pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2008Q4]: pkgsrc/security/openssl Pullup ticket #2628 - request...
details: https://anonhg.NetBSD.org/pkgsrc/rev/984dc9ce443b
branches: pkgsrc-2008Q4
changeset: 552220:984dc9ce443b
user: tron <tron%pkgsrc.org@localhost>
date: Thu Jan 08 18:11:26 2009 +0000
description:
Pullup ticket #2628 - requested by tnn
openssl: security update
Revisions pulled up:
- security/openssl/Makefile 1.137
- security/openssl/PLIST.common 1.14
- security/openssl/distinfo 1.65
- security/openssl/patches/patch-af 1.22
- security/openssl/patches/patch-am 1.6
---
Module Name: pkgsrc
Committed By: tnn
Date: Thu Jan 8 16:38:22 UTC 2009
Modified Files:
pkgsrc/security/openssl: Makefile PLIST.common distinfo
pkgsrc/security/openssl/patches: patch-af patch-am
Log Message:
Update to openssl-0.9.8j. Fixes CVE-2008-5077.
diffstat:
security/openssl/Makefile | 7 +++----
security/openssl/PLIST.common | 3 ++-
security/openssl/distinfo | 12 ++++++------
security/openssl/patches/patch-af | 31 +++++++++++++++++++++----------
security/openssl/patches/patch-am | 22 +++++++++++-----------
5 files changed, 43 insertions(+), 32 deletions(-)
diffs (173 lines):
diff -r a8f58d50a75a -r 984dc9ce443b security/openssl/Makefile
--- a/security/openssl/Makefile Wed Jan 07 16:50:30 2009 +0000
+++ b/security/openssl/Makefile Thu Jan 08 18:11:26 2009 +0000
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.136 2008/10/25 12:03:35 adrianp Exp $
+# $NetBSD: Makefile,v 1.136.2.1 2009/01/08 18:11:26 tron Exp $
OPENSSL_SNAPSHOT?= # empty
OPENSSL_STABLE?= # empty
-OPENSSL_VERS?= 0.9.8h
-PKGREVISION= 2
+OPENSSL_VERS?= 0.9.8j
.if empty(OPENSSL_SNAPSHOT)
DISTNAME= openssl-${OPENSSL_VERS}
@@ -50,7 +49,7 @@
CONFIGURE_ARGS+= --prefix=${PREFIX:Q}
CONFIGURE_ARGS+= --install_prefix=${DESTDIR}
CONFIGURE_ARGS+= --openssldir=${PKG_SYSCONFDIR:Q}
-CONFIGURE_ARGS+= shared threads
+CONFIGURE_ARGS+= shared threads no-fips
.if ${OPSYS} == "SunOS"
. if ${MACHINE_ARCH} == "sparc"
diff -r a8f58d50a75a -r 984dc9ce443b security/openssl/PLIST.common
--- a/security/openssl/PLIST.common Wed Jan 07 16:50:30 2009 +0000
+++ b/security/openssl/PLIST.common Thu Jan 08 18:11:26 2009 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST.common,v 1.13 2008/04/12 22:43:12 jlam Exp $
+@comment $NetBSD: PLIST.common,v 1.13.10.1 2009/01/08 18:11:26 tron Exp $
bin/c_rehash
bin/openssl
include/openssl/aes.h
@@ -75,6 +75,7 @@
lib/engines/lib4758cca.so
lib/engines/libaep.so
lib/engines/libatalla.so
+lib/engines/libcapi.so
lib/engines/libchil.so
lib/engines/libcswift.so
lib/engines/libgmp.so
diff -r a8f58d50a75a -r 984dc9ce443b security/openssl/distinfo
--- a/security/openssl/distinfo Wed Jan 07 16:50:30 2009 +0000
+++ b/security/openssl/distinfo Thu Jan 08 18:11:26 2009 +0000
@@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.64 2008/10/25 12:03:35 adrianp Exp $
+$NetBSD: distinfo,v 1.64.2.1 2009/01/08 18:11:26 tron Exp $
-SHA1 (openssl-0.9.8h.tar.gz) = ced4f2da24a202e01ea22bef30ebc8aee274de86
-RMD160 (openssl-0.9.8h.tar.gz) = 676337da20c3fc3fc4001a79c6d28589cba719cd
-Size (openssl-0.9.8h.tar.gz) = 3439981 bytes
+SHA1 (openssl-0.9.8j.tar.gz) = f70f7127a26e951e8a0d854c0c9e6b4c24df78e4
+RMD160 (openssl-0.9.8j.tar.gz) = d60417e0fd943fbffc6dae8391a21dcf5d97e967
+Size (openssl-0.9.8j.tar.gz) = 3738359 bytes
SHA1 (patch-aa) = b28ec662bf0586e31d59cab45e3a28b91b10dac1
SHA1 (patch-ac) = a766699f2d007b70689bbad538ede07ded7b34ff
SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3
SHA1 (patch-ae) = 7a58f1765a3761321dcc8dafc5fe2e33207be480
-SHA1 (patch-af) = 3c1a88329b1a1c54bdd4624ceaf723af3749ec32
+SHA1 (patch-af) = 1eda5a96835b65d325c77ce5d39f1e524815a3c7
SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8
SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0
SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302
-SHA1 (patch-am) = a2ba07bf35d53b096b3524b2d10ae26eef755da0
+SHA1 (patch-am) = 72d9d776878fc4908c40aacbe4d79ba3edd0a584
diff -r a8f58d50a75a -r 984dc9ce443b security/openssl/patches/patch-af
--- a/security/openssl/patches/patch-af Wed Jan 07 16:50:30 2009 +0000
+++ b/security/openssl/patches/patch-af Thu Jan 08 18:11:26 2009 +0000
@@ -1,7 +1,7 @@
-$NetBSD: patch-af,v 1.21 2008/01/17 06:42:48 tnn Exp $
+$NetBSD: patch-af,v 1.21.12.1 2009/01/08 18:11:26 tron Exp $
---- Makefile.org.orig 2007-04-24 01:49:54.000000000 +0200
-+++ Makefile.org 2007-10-28 12:44:05.000000000 +0100
+--- Makefile.org.orig 2008-12-30 14:26:26.000000000 +0100
++++ Makefile.org
@@ -28,6 +28,7 @@ INSTALLTOP=/usr/local/ssl
# Do not edit this manually. Use Configure --openssldir=DIR do change this!
@@ -10,7 +10,18 @@
# NO_IDEA - Define to build without the IDEA algorithm
# NO_RC4 - Define to build without the RC4 algorithm
-@@ -125,7 +126,7 @@ TESTS = alltests
+@@ -131,8 +132,8 @@ FIPSCANLIB=
+
+ BASEADDR=
+
+-DIRS= crypto fips ssl engines apps test tools
+-SHLIBDIRS= crypto ssl fips
++DIRS= crypto ssl engines apps test tools # fips
++SHLIBDIRS= crypto ssl # fips
+
+ # dirs in crypto to build
+ SDIRS= \
+@@ -152,7 +153,7 @@ TESTS = alltests
MAKEFILE= Makefile
@@ -19,15 +30,15 @@
MAN1=1
MAN3=3
MANSUFFIX=
-@@ -140,6 +141,7 @@ SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
- SHARED_SSL=libssl$(SHLIB_EXT)
+@@ -168,6 +169,7 @@ SHARED_SSL=libssl$(SHLIB_EXT)
+ SHARED_FIPS=
SHARED_LIBS=
SHARED_LIBS_LINK_EXTS=
+LIBRPATH=$(INSTALLTOP)/lib
SHARED_LDFLAGS=
GENERAL= Makefile
-@@ -172,7 +174,7 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESS
+@@ -200,7 +202,7 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESS
CC='${CC}' CFLAG='${CFLAG}' \
AS='${CC}' ASFLAG='${CFLAG} -c' \
AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \
@@ -36,7 +47,7 @@
INSTALL_PREFIX='${INSTALL_PREFIX}' \
INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \
MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \
-@@ -473,7 +475,7 @@ dist:
+@@ -608,7 +610,7 @@ dist:
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
@@ -45,7 +56,7 @@
install_sw:
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
-@@ -481,9 +483,7 @@ install_sw:
+@@ -616,9 +618,7 @@ install_sw:
$(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \
$(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
@@ -56,7 +67,7 @@
@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-@@ -553,35 +553,53 @@ install_docs:
+@@ -688,35 +688,53 @@ install_docs:
set -e; for i in doc/apps/*.pod; do \
fn=`basename $$i .pod`; \
sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
diff -r a8f58d50a75a -r 984dc9ce443b security/openssl/patches/patch-am
--- a/security/openssl/patches/patch-am Wed Jan 07 16:50:30 2009 +0000
+++ b/security/openssl/patches/patch-am Thu Jan 08 18:11:26 2009 +0000
@@ -1,13 +1,13 @@
-$NetBSD: patch-am,v 1.5 2008/10/25 12:04:34 adrianp Exp $
+$NetBSD: patch-am,v 1.5.2.1 2009/01/08 18:11:26 tron Exp $
---- crypto/x509/x509_att.c.orig 2008-04-02 12:11:51.000000000 +0100
-+++ crypto/x509/x509_att.c
-@@ -303,7 +303,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIB
- }
- if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
- if(!(ttmp = ASN1_TYPE_new())) goto err;
-- if (len == -1)
-+ if ((len == -1) && !(attrtype & MBSTRING_FLAG))
+--- crypto/evp/enc_min.c.orig 2008-12-02 19:14:44.000000000 +0100
++++ crypto/evp/enc_min.c
+@@ -199,7 +199,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct
+ enc = 1;
+ ctx->encrypt = enc;
+ }
+-#ifdef OPENSSL_NO_FIPS
++#if 0 /* def OPENSSL_NO_FIPS */
+ if(FIPS_selftest_failed())
{
- if (!ASN1_TYPE_set1(ttmp, attrtype, data))
- goto err;
+ FIPSerr(FIPS_F_EVP_CIPHERINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED);
Home |
Main Index |
Thread Index |
Old Index