CVS commit: [pkgsrc-2013Q4] pkgsrc/security/openssl

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2013Q4] pkgsrc/security/openssl
From: "S.P.Zeidler" <spz%netbsd.org@localhost>
Date: Fri, 10 Jan 2014 18:00:40 +0000

Module Name:    pkgsrc
Committed By:   spz
Date:           Fri Jan 10 18:00:40 UTC 2014

Modified Files:
        pkgsrc/security/openssl [pkgsrc-2013Q4]: Makefile distinfo
        pkgsrc/security/openssl/patches [pkgsrc-2013Q4]:
            patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
            patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
            patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__connect.pod
            patch-doc_ssl_SSL__do__handshake.pod
            patch-doc_ssl_SSL__shutdown.pod
Removed Files:
        pkgsrc/security/openssl/patches [pkgsrc-2013Q4]:
            patch-doc_crypto_X509__STORE__CTX__get__error.pod

Log Message:
Pullup ticket #4293 - requested by tron
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.183
- security/openssl/distinfo                                     1.101
- security/openssl/patches/patch-doc_crypto_X509__STORE__CTX__get__error.pod 
deleted
- security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod 1.2
- security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod 
1.2
- security/openssl/patches/patch-doc_ssl_SSL__accept.pod        1.2
- security/openssl/patches/patch-doc_ssl_SSL__connect.pod       1.2
- security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod 1.2
- security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod      1.2

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        tron
   Date:                Fri Jan 10 14:32:42 UTC 2014

   Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
        pkgsrc/security/openssl/patches:
            patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
            patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
            patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__connect.pod
            patch-doc_ssl_SSL__do__handshake.pod
            patch-doc_ssl_SSL__shutdown.pod
   Removed Files:
        pkgsrc/security/openssl/patches:
            patch-doc_crypto_X509__STORE__CTX__get__error.pod

   Log Message:
   Update "openssl" package to version 1.0.1f. Changes since 1.0.1e:
   - Fix for TLS record tampering bug. A carefully crafted invalid
     handshake could crash OpenSSL with a NULL pointer exception.
     Thanks to Anton Johansson for reporting this issues.
     (CVE-2013-4353)
   - Keep original DTLS digest and encryption contexts in retransmission
     structures so we can use the previous session parameters if they need
     to be resent. (CVE-2013-6450)
     [Steve Henson]
   - Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
     avoids preferring ECDHE-ECDSA ciphers when the client appears to be
     Safari on OS X.  Safari on OS X 10.8..10.8.3 advertises support for
     several ECDHE-ECDSA ciphers, but fails to negotiate them.  The bug
     is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
     10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
     [Rob Stradling, Adam Langley]

   To generate a diff of this commit:
   cvs rdiff -u -r1.182 -r1.183 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.100 -r1.101 pkgsrc/security/openssl/distinfo
   cvs rdiff -u -r1.1 -r0 \
       
pkgsrc/security/openssl/patches/patch-doc_crypto_X509__STORE__CTX__get__error.pod
   cvs rdiff -u -r1.1 -r1.2 \
       
pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
 \
       
pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
 \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__accept.pod \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__connect.pod \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod \
       pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod


To generate a diff of this commit:
cvs rdiff -u -r1.182 -r1.182.2.1 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.100 -r1.100.2.1 pkgsrc/security/openssl/distinfo
cvs rdiff -u -r1.1 -r0 \
    
pkgsrc/security/openssl/patches/patch-doc_crypto_X509__STORE__CTX__get__error.pod
cvs rdiff -u -r1.1 -r1.1.6.1 \
    
pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
 \
    
pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
 \
    pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__accept.pod \
    pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__connect.pod \
    pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod \
    pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: [pkgsrc-2013Q4] pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: [pkgsrc-2013Q4] pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index