diff options
author | tnn <tnn> | 2009-04-05 15:50:17 +0000 |
---|---|---|
committer | tnn <tnn> | 2009-04-05 15:50:17 +0000 |
commit | 390d9a9150574b5165c6f6333a9ff8c65f1edc6e (patch) | |
tree | 7895c5b5cf629216957a7769ab58c21fffdd22be /security/openssl/Makefile | |
parent | 0f1eec1d5a771cffeb1d46f920fcd2bf01b88967 (diff) | |
download | pkgsrc-390d9a9150574b5165c6f6333a9ff8c65f1edc6e.tar.gz |
Update to openssl-0.9.8k.
Changes between 0.9.8j and 0.9.8k [25 Mar 2009]
*) Don't set val to NULL when freeing up structures, it is freed up by
underlying code. If sizeof(void *) > sizeof(long) this can result in
zeroing past the valid field. (CVE-2009-0789)
*) Fix bug where return value of CMS_SignerInfo_verify_content() was not
checked correctly. This would allow some invalid signed attributes to
appear to verify correctly. (CVE-2009-0591)
*) Reject UniversalString and BMPString types with invalid lengths. This
prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
a legal length. (CVE-2009-0590)
*) Set S/MIME signing as the default purpose rather than setting it
unconditionally. This allows applications to override it at the store
level.
*) Permit restricted recursion of ASN1 strings. This is needed in practice
to handle some structures.
*) Improve efficiency of mem_gets: don't search whole buffer each time
for a '\n'
*) New -hex option for openssl rand.
*) Print out UTF8String and NumericString when parsing ASN1.
*) Support NumericString type for name components.
*) Allow CC in the environment to override the automatically chosen
compiler. Note that nothing is done to ensure flags work with the
chosen compiler.
Diffstat (limited to 'security/openssl/Makefile')
-rw-r--r-- | security/openssl/Makefile | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/openssl/Makefile b/security/openssl/Makefile index 16e46c0c0f4..99b10305755 100644 --- a/security/openssl/Makefile +++ b/security/openssl/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.137 2009/01/08 16:38:22 tnn Exp $ +# $NetBSD: Makefile,v 1.138 2009/04/05 15:50:17 tnn Exp $ OPENSSL_SNAPSHOT?= # empty OPENSSL_STABLE?= # empty -OPENSSL_VERS?= 0.9.8j +OPENSSL_VERS?= 0.9.8k .if empty(OPENSSL_SNAPSHOT) DISTNAME= openssl-${OPENSSL_VERS} |