diff options
author | brnrd <brnrd@FreeBSD.org> | 2017-02-01 17:59:34 +0800 |
---|---|---|
committer | brnrd <brnrd@FreeBSD.org> | 2017-02-01 17:59:34 +0800 |
commit | df0f19eb672547eebe4dc4da0c689cd1c9427fa8 (patch) | |
tree | 27d0457d687004b2a0cffb6c58625166e6243876 | |
parent | b8913cd7b7a7d4609661425122ccbd3fa46cd587 (diff) | |
download | freebsd-ports-gnome-df0f19eb672547eebe4dc4da0c689cd1c9427fa8.tar.gz freebsd-ports-gnome-df0f19eb672547eebe4dc4da0c689cd1c9427fa8.tar.zst freebsd-ports-gnome-df0f19eb672547eebe4dc4da0c689cd1c9427fa8.zip |
security/libressl: Update to 2.4.5
- Update version to 2.4.5
- Remove patch now included
-rw-r--r-- | security/libressl/Makefile | 11 | ||||
-rw-r--r-- | security/libressl/distinfo | 6 | ||||
-rw-r--r-- | security/libressl/files/patch-CVE-2016-7056 | 35 |
3 files changed, 11 insertions, 41 deletions
diff --git a/security/libressl/Makefile b/security/libressl/Makefile index f2f6980c66e5..189728355b58 100644 --- a/security/libressl/Makefile +++ b/security/libressl/Makefile @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= libressl -PORTVERSION= 2.4.4 -PORTREVISION= 1 +PORTVERSION= 2.4.5 CATEGORIES= security devel MASTER_SITES= OPENBSD/LibreSSL @@ -35,6 +34,12 @@ CFLAGS+= -fpic -DPIC INSTALL_TARGET= install-strip TEST_TARGET= check +.include <bsd.port.pre.mk> + +#.if ${OSVERSION} > 1100037 +#CONFIGURE_ENV= HAVE_EXPLICIT_BZERO=yes +#.endif + post-install: ${RM} -r ${STAGEDIR}/${PREFIX}/etc/ssl/cert.pem @@ -42,4 +47,4 @@ post-install-NC-on: ${INSTALL_PROGRAM} ${WRKSRC}/apps/nc/.libs/nc ${STAGEDIR}/${PREFIX}/bin/nc ${INSTALL_MAN} ${WRKSRC}/apps/nc/nc.1 ${STAGEDIR}/${PREFIX}/man/man1/nc.1 -.include <bsd.port.mk> +.include <bsd.port.post.mk> diff --git a/security/libressl/distinfo b/security/libressl/distinfo index f6f780cce2c5..bfea53f828cd 100644 --- a/security/libressl/distinfo +++ b/security/libressl/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1479221712 -SHA256 (libressl-2.4.4.tar.gz) = 6fcfaf6934733ea1dcb2f6a4d459d9600e2f488793e51c2daf49b70518eebfd1 -SIZE (libressl-2.4.4.tar.gz) = 3014463 +TIMESTAMP = 1485938351 +SHA256 (libressl-2.4.5.tar.gz) = d300c4e358aee951af6dfd1684ef0c034758b47171544230f3ccf6ce24fe4347 +SIZE (libressl-2.4.5.tar.gz) = 3016462 diff --git a/security/libressl/files/patch-CVE-2016-7056 b/security/libressl/files/patch-CVE-2016-7056 deleted file mode 100644 index e190eeeab365..000000000000 --- a/security/libressl/files/patch-CVE-2016-7056 +++ /dev/null @@ -1,35 +0,0 @@ -untrusted comment: signature from openbsd 6.0 base secret key -RWSho3oKSqgLQ55BCxFoKK3pckJBYNZ3l6vujvan4SYLtXvRIsH6PNnmu7Xu18ILyYPxIQnYmCf1ux+IeoD8vzKfEeoCb+UVdQg= - -OpenBSD 6.0 errata 16, Jan 5, 2017: - -Avoid possible side-channel leak of ECDSA private keys when signing. - -Apply by doing: - signify -Vep /etc/signify/openbsd-60-base.pub -x 016_libcrypto.patch.sig \ - -m - | (cd /usr/src && patch -p0) - -And then rebuild and install libcrypto: - cd /usr/src/lib/libcrypto - make obj - make depend - make - make install - -Index: lib/libssl/src/crypto/ecdsa/ecs_ossl.c -=================================================================== -RCS file: /cvs/src/lib/libssl/src/crypto/ecdsa/Attic/ecs_ossl.c,v -retrieving revision 1.6 -retrieving revision 1.6.8.1 -diff -u -p -r1.6 -r1.6.8.1 ---- crypto/ecdsa/ecs_ossl.c 8 Feb 2015 13:35:07 -0000 1.6 -+++ crypto/ecdsa/ecs_ossl.c 5 Jan 2017 13:28:48 -0000 1.6.8.1 -@@ -141,6 +141,8 @@ ecdsa_sign_setup(EC_KEY *eckey, BN_CTX * - if (BN_num_bits(k) <= BN_num_bits(order)) - if (!BN_add(k, k, order)) - goto err; -+ -+ BN_set_flags(k, BN_FLG_CONSTTIME); - - /* compute r the x-coordinate of generator * k */ - if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) { |