Date: Tue, 22 Oct 2024 15:50:15 GMT From: Alex Dupre <ale@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: f4d0d45cbe89 - 2024Q4 - security/cryptlib: update to 3.4.7 release. Message-ID: <202410221550.49MFoFxh098770@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch 2024Q4 has been updated by ale: URL: https://cgit.FreeBSD.org/ports/commit/?id=f4d0d45cbe89ec6fc49a6501af943fc2995d3703 commit f4d0d45cbe89ec6fc49a6501af943fc2995d3703 Author: Alex Dupre <ale@FreeBSD.org> AuthorDate: 2024-10-22 15:31:22 +0000 Commit: Alex Dupre <ale@FreeBSD.org> CommitDate: 2024-10-22 15:50:02 +0000 security/cryptlib: update to 3.4.7 release. PR: 282203 Submitted by: Alven <alster@vinterdalen.se> Security: CVE-2024-0202 (cherry picked from commit 53b58221ade14504875fbd818f42ee551f65f79e) --- security/cryptlib/Makefile | 2 +- security/cryptlib/distinfo | 6 ++--- security/cryptlib/files/patch-makefile | 4 +-- security/cryptlib/files/patch-misc_os__spec.h | 4 +-- security/cryptlib/files/patch-test_certs.c | 8 +++--- security/cryptlib/files/patch-tools_ccopts.sh | 36 ++------------------------- 6 files changed, 14 insertions(+), 46 deletions(-) diff --git a/security/cryptlib/Makefile b/security/cryptlib/Makefile index a306eb97b224..42b59ea691f4 100644 --- a/security/cryptlib/Makefile +++ b/security/cryptlib/Makefile @@ -1,5 +1,5 @@ PORTNAME= cryptlib -DISTVERSION= 3.4.6 +DISTVERSION= 3.4.7 CATEGORIES= security MASTER_SITES= https://cryptlib-release.s3-ap-southeast-1.amazonaws.com/ DISTNAME= ${PORTNAME}${PORTVERSION:S/.//g} diff --git a/security/cryptlib/distinfo b/security/cryptlib/distinfo index 4e31fa1950d6..59a3e7b72af6 100644 --- a/security/cryptlib/distinfo +++ b/security/cryptlib/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1679305871 -SHA256 (cryptlib346.zip) = c72cfd103eb9fa9f205c14c84ce4fbdf3ead1e2447e830b164dc335141f747bd -SIZE (cryptlib346.zip) = 6826568 +TIMESTAMP = 1729514079 +SHA256 (cryptlib347.zip) = e3f617ea55b1c2c6ea1a27ccc7c8dd4972d3428dfbb0c8ba52a3e4a3ea98ada6 +SIZE (cryptlib347.zip) = 7041396 diff --git a/security/cryptlib/files/patch-makefile b/security/cryptlib/files/patch-makefile index 6f255e18d9d2..0ab07a73ea8f 100644 --- a/security/cryptlib/files/patch-makefile +++ b/security/cryptlib/files/patch-makefile @@ -1,6 +1,6 @@ ---- makefile.orig 2021-09-10 22:27:18 UTC +--- makefile.orig 2023-07-04 09:46:00 UTC +++ makefile -@@ -1859,7 +1859,7 @@ BSD/OS: +@@ -1941,7 +1941,7 @@ FreeBSD: $(MAKE) $(DEFINES) CFLAGS="$(CFLAGS) -fomit-frame-pointer -O3" FreeBSD: diff --git a/security/cryptlib/files/patch-misc_os__spec.h b/security/cryptlib/files/patch-misc_os__spec.h index 66d060b78bd7..4fc1e99d45aa 100644 --- a/security/cryptlib/files/patch-misc_os__spec.h +++ b/security/cryptlib/files/patch-misc_os__spec.h @@ -1,6 +1,6 @@ ---- misc/os_spec.h.orig 2021-09-11 19:27:14 UTC +--- misc/os_spec.h.orig 2023-02-10 20:29:06 UTC +++ misc/os_spec.h -@@ -610,9 +610,8 @@ typedef int BOOLEAN_INT; +@@ -607,9 +607,8 @@ typedef int BOOLEAN_INT; variants, this presumably extends to SH5 as well so we treat va_lists on Super-H as scalars */ diff --git a/security/cryptlib/files/patch-test_certs.c b/security/cryptlib/files/patch-test_certs.c index 8d9b05f4093c..30ea0fea6744 100644 --- a/security/cryptlib/files/patch-test_certs.c +++ b/security/cryptlib/files/patch-test_certs.c @@ -1,11 +1,11 @@ ---- test/certs.c.orig 2023-03-20 10:42:36 UTC +--- test/certs.c.orig 2023-01-31 00:46:48 UTC +++ test/certs.c @@ -52,7 +52,7 @@ #if defined( __MWERKS__ ) || defined( SYMANTEC_C ) || defined( __MRC__ ) - #define CERTTIME_DATETEST ( ( ( 2021 - 1970 ) * ONE_YEAR_TIME ) + 2082844800L ) + #define CERTTIME_DATETEST ( ( ( 2022 - 1970 ) * ONE_YEAR_TIME ) + 2082844800L ) #else -- #define CERTTIME_DATETEST ( ( 2021 - 1970 ) * ONE_YEAR_TIME ) -+ #define CERTTIME_DATETEST ( ( 2023 - 1970 ) * ONE_YEAR_TIME ) +- #define CERTTIME_DATETEST ( ( 2022 - 1970 ) * ONE_YEAR_TIME ) ++ #define CERTTIME_DATETEST ( ( 2024 - 1970 ) * ONE_YEAR_TIME ) #endif /* Macintosh-specific weird epoch */ #if ( ULONG_MAX > 0xFFFFFFFFUL ) || defined( _M_X64 ) #define SYSTEM_64BIT diff --git a/security/cryptlib/files/patch-tools_ccopts.sh b/security/cryptlib/files/patch-tools_ccopts.sh index 040bf62ddbf0..ad81eac26a3d 100644 --- a/security/cryptlib/files/patch-tools_ccopts.sh +++ b/security/cryptlib/files/patch-tools_ccopts.sh @@ -1,6 +1,6 @@ ---- tools/ccopts.sh.orig 2021-10-21 02:27:26 UTC +--- tools/ccopts.sh.orig 2023-07-11 00:09:58 UTC +++ tools/ccopts.sh -@@ -675,7 +675,7 @@ hasSafeStackLibs() +@@ -603,7 +603,7 @@ if [ $ISCLANG -gt 0 ] && [ $ISSPECIAL -eq 0 ] ; then if [ $ISCLANG -gt 0 ] && [ $ISSPECIAL -eq 0 ] ; then if [ $COMPILER_VER -ge 47 ] ; then @@ -9,35 +9,3 @@ # The versions of clang shipped with OS X or OpenBSD don't # support -fsanitize=safe-stack even as late as clang 12, so # there's not much that we can do. -@@ -892,31 +892,6 @@ fi - # a big deal. As a convenient side-effect, this also enables the use of - # ASLR where it's supported. - --if [ "$ARCH" = "i586" ] || [ "$ARCH" = "i686" ] || [ "$ARCH" = "x86_64" ] ; then -- if [ "$COMPILER_VER" -ge 45 ] ; then -- if [ $GENERICBUILD -gt 0 ] ; then -- echo " (Enabling lowest-common-denominator build options for cross-platform library)." >&2 ; -- else -- CCARGS="$CCARGS -march=native -mtune=generic" ; -- fi -- if [ "$ARCH" = "x86_64" ] ; then -- CCARGS="$CCARGS -fPIC" ; -- fi ; -- elif [ "$COMPILER_VER" -ge 30 ] ; then -- case $ARCH in -- 'x86_64') -- CCARGS="$CCARGS -march=opteron -fPIC" ;; -- -- 'i686') -- CCARGS="$CCARGS -march=pentiumpro" ;; -- -- *) -- CCARGS="$CCARGS -march=pentium" ;; -- esac ; -- else -- CCARGS="$CCARGS -mcpu=pentium" ; -- fi ; --fi - - # gcc 4.x for 64-bit architectures has an optimiser bug that removes an - # empty-list check in cryptlib's list-management code (this has been
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202410221550.49MFoFxh098770>