Date: Thu, 8 Dec 2016 17:08:55 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r428139 - branches/2016Q4/security/py-cryptography Message-ID: <201612081708.uB8H8tlP059147@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Thu Dec 8 17:08:55 2016 New Revision: 428139 URL: https://svnweb.freebsd.org/changeset/ports/428139 Log: MFH: r428138 security/py-pycryptography: Fix build on FreeBSD 9.3 Modern py-cryptography requires a more modern OpenSSL. This switch to requiring OpenSSL from ports is a disruptive change, but it will protect these users from the recently patched vulnerabilites. Support for OpenSSL 0.9.8 was removed in pycryptography as of version 1.4. The last release to support OpenSSL 0.9.8 was 1.3.4 which is still vulnerable to the HDKF key generation bug. It appears that version 1.4 did build successfully on FreeBSD 9.3, but upstream had abandoned support for OpenSSL 0.9.8 at that point so it is unclear if it was fully functional. PR: 214915 Approved by: ports-secteam (with hat) Modified: branches/2016Q4/security/py-cryptography/Makefile Directory Properties: branches/2016Q4/ (props changed) Modified: branches/2016Q4/security/py-cryptography/Makefile ============================================================================== --- branches/2016Q4/security/py-cryptography/Makefile Thu Dec 8 17:07:22 2016 (r428138) +++ branches/2016Q4/security/py-cryptography/Makefile Thu Dec 8 17:08:55 2016 (r428139) @@ -27,6 +27,11 @@ USE_PYTHON= autoplist distutils CFLAGS+= -I${OPENSSLINC} LDFLAGS+= -L${OPENSSLLIB} +# Modern py-cyptography requires newer OpenSSL +.if ${OSVERSION} < 1000000 +WITH_OPENSSL_PORT= yes +.endif + .include <bsd.port.pre.mk> .if ${PYTHON_REL} < 3300
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201612081708.uB8H8tlP059147>