pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/openssl Update to 1.0.1h:



details:   https://anonhg.NetBSD.org/pkgsrc/rev/327e1eb5a3e6
branches:  trunk
changeset: 635415:327e1eb5a3e6
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Thu Jun 05 12:16:06 2014 +0000

description:
Update to 1.0.1h:

  Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]

      o Fix for CVE-2014-0224
      o Fix for CVE-2014-0221
      o Fix for CVE-2014-0195
      o Fix for CVE-2014-3470
      o Fix for CVE-2010-5298

diffstat:

 security/openssl/Makefile                                                      |   5 +-
 security/openssl/builtin.mk                                                    |   5 +-
 security/openssl/distinfo                                                      |  27 +------
 security/openssl/patches/patch-doc_apps_cms.pod                                |  36 ----------
 security/openssl/patches/patch-doc_apps_smine.pod                              |  36 ----------
 security/openssl/patches/patch-doc_ssl_SSL__COMP__add__compression__method.pod |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__CTX__add__session.pod              |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__CTX__load__verify__locations.pod   |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod     |  22 ------
 security/openssl/patches/patch-doc_ssl_SSL__CTX__set__session__id__context.pod |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__CTX__set__ssl__version.pod         |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod  |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__accept.pod                         |  22 ------
 security/openssl/patches/patch-doc_ssl_SSL__clear.pod                          |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__connect.pod                        |  22 ------
 security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod                  |  22 ------
 security/openssl/patches/patch-doc_ssl_SSL__read.pod                           |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__session__reused.pod                |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__set__fd.pod                        |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__set__session.pod                   |  15 ----
 security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod                       |  23 ------
 security/openssl/patches/patch-doc_ssl_SSL__write.pod                          |  15 ----
 22 files changed, 9 insertions(+), 391 deletions(-)

diffs (truncated from 519 to 300 lines):

diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/Makefile
--- a/security/openssl/Makefile Thu Jun 05 09:24:58 2014 +0000
+++ b/security/openssl/Makefile Thu Jun 05 12:16:06 2014 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.192 2014/06/05 03:14:05 obache Exp $
+# $NetBSD: Makefile,v 1.193 2014/06/05 12:16:06 wiz Exp $
 
-DISTNAME=      openssl-1.0.1g
+DISTNAME=      openssl-1.0.1h
 MASTER_SITES=  http://ftp.openssl.org/source/
-PKGREVISION=   2
 SVR4_PKGNAME=  ossl
 CATEGORIES=    security
 
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/builtin.mk
--- a/security/openssl/builtin.mk       Thu Jun 05 09:24:58 2014 +0000
+++ b/security/openssl/builtin.mk       Thu Jun 05 12:16:06 2014 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: builtin.mk,v 1.41 2014/05/18 11:20:53 obache Exp $
+# $NetBSD: builtin.mk,v 1.42 2014/06/05 12:16:06 wiz Exp $
 
 BUILTIN_PKG:=  openssl
 
 BUILTIN_FIND_LIBS:=            crypto des ssl
 BUILTIN_FIND_HEADERS_VAR:=     H_OPENSSLCONF H_OPENSSLV
 BUILTIN_FIND_HEADERS.H_OPENSSLCONF=    openssl/opensslconf.h
-BUILTIN_FIND_HEADERS.H_OPENSSLV=       openssl/opensslv.h 
+BUILTIN_FIND_HEADERS.H_OPENSSLV=       openssl/opensslv.h
 
 .include "../../mk/buildlink3/bsd.builtin.mk"
 
@@ -234,6 +234,7 @@
 .    if !defined(HAS_OPENSSL_FAKE_PC)
 HAS_OPENSSL_FAKE_PC=
 
+.PHONY: openssl-fake-pc
 openssl-fake-pc:
        ${RUN} \
        src=${BUILDLINK_PREFIX.openssl}/lib${LIBABISUFFIX}/pkgconfig/libcrypto.pc; \
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/distinfo
--- a/security/openssl/distinfo Thu Jun 05 09:24:58 2014 +0000
+++ b/security/openssl/distinfo Thu Jun 05 12:16:06 2014 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.106 2014/05/13 02:23:11 rodent Exp $
+$NetBSD: distinfo,v 1.107 2014/06/05 12:16:06 wiz Exp $
 
-SHA1 (openssl-1.0.1g.tar.gz) = b28b3bcb1dc3ee7b55024c9f795be60eb3183e3c
-RMD160 (openssl-1.0.1g.tar.gz) = cd2eb879646a2b91b2f67dfaf99eb9668ba5d7ea
-Size (openssl-1.0.1g.tar.gz) = 4509047 bytes
+SHA1 (openssl-1.0.1h.tar.gz) = b2239599c8bf8f7fc48590a55205c26abe560bf8
+RMD160 (openssl-1.0.1h.tar.gz) = aeb1e0f41074d499d5411510fd645455730ed05e
+Size (openssl-1.0.1h.tar.gz) = 4475692 bytes
 SHA1 (patch-Configure) = f8b8b3ecfa9d23530d13f8f93582db857f772fc4
 SHA1 (patch-Makefile.org) = be55df602286c7f0265a8c5c3d8edaea13b1d966
 SHA1 (patch-Makefile.shared) = 709283ba4bb4bd568e289fe111b8dea319968328
@@ -11,24 +11,5 @@
 SHA1 (patch-crypto_bn_bn__prime.pl) = c07e8ccba319e4260af46e714c3be56f70579fa6
 SHA1 (patch-crypto_des_Makefile) = 31d772eb8c80b577b9cd05337262ddfad297d9b1
 SHA1 (patch-crypto_dso_dso__dlfcn.c) = 065a8254d9c93b17d300a4be9b9a35a919e8b364
-SHA1 (patch-doc_apps_cms.pod) = e111c0b0d74622e4a7e6d12d2bf9d561c69c9d5b
-SHA1 (patch-doc_apps_smine.pod) = bb188f893849aac2389eacffe7d0adbd0b29af58
-SHA1 (patch-doc_ssl_SSL__COMP__add__compression__method.pod) = 5e208ed7cd33f1cca74fd5bdd2e8f4944e4b9573
-SHA1 (patch-doc_ssl_SSL__CTX__add__session.pod) = 1e237699e2f1fcf839b658b747967a4cf75eba7f
-SHA1 (patch-doc_ssl_SSL__CTX__load__verify__locations.pod) = c9e68f02d950e1f525d7dc23f70b423cff722d91
-SHA1 (patch-doc_ssl_SSL__CTX__set__client__CA__list.pod) = 49e1d7c0d4e875b6fcb43f2af5eb88d1421c5eb5
-SHA1 (patch-doc_ssl_SSL__CTX__set__session__id__context.pod) = ca148386fd507a1a3f50a9ec21023ded386251c8
-SHA1 (patch-doc_ssl_SSL__CTX__set__ssl__version.pod) = 5d9c9982e914323d5b04a472cb566ee6f78dbcfa
-SHA1 (patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod) = 70ff7ba97cee03169bab4a613a96306d911b37c6
-SHA1 (patch-doc_ssl_SSL__accept.pod) = 3aa90470a88b89c0ad434f2f8205db915a6d174d
-SHA1 (patch-doc_ssl_SSL__clear.pod) = 6c65ae616976b7d6d770d15f97dfb4613b9808c1
-SHA1 (patch-doc_ssl_SSL__connect.pod) = 2b960e52115bcf7376601b1e67a092db289419c6
-SHA1 (patch-doc_ssl_SSL__do__handshake.pod) = a5d09e9e89e268c3e366e8c7be6b210072d4097d
-SHA1 (patch-doc_ssl_SSL__read.pod) = ce0ba545ed5d1a4198d5deecedb7e4ee0afd36ed
-SHA1 (patch-doc_ssl_SSL__session__reused.pod) = aef3cede850eda892ab73d52b08caa4a10274d55
-SHA1 (patch-doc_ssl_SSL__set__fd.pod) = 3a57fa02613960790b3a275f979c7741559bcf6f
-SHA1 (patch-doc_ssl_SSL__set__session.pod) = c5fdc448bde809435f060bceb4d36f7665147112
-SHA1 (patch-doc_ssl_SSL__shutdown.pod) = 1adf6eaab219fc0fc2416199c07b1a7aa8789dc1
-SHA1 (patch-doc_ssl_SSL__write.pod) = 968ac804a295c31d6c71508866e3623b619eadd8
 SHA1 (patch-engines_ccgost_Makefile) = 8834074c74abab604ef1ba7959750c22c0ffb6e7
 SHA1 (patch-tools_Makefile) = 6e7324d01c0cd5e290085fe8124315bcac8cf198
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/patches/patch-doc_apps_cms.pod
--- a/security/openssl/patches/patch-doc_apps_cms.pod   Thu Jun 05 09:24:58 2014 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,36 +0,0 @@
-$NetBSD: patch-doc_apps_cms.pod,v 1.2 2014/05/13 02:23:11 rodent Exp $
-
-Fix openssl pod docs to work with the very picky pod2man from perl-5.18.0.
-
---- doc/apps/cms.pod.orig      Mon Mar 17 16:14:20 2014
-+++ doc/apps/cms.pod
-@@ -454,24 +454,24 @@ remains DER.
- 
- the operation was completely successfully.
- 
--=item 1 
-+=item Z<>1
- 
- an error occurred parsing the command options.
- 
--=item 2
-+=item Z<>2
- 
- one of the input files could not be read.
- 
--=item 3
-+=item Z<>3
- 
- an error occurred creating the CMS file or when reading the MIME
- message.
- 
--=item 4
-+=item Z<>4
- 
- an error occurred decrypting or verifying the message.
- 
--=item 5
-+=item Z<>5
- 
- the message was verified correctly but an error occurred writing out
- the signers certificates.
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/patches/patch-doc_apps_smine.pod
--- a/security/openssl/patches/patch-doc_apps_smine.pod Thu Jun 05 09:24:58 2014 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,36 +0,0 @@
-$NetBSD: patch-doc_apps_smine.pod,v 1.2 2014/05/13 02:23:11 rodent Exp $
-
-Fix openssl pod docs to work with the very picky pod2man from perl-5.18.0.
-
---- doc/apps/smime.pod.orig    Mon Mar 17 16:14:20 2014
-+++ doc/apps/smime.pod
-@@ -312,24 +312,24 @@ remains DER.
- 
- the operation was completely successfully.
- 
--=item 1 
-+=item Z<>1 
- 
- an error occurred parsing the command options.
- 
--=item 2
-+=item Z<>2
- 
- one of the input files could not be read.
- 
--=item 3
-+=item Z<>3
- 
- an error occurred creating the PKCS#7 file or when reading the MIME
- message.
- 
--=item 4
-+=item Z<>4
- 
- an error occurred decrypting or verifying the message.
- 
--=item 5
-+=item Z<>5
- 
- the message was verified correctly but an error occurred writing out
- the signers certificates.
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/patches/patch-doc_ssl_SSL__COMP__add__compression__method.pod
--- a/security/openssl/patches/patch-doc_ssl_SSL__COMP__add__compression__method.pod    Thu Jun 05 09:24:58 2014 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-doc_ssl_SSL__COMP__add__compression__method.pod,v 1.2 2014/05/13 02:23:11 rodent Exp $
-
-Fix openssl pod docs to work with the very picky pod2man from perl-5.18.0.
-
---- doc/ssl/SSL_COMP_add_compression_method.pod.orig   Mon Mar 17 16:14:20 2014
-+++ doc/ssl/SSL_COMP_add_compression_method.pod
-@@ -57,7 +57,7 @@ SSL_COMP_add_compression_method() may return the follo
- 
- The operation succeeded.
- 
--=item 1
-+=item Z<>1
- 
- The operation failed. Check the error queue to find out the reason.
- 
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/patches/patch-doc_ssl_SSL__CTX__add__session.pod
--- a/security/openssl/patches/patch-doc_ssl_SSL__CTX__add__session.pod Thu Jun 05 09:24:58 2014 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-doc_ssl_SSL__CTX__add__session.pod,v 1.2 2014/05/13 02:23:11 rodent Exp $
-
-Fix openssl pod docs to work with the very picky pod2man from perl-5.18.0.
-
---- doc/ssl/SSL_CTX_add_session.pod.orig       Mon Mar 17 16:14:20 2014
-+++ doc/ssl/SSL_CTX_add_session.pod
-@@ -58,7 +58,7 @@ The following values are returned by all functions:
-  the same (identical) session twice. In case of the remove operation, the
-  session was not found in the cache.
- 
--=item 1
-+=item Z<>1
-  
-  The operation succeeded.
- 
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/patches/patch-doc_ssl_SSL__CTX__load__verify__locations.pod
--- a/security/openssl/patches/patch-doc_ssl_SSL__CTX__load__verify__locations.pod      Thu Jun 05 09:24:58 2014 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-doc_ssl_SSL__CTX__load__verify__locations.pod,v 1.2 2014/05/13 02:23:11 rodent Exp $
-
-Fix openssl pod docs to work with the very picky pod2man from perl-5.18.0.
-
---- doc/ssl/SSL_CTX_load_verify_locations.pod.orig     Mon Mar 17 16:14:20 2014
-+++ doc/ssl/SSL_CTX_load_verify_locations.pod
-@@ -106,7 +106,7 @@ The operation failed because B<CAfile> and B<CApath> a
- processing at one of the locations specified failed. Check the error
- stack to find out the reason.
- 
--=item 1
-+=item Z<>1
- 
- The operation succeeded.
- 
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
--- a/security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod        Thu Jun 05 09:24:58 2014 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,22 +0,0 @@
-$NetBSD: patch-doc_ssl_SSL__CTX__set__client__CA__list.pod,v 1.3 2014/05/13 02:23:11 rodent Exp $
-
-Fix openssl pod docs to work with the very picky pod2man from perl-5.18.0.
-
---- doc/ssl/SSL_CTX_set_client_CA_list.pod.orig        Mon Mar 17 16:14:20 2014
-+++ doc/ssl/SSL_CTX_set_client_CA_list.pod
-@@ -66,13 +66,13 @@ values:
- 
- =over 4
- 
--=item 0
-+=item Z<>0
- 
- A failure while manipulating the STACK_OF(X509_NAME) object occurred or
- the X509_NAME could not be extracted from B<cacert>. Check the error stack
- to find out the reason.
- 
--=item 1
-+=item Z<>1
- 
- The operation succeeded.
- 
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/patches/patch-doc_ssl_SSL__CTX__set__session__id__context.pod
--- a/security/openssl/patches/patch-doc_ssl_SSL__CTX__set__session__id__context.pod    Thu Jun 05 09:24:58 2014 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-doc_ssl_SSL__CTX__set__session__id__context.pod,v 1.2 2014/05/13 02:23:11 rodent Exp $
-
-Fix openssl pod docs to work with the very picky pod2man from perl-5.18.0.
-
---- doc/ssl/SSL_CTX_set_session_id_context.pod.orig    Mon Mar 17 16:14:20 2014
-+++ doc/ssl/SSL_CTX_set_session_id_context.pod
-@@ -70,7 +70,7 @@ The length B<sid_ctx_len> of the session id context B<
- the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
- is logged to the error stack.
- 
--=item 1
-+=item Z<>1
- 
- The operation succeeded.
- 
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/patches/patch-doc_ssl_SSL__CTX__set__ssl__version.pod
--- a/security/openssl/patches/patch-doc_ssl_SSL__CTX__set__ssl__version.pod    Thu Jun 05 09:24:58 2014 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-doc_ssl_SSL__CTX__set__ssl__version.pod,v 1.2 2014/05/13 02:23:11 rodent Exp $
-
-Fix openssl pod docs to work with the very picky pod2man from perl-5.18.0.
-
---- doc/ssl/SSL_CTX_set_ssl_version.pod.orig   Mon Mar 17 16:14:20 2014
-+++ doc/ssl/SSL_CTX_set_ssl_version.pod
-@@ -46,7 +46,7 @@ and SSL_set_ssl_method():
- 
- The new choice failed, check the error stack to find out the reason.
- 
--=item 1
-+=item Z<>1
- 
- The operation succeeded.
- 
diff -r 729c5d76fef6 -r 327e1eb5a3e6 security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
--- a/security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod     Thu Jun 05 09:24:58 2014 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod,v 1.3 2014/05/13 02:23:11 rodent Exp $
-
-Fix openssl pod docs to work with the very picky pod2man from perl-5.18.0.
-
---- doc/ssl/SSL_CTX_use_psk_identity_hint.pod.orig     Mon Mar 17 16:14:20 2014
-+++ doc/ssl/SSL_CTX_use_psk_identity_hint.pod
-@@ -96,7 +96,7 @@ data to B<psk> and return the length of the random dat
- connection will fail with decryption_error before it will be finished
- completely.
- 
--=item 0
-+=item Z<>0
- 
- PSK identity was not found. An "unknown_psk_identity" alert message
- will be sent and the connection setup fails.



Home | Main Index | Thread Index | Old Index