diff options
author | tron <tron> | 2014-06-15 12:55:05 +0000 |
---|---|---|
committer | tron <tron> | 2014-06-15 12:55:05 +0000 |
commit | e31146b8dde06cdf409bceb03f0e19bad247f7c5 (patch) | |
tree | 8ac8db84617786cc80bf04c6265347dec4c69245 | |
parent | 26a6a6c7c8f1a3927f351ffa88763db0cab0c591 (diff) | |
download | pkgsrc-e31146b8dde06cdf409bceb03f0e19bad247f7c5.tar.gz |
Pullup ticket #4432 - requested by obache
emulators/suse131_openssl: security update
Revisions pulled up:
- emulators/suse131_openssl/Makefile 1.9
- emulators/suse131_openssl/distinfo 1.9
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Jun 6 09:53:29 UTC 2014
Modified Files:
pkgsrc/emulators/suse131_openssl: Makefile distinfo
Log Message:
Apply openSUSE-SU-2014:0764-1
openSUSE Security Update: openssl: update to version 1.0.1h
Description:
The openssl library was updated to version 1.0.1h fixing various security
issues and bugs:
Security issues fixed:
- CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully
crafted handshake can force the use of weak keying material in OpenSSL
SSL/TLS clients and servers.
- CVE-2014-0221: Fix DTLS recursion flaw. By sending an invalid DTLS
handshake to an OpenSSL DTLS client the code can be made to recurse
eventually crashing in a DoS attack.
- CVE-2014-0195: Fix DTLS invalid fragment vulnerability. A buffer
overrun attack can be triggered by sending invalid DTLS fragments to an
OpenSSL DTLS client or server. This is potentially exploitable to run
arbitrary code on a vulnerable client or server.
- CVE-2014-3470: Fix bug in TLS code where clients enable anonymous ECDH
ciphersuites are subject to a denial of service attack.
Bump PKGREVISION.
-rw-r--r-- | emulators/suse131_openssl/Makefile | 6 | ||||
-rw-r--r-- | emulators/suse131_openssl/distinfo | 14 |
2 files changed, 10 insertions, 10 deletions
diff --git a/emulators/suse131_openssl/Makefile b/emulators/suse131_openssl/Makefile index dfc5a933504..8a093a93f13 100644 --- a/emulators/suse131_openssl/Makefile +++ b/emulators/suse131_openssl/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.3.2.4 2014/05/14 20:57:59 tron Exp $ +# $NetBSD: Makefile,v 1.3.2.5 2014/06/15 12:55:05 tron Exp $ DISTNAME= suse_openssl-${SUSE_VERSION} -PKGREVISION= 7 +PKGREVISION= 8 CATEGORIES= emulators -RPMUPDPKGS+= libopenssl1_0_0-1.0.1g-11.44.1.${SUSE_ARCH} +RPMUPDPKGS+= libopenssl1_0_0-1.0.1h-11.48.1.${SUSE_ARCH} MAINTAINER= pkgsrc-users@NetBSD.org COMMENT= Linux compatibility package for OpenSSL diff --git a/emulators/suse131_openssl/distinfo b/emulators/suse131_openssl/distinfo index a4907bc1629..aefe9ebb4f3 100644 --- a/emulators/suse131_openssl/distinfo +++ b/emulators/suse131_openssl/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.3.2.4 2014/05/14 20:57:59 tron Exp $ +$NetBSD: distinfo,v 1.3.2.5 2014/06/15 12:55:05 tron Exp $ -SHA1 (suse131/libopenssl1_0_0-1.0.1g-11.44.1.i586.rpm) = 06696d4d499147bf836134f6fda0fc5ceebe001a -RMD160 (suse131/libopenssl1_0_0-1.0.1g-11.44.1.i586.rpm) = fd356fb9e27312db6368e7ed43a76b216a2f9962 -Size (suse131/libopenssl1_0_0-1.0.1g-11.44.1.i586.rpm) = 762008 bytes -SHA1 (suse131/libopenssl1_0_0-1.0.1g-11.44.1.x86_64.rpm) = 7678bd9f85f861ec7c9c277755d264af1f4458f6 -RMD160 (suse131/libopenssl1_0_0-1.0.1g-11.44.1.x86_64.rpm) = 2fb4cc38743d66d293da09ae043f61674191be76 -Size (suse131/libopenssl1_0_0-1.0.1g-11.44.1.x86_64.rpm) = 812058 bytes +SHA1 (suse131/libopenssl1_0_0-1.0.1h-11.48.1.i586.rpm) = 9a06f864be4ead3704e6f6fa3a2e8d381294c9af +RMD160 (suse131/libopenssl1_0_0-1.0.1h-11.48.1.i586.rpm) = 41eda2b2f92ed1fd1d4f57e955b06f033898dde5 +Size (suse131/libopenssl1_0_0-1.0.1h-11.48.1.i586.rpm) = 763568 bytes +SHA1 (suse131/libopenssl1_0_0-1.0.1h-11.48.1.x86_64.rpm) = 08d4a810c404b3c9219d575b91d01ba707ac908d +RMD160 (suse131/libopenssl1_0_0-1.0.1h-11.48.1.x86_64.rpm) = b3e7fcd49c919bda726782b72c91d464b9d4838f +Size (suse131/libopenssl1_0_0-1.0.1h-11.48.1.x86_64.rpm) = 815035 bytes |