From owner-svn-ports-all@FreeBSD.ORG Fri Nov 8 12:41:45 2013 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 5E5A4D93; Fri, 8 Nov 2013 12:41:45 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 493A626D5; Fri, 8 Nov 2013 12:41:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id rA8Cfjtj079233; Fri, 8 Nov 2013 12:41:45 GMT (envelope-from bdrewery@svn.freebsd.org) Received: (from bdrewery@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id rA8CfiqU079231; Fri, 8 Nov 2013 12:41:44 GMT (envelope-from bdrewery@svn.freebsd.org) Message-Id: <201311081241.rA8CfiqU079231@svn.freebsd.org> From: Bryan Drewery Date: Fri, 8 Nov 2013 12:41:44 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r333215 - head/security/openssh-portable X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Nov 2013 12:41:45 -0000 Author: bdrewery Date: Fri Nov 8 12:41:44 2013 New Revision: 333215 URL: http://svnweb.freebsd.org/changeset/ports/333215 Log: - Update to 6.4p1 This release fixes a security bug: * sshd(8): fix a memory corruption problem triggered during rekeying when an AES-GCM cipher is selected. Full details of the vulnerability are available at: http://www.openssh.com/txt/gcmrekey.adv Security: http://www.openssh.com/txt/gcmrekey.adv Modified: head/security/openssh-portable/Makefile head/security/openssh-portable/distinfo Modified: head/security/openssh-portable/Makefile ============================================================================== --- head/security/openssh-portable/Makefile Fri Nov 8 12:39:52 2013 (r333214) +++ head/security/openssh-portable/Makefile Fri Nov 8 12:41:44 2013 (r333215) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= openssh -DISTVERSION= 6.3p1 +DISTVERSION= 6.4p1 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= ${MASTER_SITE_OPENBSD} @@ -80,7 +80,8 @@ LPK_USE= OPENLDAP=yes # See http://www.roumenpetrov.info/openssh/ X509_VERSION= 7.6 X509_PATCH_SITES= http://www.roumenpetrov.info/openssh/x509-${X509_VERSION}/:x509 -X509_PATCHFILES= ${PORTNAME}-6.3p1+x509-${X509_VERSION}.diff.gz:-p1:x509 +X509_PATCHFILES= openssh-6.4-x509-glue.patch \ + ${PORTNAME}-6.3p1+x509-${X509_VERSION}.diff.gz:-p1:x509 # See https://bugzilla.mindrot.org/show_bug.cgi?id=2016 SCTP_PATCHFILES= ${PORTNAME}-sctp-2329.patch.gz @@ -107,9 +108,10 @@ PORTDOCS= * # http://www.psc.edu/index.php/hpn-ssh .if ${PORT_OPTIONS:MHPN} || ${PORT_OPTIONS:MAES_THREADED} || ${PORT_OPTIONS:MNONECIPHER} HPN_VERSION= 14v2 +HPN_DISTVERSION= 6.3p1 PATCH_SITES+= ${MASTER_SITE_SOURCEFORGE:S/$/:hpn/} -PATCH_SITE_SUBDIR+= hpnssh/HPN-SSH%20${HPN_VERSION}%20${DISTVERSION}/:hpn -PATCHFILES+= ${PORTNAME}-${DISTVERSION}-hpnssh${HPN_VERSION}.diff.gz:-p1:hpn +PATCH_SITE_SUBDIR+= hpnssh/HPN-SSH%20${HPN_VERSION}%20${HPN_DISTVERSION}/:hpn +PATCHFILES+= ${PORTNAME}-${HPN_DISTVERSION}-hpnssh${HPN_VERSION}.diff.gz:-p1:hpn EXTRA_PATCHES+= ${FILESDIR}/extra-patch-hpn-build-options # Remove HPN if only AES requested . if !${PORT_OPTIONS:MHPN} Modified: head/security/openssh-portable/distinfo ============================================================================== --- head/security/openssh-portable/distinfo Fri Nov 8 12:39:52 2013 (r333214) +++ head/security/openssh-portable/distinfo Fri Nov 8 12:41:44 2013 (r333215) @@ -1,9 +1,11 @@ -SHA256 (openssh-6.3p1.tar.gz) = aea575ededd3ebd45c05d42d0a87af22c79131a847ea440c54e3fdd223f5a420 -SIZE (openssh-6.3p1.tar.gz) = 1201101 +SHA256 (openssh-6.4p1.tar.gz) = 5530f616513b14aea3662c4c373bafd6a97a269938674c006377e381f68975d2 +SIZE (openssh-6.4p1.tar.gz) = 1201402 SHA256 (openssh-6.3p1-hpnssh14v2.diff.gz) = 23ae9307b58629ccf76a8ed5d9cf7215a45d6b7533d6b17eef17279fb9c48dca SIZE (openssh-6.3p1-hpnssh14v2.diff.gz) = 24450 SHA256 (openssh-6.3p1+x509-7.6.diff.gz) = d9e5f37c1a7750c19895f71d9b54e35afb6e7a45511b828e9da51252d0946460 SIZE (openssh-6.3p1+x509-7.6.diff.gz) = 219962 +SHA256 (openssh-6.4-x509-glue.patch) = 8a199b3e6fe031775531c82e7a2d18fe468c1193c9d90ba17554ba9de2834876 +SIZE (openssh-6.4-x509-glue.patch) = 1219 SHA256 (openssh-6.3p1-gsskex-all-20110125.patch.gz) = 9dac542ed23f1ee330ddb03a34825f04abea726d227e9433f970e9a24325d767 SIZE (openssh-6.3p1-gsskex-all-20110125.patch.gz) = 23486 SHA256 (openssh-lpk-6.3p1.patch.gz) = d2a8b7da7acebac2afc4d0a3dffe8fca2e49900cf733af2e7012f2449b3668e1