Thu Jan 2 20:31:06 2020 UTC ()
Upgrade to OpenSSL 1.0.2u

Major changes between OpenSSL 1.0.2t and OpenSSL 1.0.2u [20 Dec 2019]

Fixed an an overflow bug in the x64_64 Montgomery squaring procedure used
in exponentiation with 512-bit moduli (CVE-2019-1551)


(sevan)
diff -r1.246 -r1.247 pkgsrc/security/openssl/Makefile
diff -r1.135 -r1.136 pkgsrc/security/openssl/distinfo
cvs diff -r1.246 -r1.247 pkgsrc/security/openssl/Makefile (expand / switch to unified diff)

--- pkgsrc/security/openssl/Makefile 2019/11/26 22:22:45 1.246
+++ pkgsrc/security/openssl/Makefile 2020/01/02 20:31:05 1.247
@@ -1,16 +1,16 @@ @@ -1,16 +1,16 @@
1# $NetBSD: Makefile,v 1.246 2019/11/26 22:22:45 sevan Exp $ 1# $NetBSD: Makefile,v 1.247 2020/01/02 20:31:05 sevan Exp $
2 2
3DISTNAME= openssl-1.0.2t 3DISTNAME= openssl-1.0.2u
4CATEGORIES= security 4CATEGORIES= security
5MASTER_SITES= https://www.openssl.org/source/ 5MASTER_SITES= https://www.openssl.org/source/
6 6
7MAINTAINER= pkgsrc-users@NetBSD.org 7MAINTAINER= pkgsrc-users@NetBSD.org
8HOMEPAGE= https://www.openssl.org/ 8HOMEPAGE= https://www.openssl.org/
9COMMENT= Secure Socket Layer and cryptographic library 9COMMENT= Secure Socket Layer and cryptographic library
10LICENSE= openssl 10LICENSE= openssl
11 11
12CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]* 12CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]*
13 13
14BUILD_DEPENDS+= p5-Perl4-CoreLibs-[0-9]*:../../devel/p5-Perl4-CoreLibs 14BUILD_DEPENDS+= p5-Perl4-CoreLibs-[0-9]*:../../devel/p5-Perl4-CoreLibs
15 15
16USE_GCC_RUNTIME= yes 16USE_GCC_RUNTIME= yes
cvs diff -r1.135 -r1.136 pkgsrc/security/openssl/distinfo (expand / switch to unified diff)

--- pkgsrc/security/openssl/distinfo 2019/11/26 22:22:45 1.135
+++ pkgsrc/security/openssl/distinfo 2020/01/02 20:31:05 1.136
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1$NetBSD: distinfo,v 1.135 2019/11/26 22:22:45 sevan Exp $ 1$NetBSD: distinfo,v 1.136 2020/01/02 20:31:05 sevan Exp $
2 2
3SHA1 (openssl-1.0.2t.tar.gz) = 8ac3fd379cf8c8ef570abb51ec52a88fd526f88a 3SHA1 (openssl-1.0.2u.tar.gz) = 740916d79ab0d209d2775277b1c6c3ec2f6502b2
4RMD160 (openssl-1.0.2t.tar.gz) = 60fa7238a3beefb1e95d76de607d69af7198118b 4RMD160 (openssl-1.0.2u.tar.gz) = b8e7e5df9582e29fdd00bd03d47e980a39ba11ab
5SHA512 (openssl-1.0.2t.tar.gz) = 0b88868933f42fab87e8b22449435a1091cc6e75f986aad6c173e01ad123161fcae8c226759073701bc65c9f2f0b6ce6a63a61203008ed873cfb6e484f32bc71 5SHA512 (openssl-1.0.2u.tar.gz) = c455bb309e20e2c2d47fdc5619c734d107d5c8c38c1409903ce979acc120b0d5fa0312917c0aa0d630e402d092a703d4249643f36078e8528a3cafc9dac6ab32
6Size (openssl-1.0.2t.tar.gz) = 5355422 bytes 6Size (openssl-1.0.2u.tar.gz) = 5355412 bytes
7SHA1 (patch-Configure) = 2d963d781314276a0ee1bc531df6bc50f0f6b32b 7SHA1 (patch-Configure) = 2d963d781314276a0ee1bc531df6bc50f0f6b32b
8SHA1 (patch-Makefile.org) = d2a9295003a8b88718a328b01ff6bcbbc102ec0b 8SHA1 (patch-Makefile.org) = d2a9295003a8b88718a328b01ff6bcbbc102ec0b
9SHA1 (patch-Makefile.shared) = 273154600c6cf0cf4de4ae16d56c5555bca5f9ad 9SHA1 (patch-Makefile.shared) = 273154600c6cf0cf4de4ae16d56c5555bca5f9ad
10SHA1 (patch-apps_Makefile) = 60113291f2a25f5f1c1dba35e8173087bcd4cc30 10SHA1 (patch-apps_Makefile) = 60113291f2a25f5f1c1dba35e8173087bcd4cc30
11SHA1 (patch-config) = 345cadece3bdf0ef0a273a6c9ba6d0cbb1026a31 11SHA1 (patch-config) = 345cadece3bdf0ef0a273a6c9ba6d0cbb1026a31
12SHA1 (patch-crypto_bn_bn__prime.pl) = a516f3709a862d85e659d466e895419b1e0a94c8 12SHA1 (patch-crypto_bn_bn__prime.pl) = a516f3709a862d85e659d466e895419b1e0a94c8
13SHA1 (patch-crypto_des_Makefile) = 7a23f9883ff6c93ec0e5d08e1332cc95de8cdba2 13SHA1 (patch-crypto_des_Makefile) = 7a23f9883ff6c93ec0e5d08e1332cc95de8cdba2
14SHA1 (patch-tools_Makefile) = 67f0b9b501969382fd89b678c277d32bf5d294bc 14SHA1 (patch-tools_Makefile) = 67f0b9b501969382fd89b678c277d32bf5d294bc