Fri May 11 14:56:49 2012 UTC ()

Pullup ticket #3782 - requested by taca
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.167
- security/openssl/distinfo                                     1.89

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri May 11 13:27:27 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update openssl to 0.9.8x.

    OpenSSL CHANGES
    _______________

    Changes between 0.9.8w and 0.9.8x [10 May 2012]

     *) Sanity check record length before skipping explicit IV in DTLS
        to fix DoS attack.

        Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
        fuzzing as a service testing platform.
        (CVE-2012-2333)
        [Steve Henson]

     *) Initialise tkeylen properly when encrypting CMS messages.
        Thanks to Solar Designer of Openwall for reporting this issue.
        [Steve Henson]


(tron)

diff -r1.164.2.2 -r1.164.2.3 pkgsrc/security/openssl/Makefile
diff -r1.86.2.2 -r1.86.2.3 pkgsrc/security/openssl/distinfo

--- pkgsrc/security/openssl/Makefile 2012/04/24 07:47:28 1.164.2.2
+++ pkgsrc/security/openssl/Makefile 2012/05/11 14:56:49 1.164.2.3

 @@ -1,18 +1,18 @@
-# $NetBSD: Makefile,v 1.164.2.2 2012/04/24 07:47:28 sbd Exp $
+# $NetBSD: Makefile,v 1.164.2.3 2012/05/11 14:56:49 tron Exp $
 OPENSSL_SNAPSHOT?=	# empty
 OPENSSL_STABLE?=	# empty
-OPENSSL_VERS?=		0.9.8w
+OPENSSL_VERS?=		0.9.8x
 .if empty(OPENSSL_SNAPSHOT)
 DISTNAME=	openssl-${OPENSSL_VERS}
 MASTER_SITES=	ftp://ftp.openssl.org/source/ \
 				ftp://sunsite.cnlab-switch.ch/mirror/openssl/source/ \
 				ftp://sunsite.uio.no/pub/security/openssl/source/
 .else
 .  if !empty(OPENSSL_STABLE:M[yY][eE][sS])
 DISTNAME=	openssl-${OPENSSL_VERS:C/[a-z]$//}-stable-SNAP-${OPENSSL_SNAPSHOT}
 PKGNAME=	openssl-${OPENSSL_VERS}beta${OPENSSL_SNAPSHOT}
 MASTER_SITES=	ftp://ftp.openssl.org/snapshot/
 .  else
 DISTNAME=	openssl-SNAP-${OPENSSL_SNAPSHOT}

--- pkgsrc/security/openssl/distinfo 2012/04/24 07:47:28 1.86.2.2
+++ pkgsrc/security/openssl/distinfo 2012/05/11 14:56:49 1.86.2.3

 @@ -1,13 +1,13 @@
-$NetBSD: distinfo,v 1.86.2.2 2012/04/24 07:47:28 sbd Exp $
+$NetBSD: distinfo,v 1.86.2.3 2012/05/11 14:56:49 tron Exp $
-SHA1 (openssl-0.9.8w.tar.gz) = 6dd276534f87aaca4bee679537fef3aaa6b43069
+SHA1 (openssl-0.9.8x.tar.gz) = 8c3be5160513c0af1e558d3f932390ecb16f59e9
-RMD160 (openssl-0.9.8w.tar.gz) = 6904c2b85a199b8ec0262ba7d52adbbe7e8df351
+RMD160 (openssl-0.9.8x.tar.gz) = 18a805c177af1667a05104e87acbff97a420864c
-Size (openssl-0.9.8w.tar.gz) = 3782900 bytes
+Size (openssl-0.9.8x.tar.gz) = 3782486 bytes
 SHA1 (patch-aa) = eb25505e8a745eb5ba85f857b0f9302fd5e9bda1
 SHA1 (patch-ac) = 6ff4a20440666f5c520837e10547091e1bee2208
 SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3
 SHA1 (patch-ae) = 7a58f1765a3761321dcc8dafc5fe2e33207be480
 SHA1 (patch-af) = 2610930b6b06397fa2e3955b3244c02193f5b7a6
 SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8
 SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0
 SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302