diff options
| author | Bernard Spil <brnrd@FreeBSD.org> | 2016-09-29 11:52:35 +0000 |
|---|---|---|
| committer | Bernard Spil <brnrd@FreeBSD.org> | 2016-09-29 11:52:35 +0000 |
| commit | 4b2f78764123c7cf352577ef9792d211bd37b3e6 (patch) | |
| tree | a3ede43cd0f96868523ee31c02dd6ea9b00f29ff | |
| parent | f20fb39cdda4db27d864b9c1d7e8aa77d73fb868 (diff) | |
| download | ports-4b2f78764123c7cf352577ef9792d211bd37b3e6.tar.gz ports-4b2f78764123c7cf352577ef9792d211bd37b3e6.zip | |
MFH: r416626 r419542 r420102 r422829
security/libressl: Update to version 2.3.6
Security: CVE-2016-2178
Sponsored by: BSDCan DevSummit
security/libressl: Update to 2.3.7
- Bugfix update [1]
Release notes:
- http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.7-relnotes.txt
security/libressl: Update to 2.4.2
- Update to latest stable version 2.4.2
- Add UPDATING entry
- Remove OPENSSL_VERSION_NUMBER patch
- Change post-install targets to post-stage where possible
- Bump libcrypto version in version.mk
PR: 211701
security/libressl: Update to 2.4.3
- Update to 2.4.3
- Only affected by CVE-2016-6304 (high)
Security: CVE-2016-6304
Security: 43eaa656-80bc-11e6-bf52-b499baebfeaf
Approved by: ports-secteam (feld)
Notes
Notes:
svn path=/branches/2016Q3/; revision=422912
| -rw-r--r-- | UPDATING | 28 | ||||
| -rw-r--r-- | security/libressl/Makefile | 10 | ||||
| -rw-r--r-- | security/libressl/distinfo | 6 | ||||
| -rw-r--r-- | security/libressl/files/patch-include_openssl_opensslv.h | 11 | ||||
| -rw-r--r-- | security/libressl/pkg-plist | 12 | ||||
| -rw-r--r-- | security/libressl/version.mk | 2 |
6 files changed, 43 insertions, 26 deletions
@@ -6,6 +6,34 @@ You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. 20160811: + AFFECTS: users of security/libressl + AUTHOR: brnrd@FreeBSD.org + + The port has been updated to the latest stable version 2.4 of LibreSSL. + The shared library versions of the libraries have been bumped. + With this update, the patch for the OPENSSL_VERSION_NUMBER has been + removed. This causes issues with a number of ports. Patches for all + ports for which this issues is known can be found on + https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER + + After upgrading, manually update all packages that depend on any of the + libraries provided by LibreSSL (libssl, libcrypto and libtls) since the + versions of these libraries have changed. Normally, you can obtain the + list of dependent software by running the following command: + + # pkg info -r libressl + + Then you should rebuild all ports depending on libressl to avoid dangling + shared library dependencies. Poudriere and pkg handle this correctly, + portmaster and portupgrade users can use the following to rebuild all + dependent ports. + + Portmaster users: + portmaster -r libressl + Portupgrade users: + portupgrade -fr security/libressl + +20160811: AFFECTS: users of databases/postgresqlNN-server with ICU patch AUTHOR: girgen@FreeBSD.org diff --git a/security/libressl/Makefile b/security/libressl/Makefile index 18880e8da58f..8447257ffc26 100644 --- a/security/libressl/Makefile +++ b/security/libressl/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= libressl -PORTVERSION= 2.3.6 +PORTVERSION= 2.4.3 CATEGORIES= security devel MASTER_SITES= OPENBSD/LibreSSL @@ -32,15 +32,15 @@ CFLAGS+= -fpic -DPIC INSTALL_TARGET= install-strip TEST_TARGET= check -post-install-NC-on: +post-stage-NC-on: ${INSTALL_PROGRAM} ${WRKSRC}/apps/nc/.libs/nc ${STAGEDIR}/${PREFIX}/bin/nc ${INSTALL_MAN} ${WRKSRC}/apps/nc/nc.1 ${STAGEDIR}/${PREFIX}/man/man1/nc.1 +post-stage: + ${RM} -rf ${STAGEDIR}/${PREFIX}/etc/ssl/cert.pem + post-install-MAN3-off: ${RM} -rf ${STAGEDIR}/${PREFIX}/man/man3 ${REINPLACE_CMD} -e '/^man\/man3/d' ${TMPPLIST} -post-install: - ${RM} -rf ${STAGEDIR}/${PREFIX}/etc/ssl/cert.pem - .include <bsd.port.mk> diff --git a/security/libressl/distinfo b/security/libressl/distinfo index c8d917e188c5..65b9c5d243c7 100644 --- a/security/libressl/distinfo +++ b/security/libressl/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1465503719 -SHA256 (libressl-2.3.6.tar.gz) = 358a4779e6813bd06f07db0cf0f0fe531401ed0c6ed958973d404416c3d537fa -SIZE (libressl-2.3.6.tar.gz) = 3013459 +TIMESTAMP = 1475008406 +SHA256 (libressl-2.4.3.tar.gz) = bd5726f3e247e7a7d30ce69946d174b8fb92d999d22710c65f176c969812960e +SIZE (libressl-2.4.3.tar.gz) = 3014721 diff --git a/security/libressl/files/patch-include_openssl_opensslv.h b/security/libressl/files/patch-include_openssl_opensslv.h deleted file mode 100644 index 43a61234fa76..000000000000 --- a/security/libressl/files/patch-include_openssl_opensslv.h +++ /dev/null @@ -1,11 +0,0 @@ ---- include/openssl/opensslv.h.orig 2015-07-26 14:58:42 UTC -+++ include/openssl/opensslv.h -@@ -7,7 +7,7 @@ - #define LIBRESSL_VERSION_TEXT "LibreSSL 2.2.2" - - /* These will never change */ --#define OPENSSL_VERSION_NUMBER 0x20000000L -+#define OPENSSL_VERSION_NUMBER 0x1000107fL - #define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT - #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT - diff --git a/security/libressl/pkg-plist b/security/libressl/pkg-plist index 72fc52638a78..fa6697415566 100644 --- a/security/libressl/pkg-plist +++ b/security/libressl/pkg-plist @@ -75,16 +75,16 @@ include/openssl/x509v3.h include/tls.h lib/libcrypto.a lib/libcrypto.so -lib/libcrypto.so.37 -lib/libcrypto.so.37.0.0 +lib/libcrypto.so.38 +lib/libcrypto.so.38.0.0 lib/libssl.a lib/libssl.so -lib/libssl.so.38 -lib/libssl.so.38.0.0 +lib/libssl.so.39 +lib/libssl.so.39.0.0 lib/libtls.a lib/libtls.so -lib/libtls.so.10 -lib/libtls.so.10.0.0 +lib/libtls.so.11 +lib/libtls.so.11.0.0 libdata/pkgconfig/libcrypto.pc libdata/pkgconfig/libssl.pc libdata/pkgconfig/libtls.pc diff --git a/security/libressl/version.mk b/security/libressl/version.mk index d71bc8fc0462..2457aac23c3a 100644 --- a/security/libressl/version.mk +++ b/security/libressl/version.mk @@ -1 +1 @@ -OPENSSL_SHLIBVER?= 37 +OPENSSL_SHLIBVER?= 38 |