From owner-freebsd-ports@FreeBSD.ORG Sat Mar 24 19:33:58 2012 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0FFC11065670 for ; Sat, 24 Mar 2012 19:33:58 +0000 (UTC) (envelope-from jhellenthal@dataix.net) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id B68548FC1C for ; Sat, 24 Mar 2012 19:33:57 +0000 (UTC) Received: by iahk25 with SMTP id k25so8279285iah.13 for ; Sat, 24 Mar 2012 12:33:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dataix.net; s=rsa; h=date:from:to:cc:subject:message-id:references:mime-version :in-reply-to:content-type:content-disposition; bh=OTCEJspQUc/9RNA1lPJcQG25EFo8vtoJaW/LQ875vnk=; b=Y4zxsDLpRPWMx4BON9Cr3faH8rJDI3vP3Utu0oz/52l28nDN69KvRxd6xuJIFe0Oq7 NcA761J1hxZcDxLz42LhT+ttXF4bk+BsFiiT+US8dVHjqRywawpA7i0P/IfJtI+ybEkc yf+7R49AA84tkHv7+28ykR6szpvHqgE5mQt88= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :in-reply-to:x-gm-message-state:content-type:content-disposition; bh=OTCEJspQUc/9RNA1lPJcQG25EFo8vtoJaW/LQ875vnk=; b=Hv6ASGyLZwY3CqXkPnTMHuVSc71gmkGYokTp16uu0ykHCUVlvmh4yeIeZL0gyGnF02 iCyQXNeKArVOW4W+w7TDB0PluFGw1ATS4+cY0ax2wd2e6j0FuESiFEHFaBZpgQZCVCqm nYVF9SW2iL6grSmU3jd0iJfe+LanuM15hO9NWayXphpJ9lYlG8VlOwDLZ0mJetRg5mIb MkErOyRLbGtlCX5RtfaSgcESMDv3oI9vY9Gg+fptlcLjHWpQ5UxLvtsyZCHclLn3sB/u PJLnUI40z19vRk+dxlh1jOgQ28jDv3U897kUYDQwHXWzVtJdShAUT29GQzSGT/VTZwfy oP7g== Received: by 10.50.179.102 with SMTP id df6mr2030406igc.69.1332617636979; Sat, 24 Mar 2012 12:33:56 -0700 (PDT) Received: from DataIX.net ([99.181.142.190]) by mx.google.com with ESMTPS id gw10sm6436941igb.5.2012.03.24.12.33.56 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 24 Mar 2012 12:33:56 -0700 (PDT) Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.5/8.14.5) with ESMTP id q2OJXsi8084677 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 24 Mar 2012 15:33:54 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Received: (from jhellenthal@localhost) by DataIX.net (8.14.5/8.14.5/Submit) id q2OJXs4K083983; Sat, 24 Mar 2012 15:33:54 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Date: Sat, 24 Mar 2012 15:33:54 -0400 From: Jason Hellenthal To: Kevin Oberman Message-ID: <20120324193354.GB30901@DataIX.net> References: <20120324172937.GA43822@DataIX.net> MIME-Version: 1.0 In-Reply-To: X-Gm-Message-State: ALoCoQnXrmdTUEMkaC6/Hk0crNiQ/PtQd+s3F8Nioy5hRMbxKuqZJsf/2NC/Bluxx1E5f/eSwLav Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Cc: ports@freebsd.org, novel@freebsd.org Subject: Re: security/gnutls update when... X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Mar 2012 19:33:58 -0000 On Sat, Mar 24, 2012 at 10:54:32AM -0700, Kevin Oberman wrote: > On Sat, Mar 24, 2012 at 10:29 AM, Jason Hellenthal > wrote: > > > > Apparently this port has fell two versions behind. Is there anything > > that is going to happen to update it to the current stable version ? > > > > > > These advisories have been out for a week now. And the current version > > is 2.12.18. > > > > > > Database created: Sat Mar 24 13:15:03 EDT 2012 > > Affected package: gnutls-2.12.16 > > Type of problem: libtasn1 -- ASN.1 length decoding vulnerability. > > Reference: > > http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html > > > > Affected package: gnutls-2.12.16 > > Type of problem: gnutls -- possible overflow/Denial of service > > vulnerabilities. > > Reference: > > http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html > > > > 2 problem(s) in your installed packages found. > > > > > > > > -- > > ;s =; > > Note that one of these problems is with libtasn1 and is not a gnutls > problems at all. So updating libtasn1actually fixes this one, although > the other does require an update to a version of gnutls that has yet > to be ported. Only if it was installed or implied... .if (defined(WITH_LIBTASN1) || exists(${LOCALBASE}/lib/libtasn1.so.4)) && !defined(WITHOUT_LIBTASN1) LIB_DEPENDS+= tasn1.4:${PORTSDIR}/security/libtasn1 .else CONFIGURE_ARGS+= --with-included-libtasn1 .endif -- ;s =;