pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/openssl
Module Name: pkgsrc
Committed By: wiz
Date: Thu Mar 29 11:08:44 UTC 2018
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Log Message:
openssl: update to 1.0.2o.
Changes between 1.0.2n and 1.0.2o [27 Mar 2018]
*) Constructed ASN.1 types with a recursive definition could exceed the stack
Constructed ASN.1 types with a recursive definition (such as can be found
in PKCS7) could eventually exceed the stack given malicious input with
excessive recursion. This could result in a Denial Of Service attack. There
are no such structures used within SSL/TLS that come from untrusted sources
so this is considered safe.
This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz
project.
(CVE-2018-0739)
[Matt Caswell]
To generate a diff of this commit:
cvs rdiff -u -r1.237 -r1.238 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.131 -r1.132 pkgsrc/security/openssl/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/openssl/Makefile
diff -u pkgsrc/security/openssl/Makefile:1.237 pkgsrc/security/openssl/Makefile:1.238
--- pkgsrc/security/openssl/Makefile:1.237 Tue Jan 2 05:37:23 2018
+++ pkgsrc/security/openssl/Makefile Thu Mar 29 11:08:44 2018
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.237 2018/01/02 05:37:23 maya Exp $
+# $NetBSD: Makefile,v 1.238 2018/03/29 11:08:44 wiz Exp $
-DISTNAME= openssl-1.0.2n
-PKGREVISION= 1
+DISTNAME= openssl-1.0.2o
CATEGORIES= security
MASTER_SITES= https://www.openssl.org/source/
Index: pkgsrc/security/openssl/distinfo
diff -u pkgsrc/security/openssl/distinfo:1.131 pkgsrc/security/openssl/distinfo:1.132
--- pkgsrc/security/openssl/distinfo:1.131 Tue Jan 16 09:48:46 2018
+++ pkgsrc/security/openssl/distinfo Thu Mar 29 11:08:44 2018
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.131 2018/01/16 09:48:46 jperkin Exp $
+$NetBSD: distinfo,v 1.132 2018/03/29 11:08:44 wiz Exp $
-SHA1 (openssl-1.0.2n.tar.gz) = 0ca2957869206de193603eca6d89f532f61680b1
-RMD160 (openssl-1.0.2n.tar.gz) = 90fbf1df8986e04921e14e4c6e408458b5b31f6c
-SHA512 (openssl-1.0.2n.tar.gz) = 144bf0d6aa27b4af01df0b7b734c39962649e1711554247d42e05e14d8945742b18745aefdba162e2dfc762b941fd7d3b2d5dc6a781ae4ba10a6f5a3cadb0687
-Size (openssl-1.0.2n.tar.gz) = 5375802 bytes
+SHA1 (openssl-1.0.2o.tar.gz) = a47faaca57b47a0d9d5fb085545857cc92062691
+RMD160 (openssl-1.0.2o.tar.gz) = aac1564f006766e66f5a319def41e5d99122915d
+SHA512 (openssl-1.0.2o.tar.gz) = 8a2c93657c85143e76785bb32ee836908c31a6f5f8db993fa9777acba6079e630cdddd03edbad65d1587199fc13a1507789eacf038b56eb99139c2091d9df7fd
+Size (openssl-1.0.2o.tar.gz) = 5329472 bytes
SHA1 (patch-Configure) = 2d963d781314276a0ee1bc531df6bc50f0f6b32b
SHA1 (patch-Makefile.org) = d2a9295003a8b88718a328b01ff6bcbbc102ec0b
SHA1 (patch-Makefile.shared) = 273154600c6cf0cf4de4ae16d56c5555bca5f9ad
Home |
Main Index |
Thread Index |
Old Index