pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/emulators/suse131_openssl Apply following update to su...
details: https://anonhg.NetBSD.org/pkgsrc/rev/288a216d5a78
branches: trunk
changeset: 645139:288a216d5a78
user: obache <obache%pkgsrc.org@localhost>
date: Sat Jan 24 01:01:54 2015 +0000
description:
Apply following update to suse131_openssl, bump PKGREVISION.
openSUSE Security Update: Security update for openssl
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:0130-1
Rating: important
References: #911399 #912014 #912015 #912018 #912292 #912293
#912294 #912296
Cross-References: CVE-2014-3569 CVE-2014-3570 CVE-2014-3571
CVE-2014-3572 CVE-2014-8275 CVE-2015-0204
CVE-2015-0205 CVE-2015-0206
Affected Products:
openSUSE 13.2
openSUSE 13.1
______________________________________________________________________________
An update that fixes 8 vulnerabilities is now available.
Description:
openssl was updated to 1.0.1k to fix various security issues and bugs.
More information can be found in the openssl advisory:
http://openssl.org/news/secadv_20150108.txt
Following issues were fixed:
* CVE-2014-3570 (bsc#912296): Bignum squaring (BN_sqr) may have produced
incorrect results on some platforms, including x86_64.
* CVE-2014-3571 (bsc#912294): Fixed crash in dtls1_get_record whilst in
the listen state where you get two separate reads performed - one for
the header and one for the body of the handshake record.
* CVE-2014-3572 (bsc#912015): Don't accept a handshake using an ephemeral
ECDH ciphersuites with the server key exchange message omitted.
* CVE-2014-8275 (bsc#912018): Fixed various certificate fingerprint issues.
* CVE-2015-0204 (bsc#912014): Only allow ephemeral RSA keys in export
ciphersuites
* CVE-2015-0205 (bsc#912293): A fixwas added to prevent use of DH client
certificates without sending certificate verify message.
* CVE-2015-0206 (bsc#912292): A memory leak was fixed in
dtls1_buffer_record.
References:
http://support.novell.com/security/cve/CVE-2014-3569.html
http://support.novell.com/security/cve/CVE-2014-3570.html
http://support.novell.com/security/cve/CVE-2014-3571.html
http://support.novell.com/security/cve/CVE-2014-3572.html
http://support.novell.com/security/cve/CVE-2014-8275.html
http://support.novell.com/security/cve/CVE-2015-0204.html
http://support.novell.com/security/cve/CVE-2015-0205.html
http://support.novell.com/security/cve/CVE-2015-0206.html
https://bugzilla.suse.com/show_bug.cgi?id=911399
https://bugzilla.suse.com/show_bug.cgi?id=912014
https://bugzilla.suse.com/show_bug.cgi?id=912015
https://bugzilla.suse.com/show_bug.cgi?id=912018
https://bugzilla.suse.com/show_bug.cgi?id=912292
https://bugzilla.suse.com/show_bug.cgi?id=912293
https://bugzilla.suse.com/show_bug.cgi?id=912294
https://bugzilla.suse.com/show_bug.cgi?id=912296
diffstat:
emulators/suse131_openssl/Makefile | 6 +++---
emulators/suse131_openssl/distinfo | 14 +++++++-------
2 files changed, 10 insertions(+), 10 deletions(-)
diffs (35 lines):
diff -r 10c46be0e7e4 -r 288a216d5a78 emulators/suse131_openssl/Makefile
--- a/emulators/suse131_openssl/Makefile Sat Jan 24 00:58:45 2015 +0000
+++ b/emulators/suse131_openssl/Makefile Sat Jan 24 01:01:54 2015 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.13 2014/11/24 10:47:45 obache Exp $
+# $NetBSD: Makefile,v 1.14 2015/01/24 01:01:54 obache Exp $
PKGNAME= suse_openssl-${SUSE_VERSION}
-PKGREVISION= 11
+PKGREVISION= 12
CATEGORIES= emulators
-RPMUPDPKGS+= libopenssl1_0_0-1.0.1j-11.59.1.${SUSE_ARCH}
+RPMUPDPKGS+= libopenssl1_0_0-1.0.1k-11.64.2.${SUSE_ARCH}
MAINTAINER= pkgsrc-users%NetBSD.org@localhost
COMMENT= Linux compatibility package for OpenSSL
diff -r 10c46be0e7e4 -r 288a216d5a78 emulators/suse131_openssl/distinfo
--- a/emulators/suse131_openssl/distinfo Sat Jan 24 00:58:45 2015 +0000
+++ b/emulators/suse131_openssl/distinfo Sat Jan 24 01:01:54 2015 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.12 2014/11/24 10:47:45 obache Exp $
+$NetBSD: distinfo,v 1.13 2015/01/24 01:01:54 obache Exp $
-SHA1 (suse131/libopenssl1_0_0-1.0.1j-11.59.1.i586.rpm) = da5698935ddd9aec3ef30eac423ac447db5a787c
-RMD160 (suse131/libopenssl1_0_0-1.0.1j-11.59.1.i586.rpm) = d426aad6f6a218e937b8ad544e09429fdf5c408e
-Size (suse131/libopenssl1_0_0-1.0.1j-11.59.1.i586.rpm) = 769059 bytes
-SHA1 (suse131/libopenssl1_0_0-1.0.1j-11.59.1.x86_64.rpm) = db1f917a9b55bd4e6eb9b067d6ca2e5f11ca9c9f
-RMD160 (suse131/libopenssl1_0_0-1.0.1j-11.59.1.x86_64.rpm) = 3505534e244ccc91109ca90cf18f04a572834718
-Size (suse131/libopenssl1_0_0-1.0.1j-11.59.1.x86_64.rpm) = 819451 bytes
+SHA1 (suse131/libopenssl1_0_0-1.0.1k-11.64.2.i586.rpm) = f5e5231bd256363f501f12fb3b9253ddb44e091e
+RMD160 (suse131/libopenssl1_0_0-1.0.1k-11.64.2.i586.rpm) = bb5770f3f44cd0a3313243cd7dce80675bd38e33
+Size (suse131/libopenssl1_0_0-1.0.1k-11.64.2.i586.rpm) = 770010 bytes
+SHA1 (suse131/libopenssl1_0_0-1.0.1k-11.64.2.x86_64.rpm) = e57577dea61a189f9d481f486818db2f0e5cbb9d
+RMD160 (suse131/libopenssl1_0_0-1.0.1k-11.64.2.x86_64.rpm) = f094e603beacb01cfe2eacf3caca83fcbbf17a07
+Size (suse131/libopenssl1_0_0-1.0.1k-11.64.2.x86_64.rpm) = 820981 bytes
Home |
Main Index |
Thread Index |
Old Index