Date: Sat, 24 Jul 2021 04:51:12 GMT From: Santhosh Raju <fox@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: e4b770114494 - main - security/wolfssl: Updates to v4.8.1 Message-ID: <202107240451.16O4pCCe047765@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by fox: URL: https://cgit.FreeBSD.org/ports/commit/?id=e4b770114494f3d54409aef6bd23a3a2def34399 commit e4b770114494f3d54409aef6bd23a3a2def34399 Author: Santhosh Raju <fox@FreeBSD.org> AuthorDate: 2021-07-24 04:49:39 +0000 Commit: Santhosh Raju <fox@FreeBSD.org> CommitDate: 2021-07-24 04:49:39 +0000 security/wolfssl: Updates to v4.8.1 Changes since v4.8.0: wolfSSL Release 4.8.1 (July 16, 2021) Release 4.8.1 of wolfSSL embedded TLS has an OCSP vulnerability fix: Vulnerabilities * [High] OCSP verification issue when response is for a certificate with no relation to the chain in question BUT that response contains the NoCheck extension which effectively disables ALL verification of that one cert. Users who should upgrade to 4.8.1 are TLS client users doing OCSP, TLS server users doing mutual auth with OCSP, and CertManager users doing OCSP independent of TLS. Thanks to Jan Nauber, Marco Smeets, Werner Rueschenbaum and Alissa Kim of Volkswagen Infotainment for the report. --- security/wolfssl/Makefile | 2 +- security/wolfssl/distinfo | 6 +++--- security/wolfssl/pkg-plist | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/security/wolfssl/Makefile b/security/wolfssl/Makefile index dba43ab6d545..1fbff8d1c218 100644 --- a/security/wolfssl/Makefile +++ b/security/wolfssl/Makefile @@ -1,5 +1,5 @@ PORTNAME= wolfssl -PORTVERSION= 4.8.0 +PORTVERSION= 4.8.1 CATEGORIES= security devel MASTER_SITES= https://www.wolfssl.com/ \ LOCAL/fox diff --git a/security/wolfssl/distinfo b/security/wolfssl/distinfo index c79c20b75f3c..6ab0e6b36b38 100644 --- a/security/wolfssl/distinfo +++ b/security/wolfssl/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1626253987 -SHA256 (wolfssl-4.8.0.zip) = ab524d44bb7bd5516c0beead4278a1cf060c5fd5f418c6491227ed4fb8c79efc -SIZE (wolfssl-4.8.0.zip) = 11835511 +TIMESTAMP = 1627101426 +SHA256 (wolfssl-4.8.1.zip) = 149299b90a6546a91e781c645187254d19c510286bc0c2bffaad0326ad5a8b6e +SIZE (wolfssl-4.8.1.zip) = 11836201 diff --git a/security/wolfssl/pkg-plist b/security/wolfssl/pkg-plist index 6c9b9611e08b..504cd6689d8b 100644 --- a/security/wolfssl/pkg-plist +++ b/security/wolfssl/pkg-plist @@ -226,7 +226,7 @@ include/wolfssl/wolfio.h lib/libwolfssl.a lib/libwolfssl.so lib/libwolfssl.so.24 -lib/libwolfssl.so.24.5.0 +lib/libwolfssl.so.24.5.1 libdata/pkgconfig/wolfssl.pc %%PORTDOCS%%%%DOCSDIR%%/README.txt %%PORTDOCS%%%%DOCSDIR%%/example/client.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202107240451.16O4pCCe047765>