freebsd/ports
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
393,350 Commits 2 Branches 0 Tags
Commit Graph

317 Commits

Author SHA1 Message Date
Dirk Meyer
7b261e5607 - Security update to 1.0.2h 
Security: https://www.openssl.org/news/secadv/20160503.txt
Security: CVE-2016-2105
Security: CVE-2016-2106
Security: CVE-2016-2107
Security: CVE-2016-2108
Security: CVE-2016-2109
Security: CVE-2016-2176
MFH:		2016Q2
 2016-05-03 15:19:21 +00:00
Dirk Meyer
8cfee105ed - add some more manpages 
PR:		208602
Submitted by:	timp87@gmail.com
 2016-04-07 14:39:14 +00:00
Dirk Meyer
abfdc63dc8 - remove NOPRECIOUS* 
- make portlint happier
 2016-04-04 19:09:39 +00:00
Mathieu Arnold
597afc47ba Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u. 
With hat:	portmgr
Sponsored by:	Absolight
 2016-04-01 14:25:16 +00:00
Bernard Spil
8be19dc2f2 security/libressl*: Register conflict with security/openssl-devel 
- Add conflict for security/openssl-devel
 - Sort conflicts alphabetically

Reviewed by:	feld (mentor), koobs (mentor)
Approved by:	feld (mentor)
Differential Revision:	D5539
 2016-03-06 20:06:41 +00:00
Dirk Meyer
1ceea83375 - extend CONFLICTS for openssl-devel 2016-03-03 19:00:40 +00:00
Mark Felder
567236a098 security/openssl: Revert disabling of SSLv2 and MD2 
Disabling SSLv2 without a shared library bump has a visible impact to
some applications. It is unclear at this time if disabling MD2 could
cause the same issues, but both are being reverted at the moment to be
safe.

PR:		195796
 2016-03-03 13:58:50 +00:00
Mark Felder
8cc6bb3d58 security/openssl: Disable SSLv2 and MD2 
SSLv2 is being disabled due to DROWN.

MD2 is being disabled as it should not have been enabled by default.
This was disabled by upstream back in 2009.

PR:		195796
Approved by:	delphij, eadler
Security:	CVE-2009-2409
Security:	CVE-2016-0800
 2016-03-02 22:31:29 +00:00
Dirk Meyer
349d37dc46 - Security update to 1.0.2g 
Security: https://www.openssl.org/news/secadv/20160301.txt
Security: CVE-2016-0800
Security: CVE-2016-0705
Security: CVE-2016-0798
Security: CVE-2016-0797
Security: CVE-2016-0799
Security: CVE-2016-0702
Security: CVE-2016-0703
Security: CVE-2016-0704
 2016-03-01 16:40:55 +00:00
Dirk Meyer
6d63d735ca - mark options ASM broken on sparc64 
PR:		204527
 2016-02-13 09:48:26 +00:00
Dirk Meyer
f2a695b69f - add new manpages 
Submitted by:	olli hauer
 2016-01-28 17:35:21 +00:00
Dirk Meyer
f02e202d6f - Security update: 
- add LICENSE_FILE
MFH:		2016Q1
Security: CVE-2015-3197
Security: CVE-2016-0701
 2016-01-28 15:09:46 +00:00
Bernard Spil
eaddf50838 security/openssl: Fix No-SSLv3 option 
- This change adds `no-ssl3-method` to config args
  - Bump portrevision

Testing with security/openssl buillt with SSL3 option disabled [1]
revealed that the openssl binary and the libraries still support SSLv3
connections and methods. With the added no-ssl3-method argument passed
to the config script, the binary no longer supports the -ssl3 option
and ports requiring SSLv3 methods fail on undefined references to
methods.

PR:		203693 [1]
Reviewed by:	koobs (mentor), feld (mentor, ports-secteam), dinoex (maintainer)
Approved by:	koobs (mentor), feld (mentor, ports-secteam
MFH:		2016Q1
Differential Revision:	D4924
 2016-01-13 17:29:12 +00:00
Xin LI
aa17a3d400 Update to 1.0.2e. 
Security:	CVE-2015-3193
Security:	CVE-2015-3194
Security:	CVE-2015-3195
Security:	CVE-2015-3196
Security:	CVE-2015-1794
MFH:		2015Q4
Approved by:	so
 2015-12-05 09:41:11 +00:00
Dirk Meyer
6ca111ee08 - use post-install-DOCS-on 
- cleanup text in IGNORE
 2015-11-21 18:36:50 +00:00
Dirk Meyer
96ad3f4e05 - new OPTION MAN3 
PR:		201459
 2015-09-05 13:17:47 +00:00
Dirk Meyer
395843634f - add more manpage links 2015-07-10 13:32:26 +00:00
Dirk Meyer
e33a63f84c - Security update to 1.0.2d 
Security: http://openssl.org/news/secadv_20150709.txt
 2015-07-09 20:54:36 +00:00
Dirk Meyer
32ee0ec0e7 - update to 1.0.2c 2015-06-12 16:47:11 +00:00
Dirk Meyer
a6ff76fde0 - use portable cpu option for sparcv8 2015-06-12 14:42:23 +00:00
Dirk Meyer
257e59cd70 - fix path in SIZE lines 2015-06-12 14:40:27 +00:00
Ryan Steinmetz
022b29b6f2 - Correct patch filename for SIZE 2015-06-12 14:19:48 +00:00
Ryan Steinmetz
37ff6460c4 - Restore missing checksum for 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch 
- Correct ordering
 2015-06-12 14:09:08 +00:00
Ryan Steinmetz
b4b8ed25f1 - Resolve build issue 
With hat:	ports-secteam
 2015-06-12 01:47:00 +00:00
Ryan Steinmetz
2edc2d000e - Update to 1.0.2b 
- Partially pacify portlint

With hat:	ports-secteam
Security:	8305e215-1080-11e5-8ba2-000c2980a9f3
 2015-06-11 21:37:29 +00:00
Mathieu Arnold
60d1a83c2a MASTER_SITES cleanup. 
- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight
 2015-05-14 10:15:04 +00:00
Dirk Meyer
74a49f66a2 - patchfiles for option PADLOCK renamed again 
PR:		199444
 2015-04-25 09:36:01 +00:00
Dirk Meyer
b8c14435b5 - disable option ASM by default 
- bump PORTREVISION
PR:		196756
 2015-04-12 17:28:07 +00:00
John Marino
057f32cfd2 security/openssl: Remove patch hunk for configuring pthreads 
The patching of Configure file for pthreads is unnecessary -- the effect
of -lpthread -D_REENTRANT is the same as -pthread -D_REENTRANT, so just
remove it to make things even more simpler.
 2015-03-26 08:38:24 +00:00
John Marino
c55ac89dcd security category: Remove $PTHREAD_LIBS 
approved by:	PTHREAD blanket
 2015-03-25 08:30:27 +00:00
Dirk Meyer
a4e7653b21 - Security update to 1.0.2a 
- termios.h now default
- fix patches
- fix manpage generation
- option ZLIB removed from default
- restore padlock support
- restore RFC-5705
- restore patch history
- restore build on older FreeBSD
- restore soname
Security: https://www.openssl.org/news/secadv_20150319.txt
Security: CVE-2015-0291
Security: CVE-2015-0204
Security: CVE-2015-0290
Security: CVE-2015-0207
Security: CVE-2015-0286
Security: CVE-2015-0208
Security: CVE-2015-0287
Security: CVE-2015-0289
Security: CVE-2015-0292
Security: CVE-2015-0293
Security: CVE-2015-1787
Security: CVE-2015-0285
Security: CVE-2015-0209
Security: CVE-2015-0288
 2015-03-21 10:53:13 +00:00
Xin LI
f3770930f2 Fix botched patch, this fixes build for i386. 
Reported by:	ohauer
Pointy hat to:	delphij
 2015-03-19 22:15:36 +00:00
Dirk Meyer
1f3b87b7e9 - mark BROKEN options 2015-03-19 21:55:02 +00:00
Xin LI
8f4ff84d95 Update to 1.0.1m to fix multiple vulnerabilities. 
With hat:	so
 2015-03-19 20:23:36 +00:00
Dirk Meyer
88e0c8f493 - update to 1.0.1l 
- fix option PADLOCK
 2015-01-16 09:17:38 +00:00
Xin LI
0fd5e6d2fe Update to 1.01k. 
With hat:	ports-secteam
Security:	vuxml 4e536c14-9791-11e4-977d-d050992ecde8
Security:	CVE-2014-3569
Security:	CVE-2014-3570
Security:	CVE-2014-3571
Security:	CVE-2014-3572
Security:	CVE-2014-8275
Security:	CVE-2015-0204
Security:	CVE-2015-0205
Security:	CVE-2015-0206
 2015-01-09 00:02:30 +00:00
Dirk Meyer
41a563525f - new option TLSEXPCIPHERS 
PR:		195270
Submitted by:	yuri@rawbw.com

- options ordered by function
- extends descriptions
 2014-11-23 10:34:38 +00:00
Xin LI
70302614ee Update to 1.01j. 
With hat:	ports-secteam
Security:	vuxml 03175e62-5494-11e4-9cc1-bc5ff4fb5e7b
Security:	CVE-2014-3513
Security:	CVE-2014-3566
Security:	CVE-2014-3567
Security:	CVE-2014-3568
 2014-10-15 18:34:13 +00:00
Dirk Meyer
2ca2348f2d - remove workaround for amd64 2014-08-14 16:25:11 +00:00
Dirk Meyer
8ba4016c73 - new options SSL2 SSL3 
Suggested by:	Velcro Leaf
 2014-08-11 04:27:53 +00:00
Xin LI
348a9f3991 Update to 1.01i. 
With hat:	ports-secteam
Security:	vuxml 8aff07eb-1dbd-11e4-b6ba-3c970e169bc2
Security:	CVE-2014-3505
Security:	CVE-2014-3506
Security:	CVE-2014-3507
Security:	CVE-2014-3508
Security:	CVE-2014-3509
Security:	CVE-2014-3510
Security:	CVE-2014-3511
Security:	CVE-2014-3512
Security:	CVE-2014-5139
 2014-08-06 23:37:49 +00:00
Dirk Meyer
4bc4a40468 - rename patch files 2014-08-03 15:30:04 +00:00
Adam Weinberger
1c30911ff0 Rename security/ patches to reflect the files they modify. 2014-07-29 14:30:10 +00:00
Adam Weinberger
5d2373a092 Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS. 2014-07-15 16:57:39 +00:00
Dirk Meyer
7e5bca039b - add CONFLICTS because of libressl 2014-07-13 20:47:21 +00:00
Dag-Erling Smørgrav
b1c276f17e Include the final letter in the CPE version field. 2014-07-10 10:27:39 +00:00
Dirk Meyer
0622b71a49 - allow OPENSSLDIR be changed in /etc/make.conf or Makefile.local 2014-07-03 16:49:37 +00:00
Xin LI
9fafdf3747 Update to 1.0.1h. 
Approved by:	so (ports-security@ blanket)
Security:	5ac53801-ec2e-11e3-9cf3-3c970e169bc2
 2014-06-05 12:54:40 +00:00
Dag-Erling Smørgrav
2870907ca1 Add CPE information. 
With hat:	ports-secteam
 2014-06-04 16:54:56 +00:00
Dirk Meyer
eaac0ade39 - Security patch 
Security: CVE-2014-0198
Security: http://seclists.org/oss-sec/2014/q2/232
Security: https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321
Obtained from:	OpenBSD
 2014-05-03 16:36:42 +00:00