aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbrnrd <brnrd@FreeBSD.org>2017-02-01 17:59:34 +0800
committerbrnrd <brnrd@FreeBSD.org>2017-02-01 17:59:34 +0800
commitdf0f19eb672547eebe4dc4da0c689cd1c9427fa8 (patch)
tree27d0457d687004b2a0cffb6c58625166e6243876
parentb8913cd7b7a7d4609661425122ccbd3fa46cd587 (diff)
downloadfreebsd-ports-gnome-df0f19eb672547eebe4dc4da0c689cd1c9427fa8.tar.gz
freebsd-ports-gnome-df0f19eb672547eebe4dc4da0c689cd1c9427fa8.tar.zst
freebsd-ports-gnome-df0f19eb672547eebe4dc4da0c689cd1c9427fa8.zip
security/libressl: Update to 2.4.5
- Update version to 2.4.5 - Remove patch now included
-rw-r--r--security/libressl/Makefile11
-rw-r--r--security/libressl/distinfo6
-rw-r--r--security/libressl/files/patch-CVE-2016-705635
3 files changed, 11 insertions, 41 deletions
diff --git a/security/libressl/Makefile b/security/libressl/Makefile
index f2f6980c66e5..189728355b58 100644
--- a/security/libressl/Makefile
+++ b/security/libressl/Makefile
@@ -2,8 +2,7 @@
# $FreeBSD$
PORTNAME= libressl
-PORTVERSION= 2.4.4
-PORTREVISION= 1
+PORTVERSION= 2.4.5
CATEGORIES= security devel
MASTER_SITES= OPENBSD/LibreSSL
@@ -35,6 +34,12 @@ CFLAGS+= -fpic -DPIC
INSTALL_TARGET= install-strip
TEST_TARGET= check
+.include <bsd.port.pre.mk>
+
+#.if ${OSVERSION} > 1100037
+#CONFIGURE_ENV= HAVE_EXPLICIT_BZERO=yes
+#.endif
+
post-install:
${RM} -r ${STAGEDIR}/${PREFIX}/etc/ssl/cert.pem
@@ -42,4 +47,4 @@ post-install-NC-on:
${INSTALL_PROGRAM} ${WRKSRC}/apps/nc/.libs/nc ${STAGEDIR}/${PREFIX}/bin/nc
${INSTALL_MAN} ${WRKSRC}/apps/nc/nc.1 ${STAGEDIR}/${PREFIX}/man/man1/nc.1
-.include <bsd.port.mk>
+.include <bsd.port.post.mk>
diff --git a/security/libressl/distinfo b/security/libressl/distinfo
index f6f780cce2c5..bfea53f828cd 100644
--- a/security/libressl/distinfo
+++ b/security/libressl/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1479221712
-SHA256 (libressl-2.4.4.tar.gz) = 6fcfaf6934733ea1dcb2f6a4d459d9600e2f488793e51c2daf49b70518eebfd1
-SIZE (libressl-2.4.4.tar.gz) = 3014463
+TIMESTAMP = 1485938351
+SHA256 (libressl-2.4.5.tar.gz) = d300c4e358aee951af6dfd1684ef0c034758b47171544230f3ccf6ce24fe4347
+SIZE (libressl-2.4.5.tar.gz) = 3016462
diff --git a/security/libressl/files/patch-CVE-2016-7056 b/security/libressl/files/patch-CVE-2016-7056
deleted file mode 100644
index e190eeeab365..000000000000
--- a/security/libressl/files/patch-CVE-2016-7056
+++ /dev/null
@@ -1,35 +0,0 @@
-untrusted comment: signature from openbsd 6.0 base secret key
-RWSho3oKSqgLQ55BCxFoKK3pckJBYNZ3l6vujvan4SYLtXvRIsH6PNnmu7Xu18ILyYPxIQnYmCf1ux+IeoD8vzKfEeoCb+UVdQg=
-
-OpenBSD 6.0 errata 16, Jan 5, 2017:
-
-Avoid possible side-channel leak of ECDSA private keys when signing.
-
-Apply by doing:
- signify -Vep /etc/signify/openbsd-60-base.pub -x 016_libcrypto.patch.sig \
- -m - | (cd /usr/src && patch -p0)
-
-And then rebuild and install libcrypto:
- cd /usr/src/lib/libcrypto
- make obj
- make depend
- make
- make install
-
-Index: lib/libssl/src/crypto/ecdsa/ecs_ossl.c
-===================================================================
-RCS file: /cvs/src/lib/libssl/src/crypto/ecdsa/Attic/ecs_ossl.c,v
-retrieving revision 1.6
-retrieving revision 1.6.8.1
-diff -u -p -r1.6 -r1.6.8.1
---- crypto/ecdsa/ecs_ossl.c 8 Feb 2015 13:35:07 -0000 1.6
-+++ crypto/ecdsa/ecs_ossl.c 5 Jan 2017 13:28:48 -0000 1.6.8.1
-@@ -141,6 +141,8 @@ ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *
- if (BN_num_bits(k) <= BN_num_bits(order))
- if (!BN_add(k, k, order))
- goto err;
-+
-+ BN_set_flags(k, BN_FLG_CONSTTIME);
-
- /* compute r the x-coordinate of generator * k */
- if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {