Module Name:	pkgsrc
Committed By:	fredb
Date:		Sat Aug 10 04:50:34 UTC 2002

Modified Files:
	pkgsrc/security/openssl: Makefile distinfo
	pkgsrc/security/openssl/patches: patch-aa patch-ac patch-af
Added Files:
	pkgsrc/security/openssl/patches: patch-ag

Log Message:
Update to 0.9.6g. The most significant change is this proof against
a stunning DoS vulnerability, fixed in 0.9.6f:

  *) Use proper error handling instead of 'assertions' in buffer
     overflow checks added in 0.9.6e.  This prevents DoS (the
     assertions could call abort()).
     [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]

Regenerate the netbsd patch. This is now a clean diff against the
vendor tag, with version-number-only changes elided.

Partially revert "crypto/dist/openssl/crypto/rand/randfile.c", version
1.4 (via additional pkgsrc patch), to give this a shot to compile on
NetBSD-1.4.2 and earlier, which had no strlcpy() or strlcat().

Assemble the shared library without "-Bsymbolic", mainly to give this
a shot at linking on NetBSD-a.out (untested).


To generate a diff of this commit:
cvs rdiff -r1.54 -r1.55 pkgsrc/security/openssl/Makefile
cvs rdiff -r1.10 -r1.11 pkgsrc/security/openssl/distinfo
cvs rdiff -r1.9 -r1.10 pkgsrc/security/openssl/patches/patch-aa
cvs rdiff -r1.5 -r1.6 pkgsrc/security/openssl/patches/patch-ac
cvs rdiff -r1.4 -r1.5 pkgsrc/security/openssl/patches/patch-af
cvs rdiff -r0 -r1.6 pkgsrc/security/openssl/patches/patch-ag

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.