Thu Mar 29 11:08:44 2018 UTC ()
openssl: update to 1.0.2o.

 Changes between 1.0.2n and 1.0.2o [27 Mar 2018]

  *) Constructed ASN.1 types with a recursive definition could exceed the stack

     Constructed ASN.1 types with a recursive definition (such as can be found
     in PKCS7) could eventually exceed the stack given malicious input with
     excessive recursion. This could result in a Denial Of Service attack. There
     are no such structures used within SSL/TLS that come from untrusted sources
     so this is considered safe.

     This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz
     project.
     (CVE-2018-0739)
     [Matt Caswell]


(wiz)
diff -r1.237 -r1.238 pkgsrc/security/openssl/Makefile
diff -r1.131 -r1.132 pkgsrc/security/openssl/distinfo
cvs diff -r1.237 -r1.238 pkgsrc/security/openssl/Makefile (expand / switch to unified diff)

--- pkgsrc/security/openssl/Makefile 2018/01/02 05:37:23 1.237
+++ pkgsrc/security/openssl/Makefile 2018/03/29 11:08:44 1.238
@@ -1,17 +1,16 @@ @@ -1,17 +1,16 @@
1# $NetBSD: Makefile,v 1.237 2018/01/02 05:37:23 maya Exp $ 1# $NetBSD: Makefile,v 1.238 2018/03/29 11:08:44 wiz Exp $
2 2
3DISTNAME= openssl-1.0.2n 3DISTNAME= openssl-1.0.2o
4PKGREVISION= 1 
5CATEGORIES= security 4CATEGORIES= security
6MASTER_SITES= https://www.openssl.org/source/ 5MASTER_SITES= https://www.openssl.org/source/
7 6
8MAINTAINER= pkgsrc-users@NetBSD.org 7MAINTAINER= pkgsrc-users@NetBSD.org
9HOMEPAGE= https://www.openssl.org/ 8HOMEPAGE= https://www.openssl.org/
10COMMENT= Secure Socket Layer and cryptographic library 9COMMENT= Secure Socket Layer and cryptographic library
11LICENSE= openssl 10LICENSE= openssl
12 11
13CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]* 12CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]*
14 13
15BUILD_DEPENDS+= p5-Perl4-CoreLibs-[0-9]*:../../devel/p5-Perl4-CoreLibs 14BUILD_DEPENDS+= p5-Perl4-CoreLibs-[0-9]*:../../devel/p5-Perl4-CoreLibs
16 15
17USE_GCC_RUNTIME= yes 16USE_GCC_RUNTIME= yes
cvs diff -r1.131 -r1.132 pkgsrc/security/openssl/distinfo (expand / switch to unified diff)

--- pkgsrc/security/openssl/distinfo 2018/01/16 09:48:46 1.131
+++ pkgsrc/security/openssl/distinfo 2018/03/29 11:08:44 1.132
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1$NetBSD: distinfo,v 1.131 2018/01/16 09:48:46 jperkin Exp $ 1$NetBSD: distinfo,v 1.132 2018/03/29 11:08:44 wiz Exp $
2 2
3SHA1 (openssl-1.0.2n.tar.gz) = 0ca2957869206de193603eca6d89f532f61680b1 3SHA1 (openssl-1.0.2o.tar.gz) = a47faaca57b47a0d9d5fb085545857cc92062691
4RMD160 (openssl-1.0.2n.tar.gz) = 90fbf1df8986e04921e14e4c6e408458b5b31f6c 4RMD160 (openssl-1.0.2o.tar.gz) = aac1564f006766e66f5a319def41e5d99122915d
5SHA512 (openssl-1.0.2n.tar.gz) = 144bf0d6aa27b4af01df0b7b734c39962649e1711554247d42e05e14d8945742b18745aefdba162e2dfc762b941fd7d3b2d5dc6a781ae4ba10a6f5a3cadb0687 5SHA512 (openssl-1.0.2o.tar.gz) = 8a2c93657c85143e76785bb32ee836908c31a6f5f8db993fa9777acba6079e630cdddd03edbad65d1587199fc13a1507789eacf038b56eb99139c2091d9df7fd
6Size (openssl-1.0.2n.tar.gz) = 5375802 bytes 6Size (openssl-1.0.2o.tar.gz) = 5329472 bytes
7SHA1 (patch-Configure) = 2d963d781314276a0ee1bc531df6bc50f0f6b32b 7SHA1 (patch-Configure) = 2d963d781314276a0ee1bc531df6bc50f0f6b32b
8SHA1 (patch-Makefile.org) = d2a9295003a8b88718a328b01ff6bcbbc102ec0b 8SHA1 (patch-Makefile.org) = d2a9295003a8b88718a328b01ff6bcbbc102ec0b
9SHA1 (patch-Makefile.shared) = 273154600c6cf0cf4de4ae16d56c5555bca5f9ad 9SHA1 (patch-Makefile.shared) = 273154600c6cf0cf4de4ae16d56c5555bca5f9ad
10SHA1 (patch-apps_Makefile) = 60113291f2a25f5f1c1dba35e8173087bcd4cc30 10SHA1 (patch-apps_Makefile) = 60113291f2a25f5f1c1dba35e8173087bcd4cc30
11SHA1 (patch-config) = 345cadece3bdf0ef0a273a6c9ba6d0cbb1026a31 11SHA1 (patch-config) = 345cadece3bdf0ef0a273a6c9ba6d0cbb1026a31
12SHA1 (patch-crypto_bn_bn__prime.pl) = a516f3709a862d85e659d466e895419b1e0a94c8 12SHA1 (patch-crypto_bn_bn__prime.pl) = a516f3709a862d85e659d466e895419b1e0a94c8
13SHA1 (patch-crypto_des_Makefile) = 7a23f9883ff6c93ec0e5d08e1332cc95de8cdba2 13SHA1 (patch-crypto_des_Makefile) = 7a23f9883ff6c93ec0e5d08e1332cc95de8cdba2
14SHA1 (patch-tools_Makefile) = 67f0b9b501969382fd89b678c277d32bf5d294bc 14SHA1 (patch-tools_Makefile) = 67f0b9b501969382fd89b678c277d32bf5d294bc