Subject: CVS commit: pkgsrc/security/openssl
To: None <firstname.lastname@example.org>
From: Frederick Bruckman <email@example.com>
Date: 08/10/2002 07:50:34
Module Name: pkgsrc
Committed By: fredb
Date: Sat Aug 10 04:50:34 UTC 2002
pkgsrc/security/openssl: Makefile distinfo
pkgsrc/security/openssl/patches: patch-aa patch-ac patch-af
Update to 0.9.6g. The most significant change is this proof against
a stunning DoS vulnerability, fixed in 0.9.6f:
*) Use proper error handling instead of 'assertions' in buffer
overflow checks added in 0.9.6e. This prevents DoS (the
assertions could call abort()).
[Arne Ansper <firstname.lastname@example.org>, Bodo Moeller]
Regenerate the netbsd patch. This is now a clean diff against the
vendor tag, with version-number-only changes elided.
Partially revert "crypto/dist/openssl/crypto/rand/randfile.c", version
1.4 (via additional pkgsrc patch), to give this a shot to compile on
NetBSD-1.4.2 and earlier, which had no strlcpy() or strlcat().
Assemble the shared library without "-Bsymbolic", mainly to give this
a shot at linking on NetBSD-a.out (untested).
To generate a diff of this commit:
cvs rdiff -r1.54 -r1.55 pkgsrc/security/openssl/Makefile
cvs rdiff -r1.10 -r1.11 pkgsrc/security/openssl/distinfo
cvs rdiff -r1.9 -r1.10 pkgsrc/security/openssl/patches/patch-aa
cvs rdiff -r1.5 -r1.6 pkgsrc/security/openssl/patches/patch-ac
cvs rdiff -r1.4 -r1.5 pkgsrc/security/openssl/patches/patch-af
cvs rdiff -r0 -r1.6 pkgsrc/security/openssl/patches/patch-ag
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.