Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) by www.NetBSD.org (Postfix) with ESMTP id 61BDD63B882 for ; Thu, 31 May 2012 08:50:08 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 3DF1014A378; Thu, 31 May 2012 08:50:08 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 8386A14A377 for ; Thu, 31 May 2012 08:50:02 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id TdAQMJ1_epxz for ; Thu, 31 May 2012 08:50:01 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 8DFBC14A372 for ; Thu, 31 May 2012 08:50:01 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 92F78175DD; Thu, 31 May 2012 08:50:01 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Date: Thu, 31 May 2012 08:50:01 +0000 From: "Jens Rehsack" Subject: CVS commit: pkgsrc/security/p5-IO-Socket-SSL To: pkgsrc-changes@NetBSD.org Reply-To: sno@netbsd.org X-Mailer: log_accum Message-Id: <20120531085001.92F78175DD@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: sno Date: Thu May 31 08:50:01 UTC 2012 Modified Files: pkgsrc/security/p5-IO-Socket-SSL: Makefile distinfo Log Message: Updating package for Perl module IO::Socket::SSL from CPAN in security/p5-IO-Socket-SSL from 1.66 to 1.74. Upstream changes: v1.74 2012.05.13 - accept a version of SSLv2/3 as SSLv23, because older documentation could be interpreted like this v1.73 2012.05.11 - make test t/dhe.t hopefully work for more version of openssl Thanks to paul[AT]city-fan[DOT]org for providing bug reports and testing environment v1.72 2012.05.10 - set DEFAULT_CIPHER_LIST to ALL:!LOW instead of HIGH:!LOW Thanks to dcostas[AT]gmail[DOT]com for problem report v1.71 2012.05.09 - 1.70 done right. Also don't disable SSLv2 ciphers, SSLv2 support is better disabled by the default SSL_version of 'SSLv23:!SSLv2' v1.70 2012.05.08 - make it possible to disable protols using SSL_version, make SSL_version default to 'SSLv23:!SSLv2' v1.69 2012.05.08 - re-added workaround in t/dhe.t v1.68 2012.05.07 - remove SSLv2 from default cipher list, which makes failed tests after last change work again, fix behvior for empty cipher list (use default) v1.67 2012.05.07 - https://rt.cpan.org/Ticket/Display.html?id=76929 thanks to d[DOT]thomas[AT]its[DOT]uq[DOT]edu[DOT]au for reporting - if no explicit cipher list is given it will now default to ALL:!LOW instead of the openssl default, which usually includes weak ciphers like DES. - new config key SSL_honor_cipher_order and documented how to use it to fight BEAST attack. To generate a diff of this commit: cvs rdiff -u -r1.57 -r1.58 pkgsrc/security/p5-IO-Socket-SSL/Makefile cvs rdiff -u -r1.41 -r1.42 pkgsrc/security/p5-IO-Socket-SSL/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.