Update openssl pacakge to 0.9.8u.

Changes between 0.9.8t and 0.9.8u [12 Mar 2012] *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness in CMS and PKCS7 code. When RSA decryption fails use a random key for content decryption and always return the same error. Note: this attack needs on average 2^20 messages so it only affects automated senders. The old behaviour can be reenabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where an MMA defence is not necessary. Thanks to Ivan Nestlerode <[email protected]> for discovering this issue. (CVE-2012-0884) [Steve Henson] *) Fix CVE-2011-4619: make sure we really are receiving a client hello before rejecting multiple SGC restarts. Thanks to Ivan Nestlerode <[email protected]> for discovering this bug. [Steve Henson]
TritonDataCenter · Mar 13, 2012 · 7e3f9e9 · 7e3f9e9
1 parent a3c771f
commit 7e3f9e9
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 25 deletions.
diff --git a/security/openssl/Makefile b/security/openssl/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.162 2012/03/05 00:26:54 pettai Exp $
+# $NetBSD: Makefile,v 1.163 2012/03/13 03:11:32 taca Exp $
 
 OPENSSL_SNAPSHOT?=	# empty
 OPENSSL_STABLE?=	# empty
-OPENSSL_VERS?=		0.9.8t
+OPENSSL_VERS?=		0.9.8u
 
 .if empty(OPENSSL_SNAPSHOT)
 DISTNAME=	openssl-${OPENSSL_VERS}
@@ -22,7 +22,6 @@ MASTER_SITES=	ftp://ftp.openssl.org/snapshot/
 .endif
 
 SVR4_PKGNAME=	ossl
-PKGREVISION=	1
 CATEGORIES=	security
 MAINTAINER=	[email protected]
 HOMEPAGE=	http://www.openssl.org/

diff --git a/security/openssl/distinfo b/security/openssl/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.85 2012/03/05 00:26:54 pettai Exp $
+$NetBSD: distinfo,v 1.86 2012/03/13 03:11:32 taca Exp $
 
-SHA1 (openssl-0.9.8t.tar.gz) = 42e2ba06cc859d61f645915c9a30326eda371a5e
-RMD160 (openssl-0.9.8t.tar.gz) = 8d5a32ebc94c578021bce519f92b5d31743d3e47
-Size (openssl-0.9.8t.tar.gz) = 3778943 bytes
+SHA1 (openssl-0.9.8u.tar.gz) = 09b4f2d9c4588d8010eac6f4ab0c96ad0e9d66ac
+RMD160 (openssl-0.9.8u.tar.gz) = e0a7fa3950ca290d0a931a130f8651e54ad2a400
+Size (openssl-0.9.8u.tar.gz) = 3781776 bytes
 SHA1 (patch-aa) = eb25505e8a745eb5ba85f857b0f9302fd5e9bda1
 SHA1 (patch-ac) = 6ff4a20440666f5c520837e10547091e1bee2208
 SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3
@@ -11,4 +11,3 @@ SHA1 (patch-af) = 2610930b6b06397fa2e3955b3244c02193f5b7a6
 SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8
 SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0
 SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302
-SHA1 (patch-asn_mime.c) = 45c25660b03687a014e54a24343f775e0e6b9b71
diff --git a/security/openssl/patches/patch-asn_mime.c b/security/openssl/patches/patch-asn_mime.c