CVS commit: pkgsrc/security/openssl

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/openssl
From: "Havard Eidnes" <he%netbsd.org@localhost>
Date: Wed, 2 Apr 2014 12:11:35 +0000

Module Name:    pkgsrc
Committed By:   he
Date:           Wed Apr  2 12:11:35 UTC 2014

Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
Added Files:
        pkgsrc/security/openssl/patches: patch-Configure patch-Makefile.org
            patch-Makefile.shared patch-apps_Makefile patch-config
            patch-crypto_bn_bn.h patch-crypto_bn_bn__lib.c
            patch-crypto_bn_bn__prime.pl patch-crypto_ec_ec2__mult.c
            patch-tools_Makefile
Removed Files:
        pkgsrc/security/openssl/patches: patch-aa patch-ac patch-ad patch-ae
            patch-af patch-ag patch-ak

Log Message:
Rename all remaining patch-?? files using the newer naming convention.

Add a fix for CVE-2014-0076:

  Fix for the attack described in the paper "Recovering OpenSSL
  ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
  by Yuval Yarom and Naomi Benger. Details can be obtained from:
  http://eprint.iacr.org/2014/140

  Thanks to Yuval Yarom and Naomi Benger for discovering this
  flaw and to Yuval Yarom for supplying a fix.

Fix from culled from
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29

Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.185 -r1.186 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.102 -r1.103 pkgsrc/security/openssl/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/openssl/patches/patch-Configure \
    pkgsrc/security/openssl/patches/patch-Makefile.org \
    pkgsrc/security/openssl/patches/patch-Makefile.shared \
    pkgsrc/security/openssl/patches/patch-apps_Makefile \
    pkgsrc/security/openssl/patches/patch-config \
    pkgsrc/security/openssl/patches/patch-crypto_bn_bn.h \
    pkgsrc/security/openssl/patches/patch-crypto_bn_bn__lib.c \
    pkgsrc/security/openssl/patches/patch-crypto_bn_bn__prime.pl \
    pkgsrc/security/openssl/patches/patch-crypto_ec_ec2__mult.c \
    pkgsrc/security/openssl/patches/patch-tools_Makefile
cvs rdiff -u -r1.27 -r0 pkgsrc/security/openssl/patches/patch-aa
cvs rdiff -u -r1.43 -r0 pkgsrc/security/openssl/patches/patch-ac
cvs rdiff -u -r1.16 -r0 pkgsrc/security/openssl/patches/patch-ad
cvs rdiff -u -r1.8 -r0 pkgsrc/security/openssl/patches/patch-ae
cvs rdiff -u -r1.26 -r0 pkgsrc/security/openssl/patches/patch-af
cvs rdiff -u -r1.12 -r0 pkgsrc/security/openssl/patches/patch-ag
cvs rdiff -u -r1.6 -r0 pkgsrc/security/openssl/patches/patch-ak

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/cross/binutils-mips-current
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/cross/binutils-mips-current
Indexes:

Home | Main Index | Thread Index | Old Index