projects / pkgsrcv2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9502851) | patch
Pullup ticket #3755 - requested by taca
authorsbd <sbd>
Tue, 24 Apr 2012 07:47:28 +0000 (07:47 +0000)
committersbd <sbd>
Tue, 24 Apr 2012 07:47:28 +0000 (07:47 +0000)
commit1c11a5ac2eb80446dfb01ca56ad649d7fb6e4c89
tree3d318aef8fe2f6d7903671f7bb1e4f991e9dc852tree | snapshot
parent95028518d81024c0f9f4c4c2870cb2b46a1c3a97commit | diff
Pullup ticket #3755 - requested by taca
security/openssl security update.

Revisions pulled up:
- security/openssl/Makefile                                     1.166
- security/openssl/distinfo                                     1.88

---
   Module Name: pkgsrc
   Committed By: taca
   Date: Tue Apr 24 05:03:49 UTC 2012

   Modified Files:
    pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update openssl package to 0.9.8w.

   Security fix for CVS-2012-2131.

    Changes between 0.9.8v and 0.9.8w [23 Apr 2012]

     *) The fix for CVE-2012-2110 did not take into account that the
        'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
        int in OpenSSL 0.9.8, making it still vulnerable. Fix by
        rejecting negative len parameter. (CVE-2012-2131)
        [Tomas Hoger <thoger@redhat.com>]
security/openssl/Makefile diff | blob | blame | history
security/openssl/distinfo diff | blob | blame | history
Unofficial gitization of NetBSD-CVS pkgsrc, not synchronized w/NetBSD git.