From owner-svn-ports-all@freebsd.org Mon Sep 26 14:28:07 2016 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C89D2BE9620; Mon, 26 Sep 2016 14:28:07 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7F0DF987; Mon, 26 Sep 2016 14:28:07 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u8QES6Sn096891; Mon, 26 Sep 2016 14:28:06 GMT (envelope-from brnrd@FreeBSD.org) Received: (from brnrd@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u8QES6NX096888; Mon, 26 Sep 2016 14:28:06 GMT (envelope-from brnrd@FreeBSD.org) Message-Id: <201609261428.u8QES6NX096888@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brnrd set sender to brnrd@FreeBSD.org using -f From: Bernard Spil Date: Mon, 26 Sep 2016 14:28:06 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r422777 - head/security/openssl-devel X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Sep 2016 14:28:07 -0000 Author: brnrd Date: Mon Sep 26 14:28:06 2016 New Revision: 422777 URL: https://svnweb.freebsd.org/changeset/ports/422777 Log: security/openssl-devel: Update to 1.1.0b - Update to 1.1.0b - Fixes CRITICAL Use After Free for large message sizes (CVE-2016-6309) - Make zlib and ssl3 options work - Remove jpake header (jpake removed completely) MFH: 2016Q3 Security: 91a337d8-83ed-11e6-bf52-b499baebfeaf Modified: head/security/openssl-devel/Makefile head/security/openssl-devel/distinfo head/security/openssl-devel/pkg-plist Modified: head/security/openssl-devel/Makefile ============================================================================== --- head/security/openssl-devel/Makefile Mon Sep 26 13:47:20 2016 (r422776) +++ head/security/openssl-devel/Makefile Mon Sep 26 14:28:06 2016 (r422777) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= openssl -PORTVERSION= 1.1.0a +PORTVERSION= 1.1.0b CATEGORIES= security devel MASTER_SITES= https://www.openssl.org/source/ \ ftp://ftp.cert.dfn.de/pub/tools/net/openssl/source/ @@ -92,6 +92,8 @@ I386_CONFIGURE_ON= 386 SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} SHARED_USE= ldconfig=yes +SSL3_CONFIGURE_ON+= enable-ssl3-method +ZLIB_CONFIGURE_ON= zlib-dynamic .include .if ${PREFIX} == /usr Modified: head/security/openssl-devel/distinfo ============================================================================== --- head/security/openssl-devel/distinfo Mon Sep 26 13:47:20 2016 (r422776) +++ head/security/openssl-devel/distinfo Mon Sep 26 14:28:06 2016 (r422777) @@ -1,3 +1,3 @@ -TIMESTAMP = 1474548317 -SHA256 (openssl-1.1.0a.tar.gz) = c2e696e34296cde2c9ec5dcdad9e4f042cd703932591d395c389de488302442b -SIZE (openssl-1.1.0a.tar.gz) = 5161414 +TIMESTAMP = 1474897657 +SHA256 (openssl-1.1.0b.tar.gz) = a45de072bf9be4dea437230aaf036000f0e68c6a665931c57e76b5b036cef6f7 +SIZE (openssl-1.1.0b.tar.gz) = 5162355 Modified: head/security/openssl-devel/pkg-plist ============================================================================== --- head/security/openssl-devel/pkg-plist Mon Sep 26 13:47:20 2016 (r422776) +++ head/security/openssl-devel/pkg-plist Mon Sep 26 14:28:06 2016 (r422777) @@ -33,7 +33,6 @@ include/openssl/evp.h include/openssl/hmac.h include/openssl/kdf.h %%IDEA%%include/openssl/idea.h -%%JPAKE%%include/openssl/jpake.h include/openssl/lhash.h %%MD2%%include/openssl/md2.h %%MD4%%include/openssl/md4.h