CVS commit: pkgsrc/security/openssl

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/openssl
From: "Matthias Scheler" <tron%netbsd.org@localhost>
Date: Fri, 10 Jan 2014 14:32:42 +0000

Module Name:    pkgsrc
Committed By:   tron
Date:           Fri Jan 10 14:32:42 UTC 2014

Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
        pkgsrc/security/openssl/patches:
            patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
            patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
            patch-doc_ssl_SSL__accept.pod patch-doc_ssl_SSL__connect.pod
            patch-doc_ssl_SSL__do__handshake.pod
            patch-doc_ssl_SSL__shutdown.pod
Removed Files:
        pkgsrc/security/openssl/patches:
            patch-doc_crypto_X509__STORE__CTX__get__error.pod

Log Message:
Update "openssl" package to version 1.0.1f. Changes since 1.0.1e:
- Fix for TLS record tampering bug. A carefully crafted invalid
  handshake could crash OpenSSL with a NULL pointer exception.
  Thanks to Anton Johansson for reporting this issues.
  (CVE-2013-4353)
- Keep original DTLS digest and encryption contexts in retransmission
  structures so we can use the previous session parameters if they need
  to be resent. (CVE-2013-6450)
  [Steve Henson]
- Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
  avoids preferring ECDHE-ECDSA ciphers when the client appears to be
  Safari on OS X.  Safari on OS X 10.8..10.8.3 advertises support for
  several ECDHE-ECDSA ciphers, but fails to negotiate them.  The bug
  is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
  10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
  [Rob Stradling, Adam Langley]


To generate a diff of this commit:
cvs rdiff -u -r1.182 -r1.183 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.100 -r1.101 pkgsrc/security/openssl/distinfo
cvs rdiff -u -r1.1 -r0 \
    
pkgsrc/security/openssl/patches/patch-doc_crypto_X509__STORE__CTX__get__error.pod
cvs rdiff -u -r1.1 -r1.2 \
    
pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__CTX__set__client__CA__list.pod
 \
    
pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__CTX__use__psk__identity__hint.pod
 \
    pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__accept.pod \
    pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__connect.pod \
    pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__do__handshake.pod \
    pkgsrc/security/openssl/patches/patch-doc_ssl_SSL__shutdown.pod

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/devel/gdl
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/devel/gdl
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index