From owner-svn-ports-all@FreeBSD.ORG  Mon Jan 19 21:19:32 2015
Return-Path: <owner-svn-ports-all@FreeBSD.ORG>
Delivered-To: svn-ports-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id B7E92BC;
 Mon, 19 Jan 2015 21:19:32 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id A406CA8F;
 Mon, 19 Jan 2015 21:19:32 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t0JLJWEH053007;
 Mon, 19 Jan 2015 21:19:32 GMT (envelope-from jase@FreeBSD.org)
Received: (from jase@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id t0JLJW1s053005;
 Mon, 19 Jan 2015 21:19:32 GMT (envelope-from jase@FreeBSD.org)
Message-Id: <201501192119.t0JLJW1s053005@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: jase set sender to jase@FreeBSD.org
 using -f
From: Jase Thew <jase@FreeBSD.org>
Date: Mon, 19 Jan 2015 21:19:32 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r377482 - in head/security/polarssl: . files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jan 2015 21:19:32 -0000

Author: jase
Date: Mon Jan 19 21:19:31 2015
New Revision: 377482
URL: https://svnweb.freebsd.org/changeset/ports/377482
QAT: https://qat.redports.org/buildarchive/r377482/

Log:
  security/polarssl:
  - Add upstream patch to address crafted certificates vulnerability
  - Add USES cpe
  
  MFH:		2015Q1
  Security:	CVE-2015-1182
  Security:	a5856eba-a015-11e4-a680-1c6f65c3c4ff

Added:
  head/security/polarssl/files/patch-library-asn1parse_c   (contents, props changed)
Modified:
  head/security/polarssl/Makefile

Modified: head/security/polarssl/Makefile
==============================================================================
--- head/security/polarssl/Makefile	Mon Jan 19 21:14:35 2015	(r377481)
+++ head/security/polarssl/Makefile	Mon Jan 19 21:19:31 2015	(r377482)
@@ -2,6 +2,7 @@
 
 PORTNAME=	polarssl
 PORTVERSION=	1.2.12
+PORTREVISION=	1
 DISTVERSIONSUFFIX=	-gpl
 CATEGORIES=	security devel
 MASTER_SITES=	http://polarssl.org/download/
@@ -13,7 +14,7 @@ LICENSE=	GPLv2
 
 ALL_TARGET=	no_test
 
-USES=	gmake tar:tgz
+USES=	cpe gmake tar:tgz
 USE_LDCONFIG=	yes
 
 WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION}

Added: head/security/polarssl/files/patch-library-asn1parse_c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/polarssl/files/patch-library-asn1parse_c	Mon Jan 19 21:19:31 2015	(r377482)
@@ -0,0 +1,11 @@
+--- library/asn1parse.c.orig	2015-01-19 19:31:49.664592954 +0000
++++ library/asn1parse.c	2015-01-19 19:34:11.583587052 +0000
+@@ -244,6 +244,8 @@
+             if( cur->next == NULL )
+                 return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
+ 
++            memset( cur->next, 0, sizeof( asn1_sequence ) );
++
+             cur = cur->next;
+         }
+     }