-base
Branch point for: pkgsrc-2008Q4
Diff to: previous 1.135: preferred, colored
Changes since revision 1.135: +3 -2 lines
OpenSSL is not JOBS_SAFE
Pull in a fix from the OpenSSL CVS:
http://cvs.openssl.org/filediff?f=openssl/crypto/x509/x509_att.c&v1=1.14&v2=1.15
This should fix PR #39767 opened by Wolfgang Solfrank

Revision 1.135: download - view: text, markup, annotated - select for diffs
Wed Sep 17 00:46:58 2008 UTC (16 years, 2 months ago) by reed
Branches: MAIN
CVS tags: pkgsrc-2008Q3-base, pkgsrc-2008Q3
Diff to: previous 1.134: preferred, colored
Changes since revision 1.134: +2 -1 lines
Add zlib option.
This is for PR 39433.
It is not enabled by default.

Revision 1.134: download - view: text, markup, annotated - select for diffs
Mon Jul 14 03:52:54 2008 UTC (16 years, 4 months ago) by tnn
Branches: MAIN
CVS tags: cube-native-xorg-base, cube-native-xorg
Diff to: previous 1.133: preferred, colored
Changes since revision 1.133: +2 -3 lines
Update to openssl-0.9.8h. Changes from 0.9.8g:

Two crashes discovered using the Codenomicon TLS test suite, as reported
in CVE-2008-0891 and CVE-2008-1672, were fixed. The root CA certificates
of commercial CAs were removed from the distribution. Functions were added
to implement RFC3394 compatible AES key wrapping. Utility functions to
handle ASN1 structures were added. The certificate status request TLS
extension, as defined in RFC3546, was implemented. Several other bugfixes
and enhancements were made.

Revision 1.133: download - view: text, markup, annotated - select for diffs
Mon Jun 16 20:18:20 2008 UTC (16 years, 5 months ago) by tonnerre
Branches: MAIN
CVS tags: pkgsrc-2008Q2-base, pkgsrc-2008Q2, cwrapper
Diff to: previous 1.132: preferred, colored
Changes since revision 1.132: +2 -2 lines
Fix shared library build on various architectures. This basically fiddles
with the number of colons between the fields.

Revision 1.131.2.1: download - view: text, markup, annotated - select for diffs
Thu Jun 5 12:23:59 2008 UTC (16 years, 6 months ago) by rtr
Branches: pkgsrc-2008Q1
Diff to: previous 1.131: preferred, colored; next MAIN 1.132: preferred, colored
Changes since revision 1.131: +1 -0 lines
pullup ticket #2414 - requested by tonnerre
openssl: DoS and double free fixes

revisions pulled up:
- pkgsrc/security/openssl/Makefile		1.132
- pkgsrc/security/openssl/distinfo		1.60
- pkgsrc/security/openssl/patches/patch-ab	1.12
- pkgsrc/security/openssl/patches/patch-ah	1.8

   Module Name: pkgsrc
   Committed By:        tonnerre
   Date:                Tue Jun  3 21:39:40 UTC 2008

   Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
   Added Files:
        pkgsrc/security/openssl/patches: patch-ab patch-ah

   Log Message:
   Fix two Denial of Service vulnerabilities in OpenSSL 0.9.8g:
   - Fix flaw if 'Server Key exchange message' is omitted from a TLS
   handshake which could lead to a silent crash.
   - Fix double free in TLS server name extensions which could lead to a
   remote crash.

   Patches from upstream.

Revision 1.132: download - view: text, markup, annotated - select for diffs
Tue Jun 3 21:39:40 2008 UTC (16 years, 6 months ago) by tonnerre
Branches: MAIN
Diff to: previous 1.131: preferred, colored
Changes since revision 1.131: +2 -1 lines
Fix two Denial of Service vulnerabilities in OpenSSL 0.9.8g:
 - Fix flaw if 'Server Key exchange message' is omitted from a TLS handshake
   which could lead to a silent crash.
 - Fix double free in TLS server name extensions which could lead to a remote
   crash.

Patches from upstream.

Revision 1.131: download - view: text, markup, annotated - select for diffs
Thu Jan 17 06:42:47 2008 UTC (16 years, 10 months ago) by tnn
Branches: MAIN
CVS tags: pkgsrc-2008Q1-base
Branch point for: pkgsrc-2008Q1
Diff to: previous 1.130: preferred, colored
Changes since revision 1.130: +9 -22 lines
Update to openssl-0.9.8g. Provided by Jukka Salmi in pkgsrc-wip.

pkgsrc notes:
  o Tested on NetBSD/i386 (Jukka Salmi), Mac OSX 10.5 (Adrian Portelli),
    Linux (Jeremy C. Reed), Tru64 5.1b (tnn), HP-UX 11i (tnn).
    Because the Makefile system has been rewamped, other
    platforms may require fixes. Please test if you can.
  o OpenSSL can now be built with installation to DESTDIR.

Overview of important changes since 0.9.7i:
  o Add gcc 4.2 support.
  o DTLS improvements.
  o RFC4507bis support.
  o TLS Extensions support.
  o RFC3779 support.
  o New cipher Camellia
  o Updated ECC cipher suite support.
  o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free().
  o Zlib compression usage fixes.
  o Major work on the BIGNUM library for higher efficiency and to
    make operations more streamlined and less contradictory.  This
    is the result of a major audit of the BIGNUM library.
  o Addition of BIGNUM functions for fields GF(2^m) and NIST
    curves, to support the Elliptic Crypto functions.
  o Major work on Elliptic Crypto; ECDH and ECDSA added, including
    the use through EVP, X509 and ENGINE.
  o New ASN.1 mini-compiler that's usable through the OpenSSL
    configuration file.
  o Added support for ASN.1 indefinite length constructed encoding.
  o New PKCS#12 'medium level' API to manipulate PKCS#12 files.
  o Complete rework of shared library construction and linking
    programs with shared or static libraries, through a separate
    Makefile.shared.
  o Rework of the passing of parameters from one Makefile to another.
  o Changed ENGINE framework to load dynamic engine modules
    automatically from specifically given directories.
  o New structure and ASN.1 functions for CertificatePair.
  o Changed the key-generation and primality testing "progress"
    mechanism to take a structure that contains the ticker
    function and an argument.
  o New engine module: GMP (performs private key exponentiation).
  o New engine module: VIA PadLOck ACE extension in VIA C3
    Nehemiah processors.
  o Added support for IPv6 addresses in certificate extensions.
    See RFC 1884, section 2.2.
  o Added support for certificate policy mappings, policy
    constraints and name constraints.
  o Added support for multi-valued AVAs in the OpenSSL
    configuration file.
  o Added support for multiple certificates with the same subject
    in the 'openssl ca' index file.
  o Make it possible to create self-signed certificates using
    'openssl ca -selfsign'.
  o Make it possible to generate a serial number file with
    'openssl ca -create_serial'.
  o New binary search functions with extended functionality.
  o New BUF functions.
  o New STORE structure and library to provide an interface to all
    sorts of data repositories.  Supports storage of public and
    private keys, certificates, CRLs, numbers and arbitrary blobs.
    This library is unfortunately unfinished and unused withing
    OpenSSL.
  o New control functions for the error stack.
  o Changed the PKCS#7 library to support one-pass S/MIME
    processing.
  o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512).
  o New X509_VERIFY_PARAM structure to support parametrisation
    of X.509 path validation.
  o Change the default digest in 'openssl' commands from MD5 to
    SHA-1.
  o Added support for DTLS.
  o New BIGNUM blinding.
  o Added support for the RSA-PSS encryption scheme
  o Added support for the RSA X.931 padding.
  o Added support for files larger than 2GB.
  o Added alternate pkg-config files.

Revision 1.130: download - view: text, markup, annotated - select for diffs
Sat Jan 5 20:41:25 2008 UTC (16 years, 11 months ago) by rillig
Branches: MAIN
Diff to: previous 1.129: preferred, colored
Changes since revision 1.129: +2 -2 lines
Fixed a few pkglint warnings.

Revision 1.129: download - view: text, markup, annotated - select for diffs
Fri Jan 4 22:08:09 2008 UTC (16 years, 11 months ago) by rillig
Branches: MAIN
Diff to: previous 1.128: preferred, colored
Changes since revision 1.128: +2 -6 lines
Removed the special-case handling of PKG_SYSCONFDIR for NetBSD. Now the
configuration files are installed in the usual pkgsrc place, not in
/etc. PKGREVISION++

Ok'ed by jlam@.

Revision 1.127.2.1: download - view: text, markup, annotated - select for diffs
Mon Oct 22 08:47:22 2007 UTC (17 years, 1 month ago) by ghen
Branches: pkgsrc-2007Q3
Diff to: previous 1.127: preferred, colored; next MAIN 1.128: preferred, colored
Changes since revision 1.127: +2 -2 lines
Pullup ticket 2209 - requested by adrianp
security fix for openssl

- pkgsrc/security/openssl/Makefile			1.128
- pkgsrc/security/openssl/distinfo			1.56
- pkgsrc/security/openssl/patches/patch-ao		1.2

   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Sun Oct 21 17:52:53 UTC 2007

   Modified Files:
	   pkgsrc/security/openssl: Makefile distinfo
	   pkgsrc/security/openssl/patches: patch-ao

   Log Message:
   Full and proper fix for CVE-2007-5135
   PKGREVISION++

Revision 1.128: download - view: text, markup, annotated - select for diffs
Sun Oct 21 17:52:52 2007 UTC (17 years, 1 month ago) by adrianp
Branches: MAIN
CVS tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4
Diff to: previous 1.127: preferred, colored
Changes since revision 1.127: +2 -2 lines
Full and proper fix for CVE-2007-5135
PKGREVISION++

Revision 1.127: download - view: text, markup, annotated - select for diffs
Sat Aug 4 14:29:43 2007 UTC (17 years, 4 months ago) by tnn
Branches: MAIN
CVS tags: pkgsrc-2007Q3-base
Branch point for: pkgsrc-2007Q3
Diff to: previous 1.126: preferred, colored
Changes since revision 1.126: +10 -2 lines
Add a target configuration for Tru64 with gcc.

Revision 1.126: download - view: text, markup, annotated - select for diffs
Wed Jul 18 13:11:15 2007 UTC (17 years, 4 months ago) by tron
Branches: MAIN
Diff to: previous 1.125: preferred, colored
Changes since revision 1.125: +3 -3 lines
Compile OpenSSL with supports for threads. This allows an application
to register callbacks which implement locking primitive to make
OpenSSL thread-safe.

Bump package revision because of this change.

Revision 1.125: download - view: text, markup, annotated - select for diffs
Thu May 3 14:23:42 2007 UTC (17 years, 7 months ago) by tron
Branches: MAIN
CVS tags: pkgsrc-2007Q2-base, pkgsrc-2007Q2
Diff to: previous 1.124: preferred, colored
Changes since revision 1.124: +2 -2 lines
Fix typo in "SUBST_MESSAGE.dl".

Revision 1.124: download - view: text, markup, annotated - select for diffs
Thu Apr 26 21:11:05 2007 UTC (17 years, 7 months ago) by tron
Branches: MAIN
Diff to: previous 1.123: preferred, colored
Changes since revision 1.123: +2 -2 lines
Also link with the "dl" library when creating the shared libraries.
Another attempt to fix PR pkg/36086.

Revision 1.123: download - view: text, markup, annotated - select for diffs
Tue Apr 24 14:10:37 2007 UTC (17 years, 7 months ago) by tron
Branches: MAIN
Diff to: previous 1.122: preferred, colored
Changes since revision 1.122: +10 -4 lines
Use all necessary means to convince OpenSSL's "special" build system
to link with the "dl" library under Mac OS X if necessary.
This should finally fix PR pkg/36086.

Revision 1.122: download - view: text, markup, annotated - select for diffs
Wed Apr 18 14:11:33 2007 UTC (17 years, 7 months ago) by tron
Branches: MAIN
Diff to: previous 1.121: preferred, colored
Changes since revision 1.121: +3 -1 lines
Make sure that the "dlcompat" related options are actually added to
"LDFLAGS". This is another attempt to fix PR pkg/36086.

Revision 1.121: download - view: text, markup, annotated - select for diffs
Tue Apr 17 17:04:00 2007 UTC (17 years, 7 months ago) by tron
Branches: MAIN
Diff to: previous 1.120: preferred, colored
Changes since revision 1.120: +3 -8 lines
Use "pkgsrc/mk/dlopen.buildlink3.mk" instead of manually including
"pkgsrc/devel/dlcompat/buildlink3.mk" under Darwin. This might
finally fix PR pkg/36086.

Revision 1.120: download - view: text, markup, annotated - select for diffs
Sun Apr 1 21:33:05 2007 UTC (17 years, 8 months ago) by tron
Branches: MAIN
CVS tags: pkgsrc-2007Q1-base, pkgsrc-2007Q1
Diff to: previous 1.119: preferred, colored
Changes since revision 1.119: +3 -1 lines
Add ${BUILDLINK_LDFLAGS.dlcompat} (defined as "-ldl") to "LDFLAGS" under
Mac OS X. This is harmless under recent versions of Mac OS X where
"libdl.dylib" is symbolic link to "libSystem.dylib". And it is necessary
under old versions of Mac OS X (Jaguar and older) where we need the
"libdl.dylib" from the "dlcompat" package.

This should finally fix PR pkg/36086 by John D. Baker.

Revision 1.119: download - view: text, markup, annotated - select for diffs
Mon Mar 26 11:44:18 2007 UTC (17 years, 8 months ago) by tron
Branches: MAIN
Diff to: previous 1.118: preferred, colored
Changes since revision 1.118: +5 -1 lines
Include "pkgsrc/devel/dlcompat/buildlink3.mk" when building this package
under Mac OS X. This should fix PR pkg/36086.

Revision 1.118: download - view: text, markup, annotated - select for diffs
Sun Dec 3 14:49:56 2006 UTC (18 years ago) by cbiere
Branches: MAIN
CVS tags: pkgsrc-2006Q4-base, pkgsrc-2006Q4
Diff to: previous 1.117: preferred, colored
Changes since revision 1.117: +5 -1 lines
Check for GCC on IRIX instead of assuming the native compiler is used.

Revision 1.117: download - view: text, markup, annotated - select for diffs
Sat Sep 30 04:20:24 2006 UTC (18 years, 2 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2006Q3-base, pkgsrc-2006Q3
Diff to: previous 1.116: preferred, colored
Changes since revision 1.116: +2 -2 lines
Apply patches which fixes recent security problem of OpenSSL.

	http://secunia.com/advisories/22130/

Bump PKGREVISION.

Revision 1.115.4.1: download - view: text, markup, annotated - select for diffs
Thu Sep 7 11:32:00 2006 UTC (18 years, 3 months ago) by ghen
Branches: pkgsrc-2006Q2
Diff to: previous 1.115: preferred, colored; next MAIN 1.116: preferred, colored
Changes since revision 1.115: +2 -2 lines
Pullup ticket 1817 - requested by adrianp
security fix for openssl

Revisions pulled up:
- pkgsrc/security/openssl/Makefile			1.116
- pkgsrc/security/openssl/distinfo			1.52
- pkgsrc/security/openssl/patches/patch-am		1.3

   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Thu Sep  7 09:44:31 UTC 2006

   Modified Files:
	pkgsrc/security/openssl: Makefile distinfo
   Added Files:
	pkgsrc/security/openssl/patches: patch-am

   Log Message:
   Add a patch to address CVE-2006-4339

Revision 1.116: download - view: text, markup, annotated - select for diffs
Thu Sep 7 09:44:31 2006 UTC (18 years, 3 months ago) by adrianp
Branches: MAIN
Diff to: previous 1.115: preferred, colored
Changes since revision 1.115: +2 -2 lines
Add a patch to address CVE-2006-4339

Revision 1.115: download - view: text, markup, annotated - select for diffs
Tue Mar 14 16:00:42 2006 UTC (18 years, 8 months ago) by jlam
Branches: MAIN
CVS tags: pkgsrc-2006Q2-base, pkgsrc-2006Q1-base, pkgsrc-2006Q1
Branch point for: pkgsrc-2006Q2
Diff to: previous 1.114: preferred, colored
Changes since revision 1.114: +2 -2 lines
Drop maintainership for packages that I no longer have time to maintain.

Revision 1.114: download - view: text, markup, annotated - select for diffs
Thu Mar 2 03:28:07 2006 UTC (18 years, 9 months ago) by grant
Branches: MAIN
Diff to: previous 1.113: preferred, colored
Changes since revision 1.113: +17 -6 lines
add support for Solaris/i386 and x86_64, and fallback to the configure
script's auto detection for other archs.

Revision 1.113: download - view: text, markup, annotated - select for diffs
Sun Feb 5 23:10:45 2006 UTC (18 years, 10 months ago) by joerg
Branches: MAIN
Diff to: previous 1.112: preferred, colored
Changes since revision 1.112: +2 -1 lines
Recursive revision bump / recommended bump for gettext ABI change.

Revision 1.112: download - view: text, markup, annotated - select for diffs
Thu Dec 29 06:22:11 2005 UTC (18 years, 11 months ago) by jlam
Branches: MAIN
Diff to: previous 1.111: preferred, colored
Changes since revision 1.111: +1 -2 lines
Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.

Revision 1.111: download - view: text, markup, annotated - select for diffs
Sat Dec 17 05:20:23 2005 UTC (18 years, 11 months ago) by jlam
Branches: MAIN
CVS tags: pkgsrc-2005Q4-base, pkgsrc-2005Q4
Diff to: previous 1.110: preferred, colored
Changes since revision 1.110: +2 -2 lines
Change my MAINTAINER email address to the one I've been using for
pkgsrc work.

Revision 1.110: download - view: text, markup, annotated - select for diffs
Mon Dec 5 23:55:18 2005 UTC (19 years ago) by rillig
Branches: MAIN
Diff to: previous 1.109: preferred, colored
Changes since revision 1.109: +3 -3 lines
Ran "pkglint --autofix", which corrected some of the quoting issues in
CONFIGURE_ARGS.

Revision 1.109: download - view: text, markup, annotated - select for diffs
Mon Dec 5 20:50:57 2005 UTC (19 years ago) by rillig
Branches: MAIN
Diff to: previous 1.108: preferred, colored
Changes since revision 1.108: +2 -2 lines
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html

Revision 1.106.2.2: download - view: text, markup, annotated - select for diffs
Sat Oct 15 11:19:10 2005 UTC (19 years, 1 month ago) by salo
Branches: pkgsrc-2005Q3
Diff to: previous 1.106.2.1: preferred, colored; branchpoint 1.106: preferred, colored; next MAIN 1.107: preferred, colored
Changes since revision 1.106.2.1: +2 -2 lines
Pullup ticket 833 - requested by Johnny C. Lam
openssl update (abi changes)

Revisions pulled up:
- pkgsrc/security/openssl/Makefile		1.108
- pkgsrc/security/openssl/distinfo		1.47

   Module Name:		pkgsrc
   Committed By:	jlam
   Date:		Sat Oct 15 06:29:58 UTC 2005

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update security/openssl from 0.9.7h to 0.9.7i.  Changes from version
   0.9.7h include fixing a shared library upgrade problem where openssl-0.9.7h
   had a different ABI than previous 0.9.7 sub-revisions due to a changed
   constant.

Revision 1.108: download - view: text, markup, annotated - select for diffs
Sat Oct 15 06:29:58 2005 UTC (19 years, 1 month ago) by jlam
Branches: MAIN
Diff to: previous 1.107: preferred, colored
Changes since revision 1.107: +2 -2 lines
Update security/openssl from 0.9.7h to 0.9.7i.  Changes from version
0.9.7h include fixing a shared library upgrade problem where openssl-0.9.7h
had a different ABI than previous 0.9.7 sub-revisions due to a changed
constant.

Revision 1.106.2.1: download - view: text, markup, annotated - select for diffs
Thu Oct 13 13:21:07 2005 UTC (19 years, 1 month ago) by salo
Branches: pkgsrc-2005Q3
Diff to: previous 1.106: preferred, colored
Changes since revision 1.106: +10 -10 lines
Pullup tickets 822 and 825 - requested by Johnny C. Lam
security update for openssl

Revisions pulled up:
- pkgsrc/security/openssl/Makefile		1.107
- pkgsrc/security/openssl/PLIST.common		1.11
- pkgsrc/security/openssl/builtin.mk		1.16, 1.17
- pkgsrc/security/openssl/distinfo		1.46
- pkgsrc/security/openssl/patches/patch-aa	1.18
- pkgsrc/security/openssl/patches/patch-ac	1.28
- pkgsrc/security/openssl/patches/patch-ad	1.15
- pkgsrc/security/openssl/patches/patch-af	1.17

   Module Name:		pkgsrc
   Committed By:	jlam
   Date:		Tue Oct 11 17:19:21 UTC 2005

   Modified Files:
   	pkgsrc/security/openssl: Makefile PLIST.common distinfo
   	pkgsrc/security/openssl/patches: patch-aa patch-ac patch-ad patch-af

   Log Message:
   Update security/openssl to version 0.9.7h.  This is a security
   vulnerability triggered update due to CAN-2005-2969.  Changes from
   version 0.9.7f include:

         o Fix SSL 2.0 Rollback, CAN-2005-2969
         o Allow use of fixed-length exponent on DSA signing
         o Default fixed-window RSA, DSA, DH private-key operations
         o More compilation issues fixed.
         o Adaptation to more modern Kerberos API.
         o Enhanced or corrected configuration for Solaris64, Mingw
           and Cygwin.
         o Enhanced x86_64 assembler BIGNUM module.
         o More constification.
         o Added processing of proxy certificates (RFC 3820).
---
   Module Name:		pkgsrc
   Committed By:	jlam
   Date:		Wed Oct 12 02:00:03 UTC 2005

   Modified Files:
   	pkgsrc/security/openssl: builtin.mk

   Log Message:
   Remove leading "-" from version number when matching the openssl-0.9.6g
   from the netbsd-1-6 branch with the 20040401 fix.
---
   Module Name:		pkgsrc
   Committed By:	jlam
   Date:		Wed Oct 12 02:20:10 UTC 2005

   Modified Files:
   	pkgsrc/security/openssl: builtin.mk

   Log Message:
   If the native openssl-0.9.7d contains the security fixes pulled up to
   the netbsd-2-0, netbsd-2, and netbsd-3-0 branches on 2005-10-11, then
   for the purposes of satisfying dependencies, pretend it's openssl-0.9.7h.

Revision 1.107: download - view: text, markup, annotated - select for diffs
Tue Oct 11 17:19:21 2005 UTC (19 years, 1 month ago) by jlam
Branches: MAIN
Diff to: previous 1.106: preferred, colored
Changes since revision 1.106: +10 -10 lines
Update security/openssl to version 0.9.7h.  This is a security
vulnerability triggered update due to CAN-2005-2969.  Changes from
version 0.9.7f include:

      o Fix SSL 2.0 Rollback, CAN-2005-2969
      o Allow use of fixed-length exponent on DSA signing
      o Default fixed-window RSA, DSA, DH private-key operations
      o More compilation issues fixed.
      o Adaptation to more modern Kerberos API.
      o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin.
      o Enhanced x86_64 assembler BIGNUM module.
      o More constification.
      o Added processing of proxy certificates (RFC 3820).

Revision 1.106: download - view: text, markup, annotated - select for diffs
Sat Jul 16 01:19:18 2005 UTC (19 years, 4 months ago) by jlam
Branches: MAIN
CVS tags: pkgsrc-2005Q3-base
Branch point for: pkgsrc-2005Q3
Diff to: previous 1.105: preferred, colored
Changes since revision 1.105: +2 -3 lines
Get rid of USE_PERL5.  The new way to express needing the Perl executable
around at either build-time or at run-time is:

	USE_TOOLS+=	perl		# build-time
	USE_TOOLS+=	perl:run	# run-time

Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.

Revision 1.105: download - view: text, markup, annotated - select for diffs
Sat Jun 11 22:16:15 2005 UTC (19 years, 6 months ago) by jlam
Branches: MAIN
CVS tags: pkgsrc-2005Q2-base, pkgsrc-2005Q2
Diff to: previous 1.104: preferred, colored
Changes since revision 1.104: +16 -1 lines
Some shells don't accept empty word lists in for loops.  For those
Makefiles where this occurs, edit the file so that we avoid running
the loop.  This should fix PR pkg/28809.

Revision 1.104: download - view: text, markup, annotated - select for diffs
Sun May 22 20:08:30 2005 UTC (19 years, 6 months ago) by jlam
Branches: MAIN
Diff to: previous 1.103: preferred, colored
Changes since revision 1.103: +2 -2 lines
Remove USE_GNU_TOOLS and replace with the correct USE_TOOLS definitions:

	USE_GNU_TOOLS	-> USE_TOOLS
	awk		-> gawk
	m4		-> gm4
	make		-> gmake
	sed		-> gsed
	yacc		-> bison

Revision 1.103: download - view: text, markup, annotated - select for diffs
Mon Apr 11 21:47:14 2005 UTC (19 years, 8 months ago) by tv
Branches: MAIN
Diff to: previous 1.102: preferred, colored
Changes since revision 1.102: +1 -2 lines
Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.

Revision 1.102: download - view: text, markup, annotated - select for diffs
Wed Mar 23 09:06:38 2005 UTC (19 years, 8 months ago) by jlam
Branches: MAIN
Diff to: previous 1.101: preferred, colored
Changes since revision 1.101: +4 -6 lines
Update security/openssl to openssl-0.9.7f.

Pkgsrc changes from version 0.9.7e include:

  *) Install the man pages with names that are less likely to collide
     with other packages' man pages.
  *) Support PKG_OPTIONS of "idea", "mdc2" and "rc5" to allow building
     with patented algorithms.  By default, this package still builds
     without patented algorithms.

Major changes from version 0.9.7e include:

  *) Prompt for pass phrases when appropriate for PKCS12 input format.
  *) Back-port of selected performance improvements from development
     branch, as well as improved support for PowerPC platforms.
  *) Add lots of checks for memory allocation failure, error codes to indicate
     failure and freeing up memory if a failure occurs.
  *) Add new -passin argument to dgst.
  *) Make an explicit check during certificate validation to see that
     the CA setting in each certificate on the chain is correct.

Revision 1.101: download - view: text, markup, annotated - select for diffs
Wed Feb 2 23:43:42 2005 UTC (19 years, 10 months ago) by jlam
Branches: MAIN
CVS tags: pkgsrc-2005Q1-base, pkgsrc-2005Q1
Diff to: previous 1.100: preferred, colored
Changes since revision 1.100: +22 -6 lines
Modify openssl/Makefile so that it's easier to test the -STABLE and
-SNAP OpenSSL snapshots.

Revision 1.100: download - view: text, markup, annotated - select for diffs
Thu Jan 13 18:34:47 2005 UTC (19 years, 10 months ago) by jlam
Branches: MAIN
Diff to: previous 1.99: preferred, colored
Changes since revision 1.99: +2 -1 lines
Bump PKGREVISION to 1 as a result of fixing the run-time behavior of
openssl on sparc64 and amd64 in the previous commit.

Revision 1.99: download - view: text, markup, annotated - select for diffs
Sat Dec 25 22:11:26 2004 UTC (19 years, 11 months ago) by jlam
Branches: MAIN
Diff to: previous 1.98: preferred, colored
Changes since revision 1.98: +1 -2 lines
Alter patches to make them more likely to be accepted back by the
OpenSSL project.  Also use the sparcv9 MD5 assembly routines on
NetBSD/sparc64.

Revision 1.98: download - view: text, markup, annotated - select for diffs
Fri Dec 24 22:02:38 2004 UTC (19 years, 11 months ago) by jlam
Branches: MAIN
Diff to: previous 1.97: preferred, colored
Changes since revision 1.97: +33 -60 lines
Update security/openssl to 0.9.7e.  Changes from openssl-0.9.6m are
too numerous to be listed here, but include adding a new DES API
(support for the old one is still present).

Changes to the pkgsrc structure include:

* Install the shared libraries with a version number that matches the
  OpenSSL version number

* Move some of the less often-used c_* utilities back into the examples
  directory.

* Drop support for using the RSAREF library and always use the built-in
  RSA code instead.

Revision 1.97: download - view: text, markup, annotated - select for diffs
Fri Dec 17 23:08:36 2004 UTC (19 years, 11 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2004Q4-base, pkgsrc-2004Q4
Diff to: previous 1.96: preferred, colored
Changes since revision 1.96: +2 -2 lines
Update to 0.9.6mnb2: Don't install (deprecated) der_chop example
script, since it has insecure temp file handling.

Revision 1.96: download - view: text, markup, annotated - select for diffs
Sun Oct 3 00:18:11 2004 UTC (20 years, 2 months ago) by tv
Branches: MAIN
Diff to: previous 1.95: preferred, colored
Changes since revision 1.95: +2 -1 lines
Libtool fix for PR pkg/26633, and other issues.  Update libtool to 1.5.10
in the process.  (More information on tech-pkg.)

Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.

Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.

Revision 1.95: download - view: text, markup, annotated - select for diffs
Sun Aug 22 19:32:52 2004 UTC (20 years, 3 months ago) by jlam
Branches: MAIN
CVS tags: pkgsrc-2004Q3-base, pkgsrc-2004Q3
Diff to: previous 1.94: preferred, colored
Changes since revision 1.94: +3 -7 lines
Change the way that legacy USE_* and FOO_USE_* options are converted
into the bsd.options.mk framework.  Instead of appending to
${PKG_OPTIONS_VAR}, it appends to PKG_DEFAULT_OPTIONS.  This causes
the default options to be the union of PKG_DEFAULT_OPTIONS and any
old USE_* and FOO_USE_* settings.

This fixes PR pkg/26590.

Revision 1.94: download - view: text, markup, annotated - select for diffs
Thu Aug 5 02:45:28 2004 UTC (20 years, 4 months ago) by jlam
Branches: MAIN
Diff to: previous 1.93: preferred, colored
Changes since revision 1.93: +5 -1 lines
Document the "rsaref" build option.

Revision 1.93: download - view: text, markup, annotated - select for diffs
Fri Jul 30 21:05:42 2004 UTC (20 years, 4 months ago) by jlam
Branches: MAIN
Diff to: previous 1.92: preferred, colored
Changes since revision 1.92: +15 -2 lines
Convert to use bsd.options.mk.  The relevant options variable to set
for each package can be determined by invoking:

	make show-var VARNAME=PKG_OPTIONS_VAR

The old options are still supported unless the variable named in
PKG_OPTIONS_VAR is set within make(1) (usually via /etc/mk.conf).

Revision 1.92: download - view: text, markup, annotated - select for diffs
Fri Mar 26 08:33:49 2004 UTC (20 years, 8 months ago) by jlam
Branches: MAIN
CVS tags: pkgsrc-2004Q2-base, pkgsrc-2004Q2, pkgsrc-2004Q1-base, pkgsrc-2004Q1
Diff to: previous 1.91: preferred, colored
Changes since revision 1.91: +9 -2 lines
Consolidate all of the PLIST.* files that duplicated each other into a
single file PLIST.shlib.  Only have PLIST.${LOWER_OPSYS} if it differs
from PLIST.shlib.

Revision 1.91: download - view: text, markup, annotated - select for diffs
Fri Mar 26 06:16:16 2004 UTC (20 years, 8 months ago) by jlam
Branches: MAIN
Diff to: previous 1.90: preferred, colored
Changes since revision 1.90: +2 -2 lines
We can't use ${PKGBASE} on the left-hand side of an assignment since it's
not defined yet until bsd.pkg.mk.  Explicitly use "openssl" instead.  This
correctly forces NetBSD installations of openssl to use /etc/openssl as
the configuration file directory as originally intended.

Revision 1.90: download - view: text, markup, annotated - select for diffs
Fri Mar 26 05:41:10 2004 UTC (20 years, 8 months ago) by jlam
Branches: MAIN
Diff to: previous 1.89: preferred, colored
Changes since revision 1.89: +7 -2 lines
Add some mirror sites since the main OpenSSL site seems to be dead at the
moment.

Revision 1.89: download - view: text, markup, annotated - select for diffs
Fri Mar 26 02:22:38 2004 UTC (20 years, 8 months ago) by wiz
Branches: MAIN
Diff to: previous 1.88: preferred, colored
Changes since revision 1.88: +2 -3 lines
Update to 0.9.6m:
Changes between 0.9.6l and 0.9.6m  [17 Mar 2004]
  *) Fix null-pointer assignment in do_change_cipher_spec() revealed
     by using the Codenomicon TLS Test Tool (CAN-2004-0079)
     [Joe Orton, Steve Henson]

Revision 1.88: download - view: text, markup, annotated - select for diffs
Tue Mar 9 08:06:45 2004 UTC (20 years, 9 months ago) by reed
Branches: MAIN
Diff to: previous 1.87: preferred, colored
Changes since revision 1.87: +4 -4 lines
Don't build and install openssl with IDEA, MDC2, or RC5 support.

According to README, "RSA Security holds software patents on the
RC5 algorithm.  If you intend to use this cipher, you must contact
RSA Security for licensing conditions." And "The IDEA algorithm is
patented by Ascom ... They should be contacted if that algorithm
is to be used." The openssl FAQ says "For patent reasons, support
for IDEA, RC5 and MDC2 is disabled in this [Red Hat Linux] version."
The FAQ lists patent numbers and expiry dates of US patents:
MDC-2: 4,908,861 13/03/2007
IDEA:  5,214,703 25/05/2010
RC5:   5,724,428 03/03/2015

Now fee-based-commercial-use ACCEPTABLE_LICENSES is not needed.

Revision 1.87: download - view: text, markup, annotated - select for diffs
Sun Feb 29 00:36:45 2004 UTC (20 years, 9 months ago) by grant
Branches: MAIN
Diff to: previous 1.86: preferred, colored
Changes since revision 1.86: +2 -1 lines
include mk/compiler.mk before testing ${CC}

Revision 1.86: download - view: text, markup, annotated - select for diffs
Tue Feb 17 14:26:47 2004 UTC (20 years, 9 months ago) by jlam
Branches: MAIN
Diff to: previous 1.85: preferred, colored
Changes since revision 1.85: +2 -1 lines
Don't use sysctl to determine the machine arch when ${MACHINE_ARCH} already
has the correct value.  Fixes build on NetBSD-1.5.3/sparc, which doesn't
understand "sysctl hw.machine_arch", reported in PR 24448.

Revision 1.85: download - view: text, markup, annotated - select for diffs
Mon Jan 5 22:39:11 2004 UTC (20 years, 11 months ago) by jlam
Branches: MAIN
Diff to: previous 1.84: preferred, colored
Changes since revision 1.84: +6 -5 lines
bl3ify

Revision 1.84: download - view: text, markup, annotated - select for diffs
Wed Nov 19 02:57:44 2003 UTC (21 years ago) by jschauma
Branches: MAIN
CVS tags: pkgsrc-2003Q4-base, pkgsrc-2003Q4
Diff to: previous 1.83: preferred, colored
Changes since revision 1.83: +2 -2 lines
textproc/glimpse and security/openssl no longer conflict, as openssl
does no longer install bin/cast.  Noted by Bernhard Riedel.

Revision 1.83: download - view: text, markup, annotated - select for diffs
Wed Nov 19 02:52:46 2003 UTC (21 years ago) by jschauma
Branches: MAIN
Diff to: previous 1.82: preferred, colored
Changes since revision 1.82: +2 -3 lines
OpenSSL has not had base64 for a while now, so these two no longer need
to conflict.  Noted by Bernhard Riedel.

Revision 1.82: download - view: text, markup, annotated - select for diffs
Wed Nov 12 03:35:45 2003 UTC (21 years ago) by jschauma
Branches: MAIN
Diff to: previous 1.81: preferred, colored
Changes since revision 1.81: +2 -2 lines
Update to openssl-0.9.6l:

  *) Fix additional bug revealed by the NISCC test suite:

     Stop bug triggering large recursion when presented with
     certain ASN.1 tags (CAN-2003-0851)
     [Steve Henson]

Revision 1.81: download - view: text, markup, annotated - select for diffs
Thu Oct 2 02:34:39 2003 UTC (21 years, 2 months ago) by jschauma
Branches: MAIN
Diff to: previous 1.80: preferred, colored
Changes since revision 1.80: +2 -3 lines
Update to 0.9.6k:

 Changes between 0.9.6j and 0.9.6k  [30 Sep 2003]

  *) Fix various bugs revealed by running the NISCC test suite:

     Stop out of bounds reads in the ASN1 code when presented with
     invalid tags (CAN-2003-0543 and CAN-2003-0544).

     If verify callback ignores invalid public key errors don't try to check
     certificate signature with the NULL public key.

     [Steve Henson]

  *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
     if the server requested one: as stated in TLS 1.0 and SSL 3.0
     specifications.
     [Steve Henson]

  *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
     extra data after the compression methods not only for TLS 1.0
     but also for SSL 3.0 (as required by the specification).
     [Bodo Moeller; problem pointed out by Matthias Loepfe]

  *) Change X509_certificate_type() to mark the key as exported/exportable
     when it's 512 *bits* long, not 512 bytes.
     [Richard Levitte]

 Changes between 0.9.6i and 0.9.6j  [10 Apr 2003]

  *) Countermeasure against the Klima-Pokorny-Rosa extension of
     Bleichbacher's attack on PKCS #1 v1.5 padding: treat
     a protocol version number mismatch like a decryption error
     in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
     [Bodo Moeller]

  *) Turn on RSA blinding by default in the default implementation
     to avoid a timing attack. Applications that don't want it can call
     RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
     They would be ill-advised to do so in most cases.
     [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]

  *) Change RSA blinding code so that it works when the PRNG is not
     seeded (in this case, the secret RSA exponent is abused as
     an unpredictable seed -- if it is not unpredictable, there
     is no point in blinding anyway).  Make RSA blinding thread-safe
     by remembering the creator's thread ID in rsa->blinding and
     having all other threads use local one-time blinding factors
     (this requires more computation than sharing rsa->blinding, but
     avoids excessive locking; and if an RSA object is not shared
     between threads, blinding will still be very fast).
     [Bodo Moeller]

 Changes between 0.9.6h and 0.9.6i  [19 Feb 2003]

  *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
     via timing by performing a MAC computation even if incorrrect
     block cipher padding has been found.  This is a countermeasure
     against active attacks where the attacker has to distinguish
     between bad padding and a MAC verification error. (CAN-2003-0078)

     [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
     Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
     Martin Vuagnoux (EPFL, Ilion)]

 Changes between 0.9.6g and 0.9.6h  [5 Dec 2002]

  *) New function OPENSSL_cleanse(), which is used to cleanse a section of
     memory from it's contents.  This is done with a counter that will
     place alternating values in each byte.  This can be used to solve
     two issues: 1) the removal of calls to memset() by highly optimizing
     compilers, and 2) cleansing with other values than 0, since those can
     be read through on certain media, for example a swap space on disk.
     [Geoff Thorpe]

  *) Bugfix: client side session caching did not work with external caching,
     because the session->cipher setting was not restored when reloading
     from the external cache. This problem was masked, when
     SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
     (Found by Steve Haslam <steve@araqnid.ddts.net>.)
     [Lutz Jaenicke]

  *) Fix client_certificate (ssl/s2_clnt.c): The permissible total
     length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
     [Zeev Lieber <zeev-l@yahoo.com>]

  *) Undo an undocumented change introduced in 0.9.6e which caused
     repeated calls to OpenSSL_add_all_ciphers() and
     OpenSSL_add_all_digests() to be ignored, even after calling
     EVP_cleanup().
     [Richard Levitte]

  *) Change the default configuration reader to deal with last line not
     being properly terminated.
     [Richard Levitte]

  *) Change X509_NAME_cmp() so it applies the special rules on handling
     DN values that are of type PrintableString, as well as RDNs of type
     emailAddress where the value has the type ia5String.
     [stefank@valicert.com via Richard Levitte]

  *) Add a SSL_SESS_CACHE_NO_INTERNAL_STORE flag to take over half
     the job SSL_SESS_CACHE_NO_INTERNAL_LOOKUP was inconsistently
     doing, define a new flag (SSL_SESS_CACHE_NO_INTERNAL) to be
     the bitwise-OR of the two for use by the majority of applications
     wanting this behaviour, and update the docs. The documented
     behaviour and actual behaviour were inconsistent and had been
     changing anyway, so this is more a bug-fix than a behavioural
     change.
     [Geoff Thorpe, diagnosed by Nadav Har'El]

  *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c
     (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).
     [Bodo Moeller]

  *) Fix initialization code race conditions in
        SSLv23_method(),  SSLv23_client_method(),   SSLv23_server_method(),
        SSLv2_method(),   SSLv2_client_method(),    SSLv2_server_method(),
        SSLv3_method(),   SSLv3_client_method(),    SSLv3_server_method(),
        TLSv1_method(),   TLSv1_client_method(),    TLSv1_server_method(),
        ssl2_get_cipher_by_char(),
        ssl3_get_cipher_by_char().
     [Patrick McCormick <patrick@tellme.com>, Bodo Moeller]

  *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
     the cached sessions are flushed, as the remove_cb() might use ex_data
     contents. Bug found by Sam Varshavchik <mrsam@courier-mta.com>
     (see [openssl.org #212]).
     [Geoff Thorpe, Lutz Jaenicke]

  *) Fix typo in OBJ_txt2obj which incorrectly passed the content
     length, instead of the encoding length to d2i_ASN1_OBJECT.
     [Steve Henson]

Revision 1.80: download - view: text, markup, annotated - select for diffs
Mon Sep 22 03:15:33 2003 UTC (21 years, 2 months ago) by grant
Branches: MAIN
Diff to: previous 1.79: preferred, colored
Changes since revision 1.79: +2 -3 lines
style nits

Revision 1.79: download - view: text, markup, annotated - select for diffs
Wed Sep 10 16:23:27 2003 UTC (21 years, 3 months ago) by jlam
Branches: MAIN
Diff to: previous 1.78: preferred, colored
Changes since revision 1.78: +37 -44 lines
Use the built-in HAS_CONFIGURE and TEST_TARGET infrastructure to do the
configure and test phases.

Revision 1.78: download - view: text, markup, annotated - select for diffs
Wed Sep 10 16:05:09 2003 UTC (21 years, 3 months ago) by jlam
Branches: MAIN
Diff to: previous 1.77: preferred, colored
Changes since revision 1.77: +4 -2 lines
Honor CFLAGS/LDFLAGS from the environment.

Revision 1.77: download - view: text, markup, annotated - select for diffs
Wed Sep 10 01:57:06 2003 UTC (21 years, 3 months ago) by jlam
Branches: MAIN
Diff to: previous 1.76: preferred, colored
Changes since revision 1.76: +1 -12 lines
Back out the make -> @MAKE@ -> ${MAKE} changes since we workaround the
bare "make" problem using tools.mk.

Revision 1.76: download - view: text, markup, annotated - select for diffs
Mon Aug 25 16:34:00 2003 UTC (21 years, 3 months ago) by jschauma
Branches: MAIN
Diff to: previous 1.75: preferred, colored
Changes since revision 1.75: +16 -2 lines
Several of the Makefile used in this package call 'make' directly.  If
an operating system does not have a 'make' (ie only bmake), or if the OS
supplied 'make' is sufficiently broken (Irix), this will cause the build to
fail (interestingly enough apparently only if build as a dependency, not
if build from this directory).
Patch Makefiles to use @MAKE@, which then, after patching, is substituted with
the actual ${MAKE} (can't use "MAKE= ${MAKE} -f Makefile.ssl").

While here, tweak Irix configure a bit.

Revision 1.1.1.2 (vendor branch): download - view: text, markup, annotated - select for diffs
Tue Jul 22 17:37:36 2003 UTC (21 years, 4 months ago) by taca
Branches: TNF
CVS tags: pkg-base
Diff to: previous 1.1.1.1: preferred, colored
Changes since revision 1.1.1.1: +31 -102 lines
Re-import security/ruby-openssl 0.1.4.1.

Revision 1.75: download - view: text, markup, annotated - select for diffs
Thu Jul 17 22:53:02 2003 UTC (21 years, 4 months ago) by grant
Branches: MAIN
Diff to: previous 1.74: preferred, colored
Changes since revision 1.74: +2 -2 lines
s/netbsd.org/NetBSD.org/

Revision 1.74: download - view: text, markup, annotated - select for diffs
Sat Jul 12 13:25:23 2003 UTC (21 years, 5 months ago) by dillo
Branches: MAIN
Diff to: previous 1.73: preferred, colored
Changes since revision 1.73: +2 -2 lines
don't define test target directly, use do-test instead

Revision 1.73: download - view: text, markup, annotated - select for diffs
Wed Jul 2 13:03:25 2003 UTC (21 years, 5 months ago) by grant
Branches: MAIN
Diff to: previous 1.72: preferred, colored
Changes since revision 1.72: +6 -8 lines
style nits, join two .if's.

Revision 1.72: download - view: text, markup, annotated - select for diffs
Wed Jul 2 13:00:46 2003 UTC (21 years, 5 months ago) by grant
Branches: MAIN
Diff to: previous 1.71: preferred, colored
Changes since revision 1.71: +6 -2 lines
more brutally attack the CONFIGURE_ARGS target issue on Solaris.
force gcc if *gcc* - Sun's compiler is never going to be installed
into a path with 'gcc' in it(!)

Revision 1.71: download - view: text, markup, annotated - select for diffs
Fri Jun 27 02:36:36 2003 UTC (21 years, 5 months ago) by jschauma
Branches: MAIN
Diff to: previous 1.70: preferred, colored
Changes since revision 1.70: +6 -1 lines
Make this work on IRIX64.

Revision 1.70: download - view: text, markup, annotated - select for diffs
Tue Jun 10 18:02:26 2003 UTC (21 years, 6 months ago) by jschauma
Branches: MAIN
Diff to: previous 1.69: preferred, colored
Changes since revision 1.69: +2 -2 lines
Rename PLIST.irix6 to PLIST.irix to match the others and set the
PLIST_SRC accordingly after we recently set LOWER_OPSYS on IRIX to what
most applications seem to expect (ie irix6.5 rather than irix6).

Revision 1.69: download - view: text, markup, annotated - select for diffs
Mon Jun 2 01:17:13 2003 UTC (21 years, 6 months ago) by jschauma
Branches: MAIN
Diff to: previous 1.68: preferred, colored
Changes since revision 1.68: +2 -2 lines
Use tech-pkg@ in favor of packages@ as MAINTAINER for orphaned packages.
Should anybody feel like they could be the maintainer for any of thewe packages,
please adjust.

Revision 1.68: download - view: text, markup, annotated - select for diffs
Thu Apr 17 12:32:32 2003 UTC (21 years, 7 months ago) by wiz
Branches: MAIN
Diff to: previous 1.67: preferred, colored
Changes since revision 1.67: +1 -13 lines
Remove a paragraph with the following comment:
# This hack goes away, once we formally de-support NetBSD-1.4.x.
We did that half a year ago.

Revision 1.67: download - view: text, markup, annotated - select for diffs
Fri Mar 21 18:40:48 2003 UTC (21 years, 8 months ago) by seb
Branches: MAIN
Diff to: previous 1.66: preferred, colored
Changes since revision 1.66: +2 -2 lines
* Add patch from http://www.openssl.org/news/secadv_20030317.txt:

Researchers have discovered a timing attack on RSA keys, to which
OpenSSL is generally vulnerable, unless RSA blinding has been turned
on.

Typically, it will not have been, because it is not easily possible to
do so when using OpenSSL to provide SSL or TLS.

The enclosed patch switches blinding on by default. Applications that
wish to can remove the blinding with RSA_blinding_off(), but this is
not generally advised. It is also possible to disable it completely by
defining OPENSSL_NO_FORCE_RSA_BLINDING at compile-time.

The performance impact of blinding appears to be small (a few
percent).

This problem affects many applications using OpenSSL, in particular,
almost all SSL-enabled Apaches. You should rebuild and reinstall
OpenSSL, and all affected applications.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0147 to this issue.

* Add patch from http://www.openssl.org/news/secadv_20030319.txt:

Czech cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa
have come up with an extension of the "Bleichenbacher attack" on RSA
with PKCS #1 v1.5 padding as used in SSL 3.0 and TLS 1.0.  Their
attack requires the attacker to open millions of SSL/TLS connections
to the server under attack; the server's behaviour when faced with
specially made-up RSA ciphertexts can reveal information that in
effect allows the attacker to perform a single RSA private key
operation on a ciphertext of its choice using the server's RSA key.
Note that the server's RSA key is not compromised in this attack.

* Bump PKGREVISION.

Revision 1.66: download - view: text, markup, annotated - select for diffs
Thu Feb 20 07:59:24 2003 UTC (21 years, 9 months ago) by wiz
Branches: MAIN
Diff to: previous 1.65: preferred, colored
Changes since revision 1.65: +2 -1 lines
Add patch from http://www.openssl.org/news/secadv_20030219.txt:
In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
via timing by performing a MAC computation even if incorrrect
block cipher padding has been found.  This is a countermeasure
against active attacks where the attacker has to distinguish
between bad padding and a MAC verification error. (CAN-2003-0078)

Bump PKGREVISION.

Revision 1.65: download - view: text, markup, annotated - select for diffs
Tue Jan 28 22:04:07 2003 UTC (21 years, 10 months ago) by jlam
Branches: MAIN
CVS tags: netbsd-1-6-1-base, netbsd-1-6-1
Diff to: previous 1.64: preferred, colored
Changes since revision 1.64: +2 -2 lines
Instead of including bsd.pkg.install.mk directly in a package Makefile,
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES".  This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile.  Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.

Revision 1.64: download - view: text, markup, annotated - select for diffs
Thu Jan 23 02:23:21 2003 UTC (21 years, 10 months ago) by grant
Branches: MAIN
Diff to: previous 1.63: preferred, colored
Changes since revision 1.63: +2 -2 lines
strip leading path from $CC so we don't try to run Configure with args
eg. 'solaris-sparcv7-/usr/pkg/bin/gcc' :-)

Revision 1.63: download - view: text, markup, annotated - select for diffs
Sat Dec 7 02:39:03 2002 UTC (22 years ago) by schmonz
Branches: MAIN
Diff to: previous 1.62: preferred, colored
Changes since revision 1.62: +2 -2 lines
Replace IGNORE with PKG_FAIL_REASON or PKG_SKIP_REASON as appropriate.

Revision 1.62: download - view: text, markup, annotated - select for diffs
Sat Nov 30 05:13:23 2002 UTC (22 years ago) by uebayasi
Branches: MAIN
Diff to: previous 1.61: preferred, colored
Changes since revision 1.61: +2 -2 lines
Explicitly specify the path to Perl5 executable for configure script.

Reported by Jonathan Perkin in PR19205.

Revision 1.61: download - view: text, markup, annotated - select for diffs
Sat Sep 7 07:17:00 2002 UTC (22 years, 3 months ago) by jlam
Branches: MAIN
Diff to: previous 1.60: preferred, colored
Changes since revision 1.60: +4 -3 lines
Use buildlink2 and pass an extra flag to the configure script so that if
RSAref is used, then the library may be found.

Revision 1.60: download - view: text, markup, annotated - select for diffs
Sun Aug 25 19:23:17 2002 UTC (22 years, 3 months ago) by jlam
Branches: MAIN
Diff to: previous 1.59: preferred, colored
Changes since revision 1.59: +1 -1 lines
Merge changes in packages from the buildlink2 branch that have
buildlink2.mk files back into the main trunk.

Revision 1.49.2.2: download - view: text, markup, annotated - select for diffs
Thu Aug 22 11:12:22 2002 UTC (22 years, 3 months ago) by jlam
Branches: buildlink2
Diff to: previous 1.49.2.1: preferred, colored; branchpoint 1.49: preferred, colored; next MAIN 1.50: preferred, colored
Changes since revision 1.49.2.1: +49 -111 lines
Merge changes from pkgsrc-current into the buildlink2 branch for the
packages that have buildlink2.mk files.

Revision 1.57.4.1: download - view: text, markup, annotated - select for diffs
Tue Aug 20 12:33:49 2002 UTC (22 years, 3 months ago) by agc
Branches: netbsd-1-6
Diff to: previous 1.57: preferred, colored; next MAIN 1.58: preferred, colored
Changes since revision 1.57: +7 -2 lines
Pullup revisions 1.58 and 1.59 to the 1.6 pkgsrc branch.

Requested by Thomas Klausner.

> Date: Mon, 19 Aug 2002 18:17:57 +0300 (EEST)
> From: Thomas Klausner <wiz@netbsd.org>
>
> Module Name:    pkgsrc
> Committed By:   wiz
> Date:           Mon Aug 19 15:17:56 UTC 2002
>
> Modified Files:
>         pkgsrc/security/openssl: Makefile
>
> Log Message:
> Compile no-shared on 1.4.x. This makes the package install and work for me
> on 1.4.2/i386. Approved by agc.

> Date: Mon, 19 Aug 2002 19:00:07 +0300 (EEST)
> From: Thomas Klausner <wiz@netbsd.org>
>
> Module Name:    pkgsrc
> Committed By:   wiz
> Date:           Mon Aug 19 16:00:07 UTC 2002
>
> Modified Files:
>         pkgsrc/security/openssl: Makefile
>
> Log Message:
> Fix a comment, and improve pattern to also work on netbsd-1-4.

Revision 1.59: download - view: text, markup, annotated - select for diffs
Mon Aug 19 16:00:06 2002 UTC (22 years, 3 months ago) by wiz
Branches: MAIN
CVS tags: buildlink2-base
Diff to: previous 1.58: preferred, colored
Changes since revision 1.58: +3 -3 lines
Fix a comment, and improve pattern to also work on netbsd-1-4.

Revision 1.58: download - view: text, markup, annotated - select for diffs
Mon Aug 19 15:17:55 2002 UTC (22 years, 3 months ago) by wiz
Branches: MAIN
Diff to: previous 1.57: preferred, colored
Changes since revision 1.57: +6 -1 lines
Compile no-shared on 1.4.x. This makes the package install and work for me
on 1.4.2/i386. Approved by agc.

Revision 1.57: download - view: text, markup, annotated - select for diffs
Thu Aug 15 19:22:10 2002 UTC (22 years, 3 months ago) by fredb
Branches: MAIN
CVS tags: netbsd-1-6-RELEASE-base
Branch point for: netbsd-1-6
Diff to: previous 1.56: preferred, colored
Changes since revision 1.56: +16 -9 lines
Revert Makefile,v.1.56, as the NetBSD patches were causing intractable
problems for Solaris. Instead, handle patch for NetBSD-1.4.2 specially.

Revision 1.56: download - view: text, markup, annotated - select for diffs
Sat Aug 10 11:08:18 2002 UTC (22 years, 4 months ago) by fredb
Branches: MAIN
Diff to: previous 1.55: preferred, colored
Changes since revision 1.55: +4 -4 lines
It just occurred to me that the ${PATCHDIR} patches developed against the
NetBSD-patched codebase won't apply cleanly (or at all) without the NetBSD
patch. Therefore, remove the `.if ${OS}' condition for applying the patch,
so Solaris and Darwin start with the same codebase. Fix as needed.

Revision 1.55: download - view: text, markup, annotated - select for diffs
Sat Aug 10 04:50:31 2002 UTC (22 years, 4 months ago) by fredb
Branches: MAIN
Diff to: previous 1.54: preferred, colored
Changes since revision 1.54: +3 -4 lines
Update to 0.9.6g. The most significant change is this proof against
a stunning DoS vulnerability, fixed in 0.9.6f:

  *) Use proper error handling instead of 'assertions' in buffer
     overflow checks added in 0.9.6e.  This prevents DoS (the
     assertions could call abort()).
     [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]

Regenerate the netbsd patch. This is now a clean diff against the
vendor tag, with version-number-only changes elided.

Partially revert "crypto/dist/openssl/crypto/rand/randfile.c", version
1.4 (via additional pkgsrc patch), to give this a shot to compile on
NetBSD-1.4.2 and earlier, which had no strlcpy() or strlcat().

Assemble the shared library without "-Bsymbolic", mainly to give this
a shot at linking on NetBSD-a.out (untested).

Revision 1.54: download - view: text, markup, annotated - select for diffs
Fri Aug 9 14:45:05 2002 UTC (22 years, 4 months ago) by jlam
Branches: MAIN
Diff to: previous 1.53: preferred, colored
Changes since revision 1.53: +12 -11 lines
* Change the perl paths in the various build scripts to ${PERL5} and not
  ${LOCALBASE}/bin/perl.

* Refer to the make program used to drive the build and installation as
  "${MAKE_PROGRAM}".

* Instead of explicitly setting PKG_SYSCONFBASE=/etc, use the pkg-specific
  override PKG_SYSCONFDIR.openssl, and optionally set it so that the
  user still has the option of overriding its value.

* Use bsd.pkg.install.mk to install the default config file (openssl.cnf)
  and to create and remove the extra config directories.  This lets us
  reemove the extra lines in PLIST that do the same thing.

Revision 1.53: download - view: text, markup, annotated - select for diffs
Sun Aug 4 15:47:43 2002 UTC (22 years, 4 months ago) by fredb
Branches: MAIN
Diff to: previous 1.52: preferred, colored
Changes since revision 1.52: +33 -107 lines
Update openssl to 0.9.6e. This update fixes multiple vulnerabilities,
and also changes the ABI of "libcrypto" and "libssl". (So the shared
library majors and buildlink requirements are bumped, too.) The code
base is now synced perfectly with NetBSD HEAD and netbsd-1-6 branches
as of 2002-08-04, the optimization levels are reduced to "-O2", but
I've retained some of the processor optimization flags and different code
path #defines in the "Configure" script, just to keep things interesting.

The default "certs" directory on NetBSD is now "/etc/openssl/certs", to
give continuity to those who find themselves using the package system's
"openssl" after upgrading a package that formerly used the base system's.
[Suggested by itojun.] The best way to avoid such problems, however, is
to upgrade your base system *first*.

I'm making use of the new and improved build system as much as possible.
This gives us a cleaner way to make shared libraries and real man pages,
but loses many of the symlinks to the openssl binary.

I've culled items from the "CHANGES" file that appear to have security
implications or are particularly interesting for NetBSD users, below.
My comments are marked off with '===>'.

===> This is from the netbsd-20020804-patch

  *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
     and get fix the header length calculation.
     [Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>,
      Alon Kantor <alonk@checkpoint.com> (and others),
      Steve Henson]

 Changes between 0.9.6d and 0.9.6e  [30 Jul 2002]

  *) New option
          SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
     for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
     that was added in OpenSSL 0.9.6d.

     As the countermeasure turned out to be incompatible with some
     broken SSL implementations, the new option is part of SSL_OP_ALL.
     SSL_OP_ALL is usually employed when compatibility with weird SSL
     implementations is desired (e.g. '-bugs' option to 's_client' and
     's_server'), so the new option is automatically set in many
     applications.
     [Bodo Moeller]

  *) Changes in security patch:

     Changes marked "(CHATS)" were sponsored by the Defense Advanced
     Research Projects Agency (DARPA) and Air Force Research Laboratory,
     Air Force Materiel Command, USAF, under agreement number
     F30602-01-2-0537.

  *) Add various sanity checks to asn1_get_length() to reject
     the ASN1 length bytes if they exceed sizeof(long), will appear
     negative or the content length exceeds the length of the
     supplied buffer.
     [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]

  *) Assertions for various potential buffer overflows, not known to
     happen in practice.
     [Ben Laurie (CHATS)]

  *) Various temporary buffers to hold ASCII versions of integers were
     too small for 64 bit platforms. (CAN-2002-0655)
     [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>

  *) Remote buffer overflow in SSL3 protocol - an attacker could
     supply an oversized session ID to a client. (CAN-2002-0656)
     [Ben Laurie (CHATS)]

  *) Remote buffer overflow in SSL2 protocol - an attacker could
     supply an oversized client master key. (CAN-2002-0656)
     [Ben Laurie (CHATS)]

 Changes between 0.9.6c and 0.9.6d  [9 May 2002]

  *) Implement a countermeasure against a vulnerability recently found
     in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment
     before application data chunks to avoid the use of known IVs
     with data potentially chosen by the attacker.
     [Bodo Moeller]

 Changes between 0.9.6a and 0.9.6b  [9 Jul 2001]

  *) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
     to avoid a SSLeay/OpenSSL PRNG weakness pointed out by
     Markku-Juhani O. Saarinen <markku-juhani.saarinen@nokia.com>:
     PRNG state recovery was possible based on the output of
     one PRNG request appropriately sized to gain knowledge on
     'md' followed by enough consecutive 1-byte PRNG requests
     to traverse all of 'state'.

     1. When updating 'md_local' (the current thread's copy of 'md')
        during PRNG output generation, hash all of the previous
        'md_local' value, not just the half used for PRNG output.

     2. Make the number of bytes from 'state' included into the hash
        independent from the number of PRNG bytes requested.

     The first measure alone would be sufficient to avoid
     Markku-Juhani's attack.  (Actually it had never occurred
     to me that the half of 'md_local' used for chaining was the
     half from which PRNG output bytes were taken -- I had always
     assumed that the secret half would be used.)  The second
     measure makes sure that additional data from 'state' is never
     mixed into 'md_local' in small portions; this heuristically
     further strengthens the PRNG.
     [Bodo Moeller]

  *) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5
     RSA encryption was accidentally removed in s3_srvr.c in OpenSSL 0.9.5
     when fixing the server behaviour for backwards-compatible 'client
     hello' messages.  (Note that the attack is impractical against
     SSL 3.0 and TLS 1.0 anyway because length and version checking
     means that the probability of guessing a valid ciphertext is
     around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98
     paper.)

     Before 0.9.5, the countermeasure (hide the error by generating a
     random 'decryption result') did not work properly because
     ERR_clear_error() was missing, meaning that SSL_get_error() would
     detect the supposedly ignored error.

     Both problems are now fixed.
     [Bodo Moeller]

 Changes between 0.9.6 and 0.9.6a  [5 Apr 2001]

===> This is our ABI change.

  *) Rename 'des_encrypt' to 'des_encrypt1'.  This avoids the clashes
     with des_encrypt() defined on some operating systems, like Solaris
     and UnixWare.
     [Richard Levitte]

  *) Don't use getenv in library functions when run as setuid/setgid.
     New function OPENSSL_issetugid().
     [Ulf Moeller]

  *) Store verify_result within SSL_SESSION also for client side to
     avoid potential security hole. (Re-used sessions on the client side
     always resulted in verify_result==X509_V_OK, not using the original
     result of the server certificate verification.)
     [Lutz Jaenicke]

===> package doesn't doesn't do this. We'll bump major versions
===> as necessary.

  *) Make sure that shared libraries get the internal name engine with
     the full version number and not just 0.  This should mark the
     shared libraries as not backward compatible.  Of course, this should
     be changed again when we can guarantee backward binary compatibility.
     [Richard Levitte]


  *) Rework the system to generate shared libraries:

     - Make note of the expected extension for the shared libraries and
       if there is a need for symbolic links from for example libcrypto.so.0
       to libcrypto.so.0.9.7.  There is extended info in Configure for
       that.

     - Make as few rebuilds of the shared libraries as possible.

     - Still avoid linking the OpenSSL programs with the shared libraries.

     - When installing, install the shared libraries separately from the
       static ones.

Revision 1.52: download - view: text, markup, annotated - select for diffs
Sun Jul 28 05:36:29 2002 UTC (22 years, 4 months ago) by schmonz
Branches: MAIN
Diff to: previous 1.51: preferred, colored
Changes since revision 1.51: +2 -2 lines
Build on Darwin using patches from Apple's Darwin source repository,
via Fink.

Revision 1.51: download - view: text, markup, annotated - select for diffs
Wed Jul 24 19:45:27 2002 UTC (22 years, 4 months ago) by jlam
Branches: MAIN
Diff to: previous 1.50: preferred, colored
Changes since revision 1.50: +2 -2 lines
Change explicit build dependencies on perl into "USE_PERL5=build".  This
makes these packages build correctly on Darwin where perl>=5.8.0 is
required.

Revision 1.49.2.1: download - view: text, markup, annotated - select for diffs
Sun Jun 23 18:59:16 2002 UTC (22 years, 5 months ago) by jlam
Branches: buildlink2
Diff to: previous 1.49: preferred, colored
Changes since revision 1.49: +2 -3 lines
Merge from pkgsrc-current to buildlink2 branch.

Revision 1.50: download - view: text, markup, annotated - select for diffs
Wed May 8 11:44:51 2002 UTC (22 years, 7 months ago) by kleink
Branches: MAIN
CVS tags: pkgviews-base, pkgviews
Diff to: previous 1.49: preferred, colored
Changes since revision 1.49: +2 -3 lines
G/c references to ftp.uni-trier.de.

Revision 1.49: download - view: text, markup, annotated - select for diffs
Thu Nov 29 01:12:46 2001 UTC (23 years ago) by hubertf
Branches: MAIN
CVS tags: netbsd-1-5-PATCH003
Branch point for: buildlink2
Diff to: previous 1.48: preferred, colored
Changes since revision 1.48: +2 -2 lines
Get rid of manually adding "nbX" to PKGNAME when a pkg was changed in
pkgsrc. Instead, a new variable PKGREVISION is invented that can get
bumped independent of DISTNAME and PKGNAME.

Example #1:
        DISTNAME=       foo-X.Y
        PKGREVISION=    Z
     => PKGNAME=        foo-X.YnbZ

Example #2:
        DISTNAME=       barthing-X.Y
        PKGNAME=        bar-X.Y
        PKGREVISION=    Z
     => PKGNAME=        bar=X.YnbZ (!)

On subsequent changes, only PKGREVISION needs to be bumped, no more risk
of getting DISTNAME changed accidentally.

Revision 1.48: download - view: text, markup, annotated - select for diffs
Thu Oct 18 15:20:35 2001 UTC (23 years, 1 month ago) by veego
Branches: MAIN
Diff to: previous 1.47: preferred, colored
Changes since revision 1.47: +2 -1 lines
SVR4 packages have a limit of 9 chars for a package name.
The automatic truncation in gensolpkg doesn't work for packages which
have the same package name for the first 5-6 chars.
e.g. amanda-server and amanda-client would be named amanda and amanda.
Now, we add a SVR4_PKGNAME and use amacl for amanda-client and amase for
amanda-server.
All svr4 packages also have a vendor tag, so we have to reserve some chars
for this tag, which is normaly 3 or 4 chars. Thats why we can only use 6
or 5 chars for SVR4_PKGNAME. I used 5 for all the packages, to give the
vendor tag enough room.
All p5-* packages and a few other packages have now a SVR4_PKGNAME.

Revision 1.47: download - view: text, markup, annotated - select for diffs
Thu Oct 18 04:51:04 2001 UTC (23 years, 1 month ago) by tron
Branches: MAIN
Diff to: previous 1.46: preferred, colored
Changes since revision 1.46: +3 -2 lines
Add conflict between "glimpse" and "openssl" package. They both install
"bin/cast" in "${LOCALBASE}".

Revision 1.46: download - view: text, markup, annotated - select for diffs
Thu Sep 27 23:18:39 2001 UTC (23 years, 2 months ago) by jlam
Branches: MAIN
Diff to: previous 1.45: preferred, colored
Changes since revision 1.45: +2 -2 lines
Mechanical changes to 375 files to change dependency patterns of the form
foo-* to foo-[0-9]*.  This is to cause the dependencies to match only the
packages whose base package name is "foo", and not those named "foo-bar".
A concrete example is p5-Net-* matching p5-Net-DNS as well as p5-Net.  Also
change dependency examples in Packages.txt to reflect this.

Revision 1.45: download - view: text, markup, annotated - select for diffs
Fri Sep 14 14:17:10 2001 UTC (23 years, 2 months ago) by skrll
Branches: MAIN
Diff to: previous 1.44: preferred, colored
Changes since revision 1.44: +5 -5 lines
Super bump the major numbers for libssl and libcrypto so that they don't
conflict with the -current versions.

Revision 1.44: download - view: text, markup, annotated - select for diffs
Thu Aug 30 14:02:06 2001 UTC (23 years, 3 months ago) by skrll
Branches: MAIN
Diff to: previous 1.43: preferred, colored
Changes since revision 1.43: +2 -2 lines
Record libssl dependency on libcrypt.

This allows a mixture of 1.5.x openssl (version<0.9.5) and security/openssl
(version>=0.9.6) to actually work.

Revision 1.43: download - view: text, markup, annotated - select for diffs
Wed Jul 11 01:26:10 2001 UTC (23 years, 5 months ago) by wiz
Branches: MAIN
Diff to: previous 1.42: preferred, colored
Changes since revision 1.42: +2 -1 lines
Pull in security fix from basesrc by itojun. Commit message was:
fix PRNG weakness.  the workaround presented on bugtraq posting.
Update to 0.9.6nb1.

Revision 1.42: download - view: text, markup, annotated - select for diffs
Tue Jul 10 15:08:32 2001 UTC (23 years, 5 months ago) by tron
Branches: MAIN
Diff to: previous 1.41: preferred, colored
Changes since revision 1.41: +9 -3 lines
Add support for "SPARC_TARGET_ARCH".

Revision 1.41: download - view: text, markup, annotated - select for diffs
Tue May 22 09:46:17 2001 UTC (23 years, 6 months ago) by abs
Branches: MAIN
Diff to: previous 1.40: preferred, colored
Changes since revision 1.40: +2 -2 lines
We also work under Linux

Revision 1.40: download - view: text, markup, annotated - select for diffs
Fri May 11 22:24:16 2001 UTC (23 years, 7 months ago) by tron
Branches: MAIN
CVS tags: netbsd-1-5-PATCH001
Diff to: previous 1.39: preferred, colored
Changes since revision 1.39: +4 -11 lines
Move NetBSD only patches to a distribution patch file to avoid ugly
conditional patch hack.

Revision 1.39: download - view: text, markup, annotated - select for diffs
Mon Apr 30 04:16:11 2001 UTC (23 years, 7 months ago) by jlam
Branches: MAIN
Diff to: previous 1.38: preferred, colored
Changes since revision 1.38: +2 -2 lines
Change build dependency from perl-5.* to perl>=${PERL5_REQD}.  Also change
dependency from libperl-5.* to libperl>=${PERL5_REQD}.

Revision 1.38: download - view: text, markup, annotated - select for diffs
Tue Apr 17 23:32:34 2001 UTC (23 years, 7 months ago) by itojun
Branches: MAIN
Diff to: previous 1.37: preferred, colored
Changes since revision 1.37: +2 -2 lines
clarify comment on LICENSE line.

Revision 1.37: download - view: text, markup, annotated - select for diffs
Mon Apr 9 13:32:01 2001 UTC (23 years, 8 months ago) by tron
Branches: MAIN
Diff to: previous 1.36: preferred, colored
Changes since revision 1.36: +18 -22 lines
- Install new include files so that this package can be used to build
  applications again.
- Fix patch sum for Solaris.

Revision 1.36: download - view: text, markup, annotated - select for diffs
Mon Apr 9 04:29:23 2001 UTC (23 years, 8 months ago) by fredb
Branches: MAIN
Diff to: previous 1.35: preferred, colored
Changes since revision 1.35: +1 -1 lines
Update to OpenSSL 0.9.6. Update contributed by Dave Burgess,
in PR pkg/12569.

Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:

    o Some documentation for BIO and SSL libraries.
    o Enhanced chain verification using key identifiers.
    o New sign and verify options to 'dgst' application.
    o Support for DER and PEM encoded messages in 'smime' application.
    o New 'rsautl' application, low level RSA utility. [*]
    o MD4 now included.
    o Bugfix for SSL rollback padding check.
    o Support for external crypto devices [1].
    o Enhanced EVP interface.

[1] The support for external crypto devices is currently a separate
      distribution.  See the file README.ENGINE.
[*] Not installed with the package.

Revision 1.35: download - view: text, markup, annotated - select for diffs
Mon Apr 9 02:36:47 2001 UTC (23 years, 8 months ago) by fredb
Branches: MAIN
Diff to: previous 1.34: preferred, colored
Changes since revision 1.34: +3 -2 lines
Make an explicit BUILD_DEPENDS on perl5, rather than the run-time DEPENDS
that USE_PERL implies, as the core functionality of this package does not
depend on perl. The user can always install perl later, to format the "pod"
docs or to run the installed scripts.

Revision 1.34: download - view: text, markup, annotated - select for diffs
Thu Apr 5 14:00:55 2001 UTC (23 years, 8 months ago) by wiz
Branches: MAIN
Diff to: previous 1.33: preferred, colored
Changes since revision 1.33: +2 -2 lines
Standardize patch file names.

Revision 1.33: download - view: text, markup, annotated - select for diffs
Sat Mar 24 03:55:15 2001 UTC (23 years, 8 months ago) by fredb
Branches: MAIN
Diff to: previous 1.32: preferred, colored
Changes since revision 1.32: +10 -4 lines
- -Supply the customary symlinks for NetBSD/ELF.
- -Make the "test" target work.
- -Allow the user to set USE_RSAREF2. (It works!) Not sure why you'd
    ever want to...

Revision 1.32: download - view: text, markup, annotated - select for diffs
Thu Mar 1 13:57:53 2001 UTC (23 years, 9 months ago) by hubertf
Branches: MAIN
Diff to: previous 1.31: preferred, colored
Changes since revision 1.31: +2 -2 lines
Revert rev. 1.30 which didn't do anything with MKDIR but rather
bumbed the version accidentally.

Revision 1.31: download - view: text, markup, annotated - select for diffs
Tue Feb 27 18:21:25 2001 UTC (23 years, 9 months ago) by wiz
Branches: MAIN
Diff to: previous 1.30: preferred, colored
Changes since revision 1.30: +2 -2 lines
security/openssl and converters/base64 both install a 'base64' executable,
so make them CONFLICT (pkg/11408).

Revision 1.30: download - view: text, markup, annotated - select for diffs
Sun Feb 25 04:18:12 2001 UTC (23 years, 9 months ago) by hubertf
Branches: MAIN
Diff to: previous 1.29: preferred, colored
Changes since revision 1.29: +2 -2 lines
Cleanup MKDIR usage => INSTALL_*_DIR
XXX need to teach pkglint to be more picky about this

Revision 1.29: download - view: text, markup, annotated - select for diffs
Tue Feb 20 18:04:17 2001 UTC (23 years, 9 months ago) by hubertf
Branches: MAIN
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +2 -1 lines
Work around Solaris' braindead "ln -f" (which just does not do anything)

Revision 1.28: download - view: text, markup, annotated - select for diffs
Sat Feb 17 17:49:57 2001 UTC (23 years, 9 months ago) by wiz
Branches: MAIN
Diff to: previous 1.27: preferred, colored
Changes since revision 1.27: +2 -1 lines
Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT.

Revision 1.27: download - view: text, markup, annotated - select for diffs
Wed Jan 17 10:46:30 2001 UTC (23 years, 10 months ago) by wiz
Branches: MAIN
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +5 -1 lines
Should make this buildable on Solaris, too. Untested for lack of Solaris.

Revision 1.26: download - view: text, markup, annotated - select for diffs
Sun Jan 14 01:52:23 2001 UTC (23 years, 10 months ago) by tron
Branches: MAIN
Diff to: previous 1.25: preferred, colored
Changes since revision 1.25: +2 -2 lines
Pass "${CC}" to configure script.

Revision 1.25: download - view: text, markup, annotated - select for diffs
Thu Dec 28 21:35:34 2000 UTC (23 years, 11 months ago) by wiz
Branches: MAIN
Diff to: previous 1.24: preferred, colored
Changes since revision 1.24: +3 -3 lines
Enable on alpha again; according to itojun, the referenced PR doesn't
apply to the package.

Revision 1.24: download - view: text, markup, annotated - select for diffs
Wed Oct 11 16:30:12 2000 UTC (24 years, 2 months ago) by wennmach
Branches: MAIN
CVS tags: netbsd-1-5-RELEASE, netbsd-1-4-PATCH003
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +2 -2 lines
Openssl no longer conflicts with kth-krb4.

Revision 1.23: download - view: text, markup, annotated - select for diffs
Tue Oct 10 11:42:18 2000 UTC (24 years, 2 months ago) by itojun
Branches: MAIN
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +4 -1 lines
add LICENCE=fee-based-commercial-use, for use of IDEA/RC5 logic.
(per discussion on packages@netbsd.org)

Revision 1.22: download - view: text, markup, annotated - select for diffs
Thu Sep 28 16:31:15 2000 UTC (24 years, 2 months ago) by hubertf
Branches: MAIN
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +3 -3 lines
openssl is broken on alpha, and openssh hangs in configure when checking
for openssl libs. Disable both, and reference PR to fix it.

XXX should be changed for USE_SSL.

Revision 1.21: download - view: text, markup, annotated - select for diffs
Sat Sep 9 19:40:22 2000 UTC (24 years, 3 months ago) by fredb
Branches: MAIN
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +4 -16 lines
Reorganize crypto handling, as discussed on tech-pkg. Remove all
RESTRICTED= variables that were predicated on former U.S. export
regulations. Add CRYPTO=, as necessary, so it's still possible to
exclude all crypto packages from a build by setting MKCRYPTO=no
(but "lintpkgsrc -R" will no longer catch them).

Specifically,

- - All packages which set USE_SSL just lose their RESTRICTED
    variable, since MKCRYPTO responds to USE_SSL directly.
- - realplayer7 and ns-flash keep their RESTRICTED, which is based
    on license terms, but also gain the CRYPTO variable.
- - srp-client is now marked broken, since the distfile is evidently
    no longer available. On this, we're no worse off than before.
    [We haven't been mirroring the distfile, or testing the build!]
- - isakmpd gets CRYPTO for RESTRICTED, but remains broken.
- - crack loses all restrictions, as it does not evidently empower
    a user to utilize strong encryption (working definition: ability
    to encode a message that requires a secret key plus big number
    arithmetic to decode).

Revision 1.20: download - view: text, markup, annotated - select for diffs
Tue Sep 5 17:34:05 2000 UTC (24 years, 3 months ago) by wennmach
Branches: MAIN
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +2 -2 lines
Added a CONFLICT with kth-krb4. Both pkgs install a `des' binary in
the same place, $PREFIX/bin/des.

Revision 1.19: download - view: text, markup, annotated - select for diffs
Sun Aug 27 02:46:06 2000 UTC (24 years, 3 months ago) by jlam
Branches: MAIN
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +4 -5 lines
Use new PERL5 variable instead of ${LOCALBASE}/bin/perl.

Revision 1.18: download - view: text, markup, annotated - select for diffs
Mon Aug 21 21:01:33 2000 UTC (24 years, 3 months ago) by hubertf
Branches: MAIN
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +2 -2 lines
Update IGNORE-messages for recent changes: add ${PKGNAME} where
appropriate.

Revision 1.17: download - view: text, markup, annotated - select for diffs
Fri Aug 18 22:46:48 2000 UTC (24 years, 3 months ago) by hubertf
Branches: MAIN
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +3 -2 lines
Replace MIRROR_DISTFILES and NO_CDROM with the more descriptive and
more fine-grained NO_{BIN,SRC}_ON_{FTP,CDROM} definitions.

MIRROR_DISTFILES and NO_CDROM are now dead.

Revision 1.16: download - view: text, markup, annotated - select for diffs
Mon Jul 24 11:11:16 2000 UTC (24 years, 4 months ago) by tron
Branches: MAIN
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +3 -2 lines
Add german mirror to master site list.

Revision 1.15: download - view: text, markup, annotated - select for diffs
Fri May 12 06:10:35 2000 UTC (24 years, 7 months ago) by veego
Branches: MAIN
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +2 -2 lines
Fix last commit.

Revision 1.14: download - view: text, markup, annotated - select for diffs
Wed May 10 12:28:37 2000 UTC (24 years, 7 months ago) by veego
Branches: MAIN
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +31 -12 lines
Support to build it on Solaris.
It would be easier to make that change if we support patches for one OPSYS
but someone removed that from out tree.

Revision 1.13: download - view: text, markup, annotated - select for diffs
Fri Apr 21 02:15:37 2000 UTC (24 years, 7 months ago) by explorer
Branches: MAIN
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +16 -3 lines
upgrade to 0.9.5a

Revision 1.12: download - view: text, markup, annotated - select for diffs
Sat Feb 12 14:08:29 2000 UTC (24 years, 9 months ago) by fredb
Branches: MAIN
CVS tags: netbsd-1-4-PATCH002
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +7 -2 lines
Install the static libs, now that they're built anyway, and run "ranlib",
if it exists. Minor fix-up to PLIST. Closes PR pkg/8897.

Revision 1.11: download - view: text, markup, annotated - select for diffs
Thu Dec 16 12:03:21 1999 UTC (24 years, 11 months ago) by abs
Branches: MAIN
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +2 -2 lines
Update depends to rsaref 2.0p3

Revision 1.10: download - view: text, markup, annotated - select for diffs
Fri Nov 26 19:14:56 1999 UTC (25 years ago) by erh
Branches: MAIN
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +9 -1 lines
Install the RSAglue library if USERSAREF2 if set to YES.

Revision 1.9: download - view: text, markup, annotated - select for diffs
Thu Nov 25 18:51:47 1999 UTC (25 years ago) by erh
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +16 -18 lines
Update openssl to 0.9.4.

Revision 1.8: download - view: text, markup, annotated - select for diffs
Tue Aug 24 07:46:41 1999 UTC (25 years, 3 months ago) by simonb
Branches: MAIN
CVS tags: comdex-fall-1999
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -2 lines
Fix typo in "mipsel".

Revision 1.7: download - view: text, markup, annotated - select for diffs
Sun Jun 20 21:06:21 1999 UTC (25 years, 5 months ago) by tron
Branches: MAIN
CVS tags: netbsd-1-4-PATCH001
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +5 -2 lines
Don't use "{}" or "[]" in "ONLY_FOR_PLATFORM" or "NOT_FOR_PLATFORM"
because "bsd.pkg.mk" can't handle those patterns. Fixes PR pkg/7808
by Chris Demetriou.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Thu Jun 10 05:08:02 1999 UTC (25 years, 6 months ago) by tv
Branches: MAIN
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +5 -2 lines
Let's get this right this time.  It's 0.9.2b, not 0.9.2c.  I'll get this
to 0.9.3 after the weekend.

Revision 1.5: download - view: text, markup, annotated - select for diffs
Tue Jun 8 16:58:26 1999 UTC (25 years, 6 months ago) by tv
Branches: MAIN
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +1 -1 lines
This is actually OpenSSL 0.9.2c.  Revert part of previous.

Revision 1.4: download - view: text, markup, annotated - select for diffs
Wed May 26 15:36:28 1999 UTC (25 years, 6 months ago) by tv
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +3 -6 lines
Update rsaref dependency to "2.0p2"; still pending update to OpenSSL 0.9.3.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Mon May 24 20:39:48 1999 UTC (25 years, 6 months ago) by tv
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +3 -4 lines
Change {ONLY,NOT}_FOR_{ARCH,OPSYS} format to {ONLY,NOT}_FOR_PLATFORM
pattern match format.  Minor pkglint along the way.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Sun May 23 21:15:20 1999 UTC (25 years, 6 months ago) by tv
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +2 -2 lines
Update rsaref dependency to 2.0p1.  OpenSSL 0.9.3 is still beta... will fix
shlib problems when 0.9.3 is out.

Revision 1.1.1.1 (vendor branch): download - view: text, markup, annotated - select for diffs
Fri Apr 30 15:19:13 1999 UTC (25 years, 7 months ago) by tv
Branches: TNF
CVS tags: pkgsrc-base, netbsd-1-4-RELEASE
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +0 -0 lines
Import OpenSSL 0.9.2b pkg, a package which finally updates and fixes many
deficiencies in SSLeay.  Intended to be a drop-in replacement for SSLeay
(and still provides the command-prompt interface as "ssleay").

Revision 1.1: download - view: text, markup, annotated - select for diffs
Fri Apr 30 15:19:13 1999 UTC (25 years, 7 months ago) by tv
Branches: MAIN
Initial revision

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>