diff options
| author | taca <taca@pkgsrc.org> | 2010-01-15 04:55:30 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2010-01-15 04:55:30 +0000 |
| commit | 46298023fb5384d61b1299160955d24a2c19aa31 (patch) | |
| tree | d1021751a6eda0e3f58c259261702a0bf22fe064 /security/openssl/Makefile | |
| parent | 7b7cb52a6d4ba712ea0b2662df949f124719c183 (diff) | |
| download | pkgsrc-46298023fb5384d61b1299160955d24a2c19aa31.tar.gz | |
Update openssl package to 0.9.8l, fixing security problem.
Approved by agc@.
Changes between 0.9.8k and 0.9.8l [5 Nov 2009]
*) Disable renegotiation completely - this fixes a severe security
problem (CVE-2009-3555) at the cost of breaking all
renegotiation. Renegotiation can be re-enabled by setting
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
run-time. This is really not recommended unless you know what
you're doing.
[Ben Laurie]
Diffstat (limited to 'security/openssl/Makefile')
| -rw-r--r-- | security/openssl/Makefile | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/security/openssl/Makefile b/security/openssl/Makefile index bb0cb9e838e..df98f46093c 100644 --- a/security/openssl/Makefile +++ b/security/openssl/Makefile @@ -1,15 +1,14 @@ -# $NetBSD: Makefile,v 1.141 2009/12/25 11:58:06 obache Exp $ +# $NetBSD: Makefile,v 1.142 2010/01/15 04:55:30 taca Exp $ OPENSSL_SNAPSHOT?= # empty OPENSSL_STABLE?= # empty -OPENSSL_VERS?= 0.9.8k -PKGREVISION= 1 +OPENSSL_VERS?= 0.9.8l .if empty(OPENSSL_SNAPSHOT) DISTNAME= openssl-${OPENSSL_VERS} MASTER_SITES= ftp://ftp.openssl.org/source/ \ ftp://sunsite.cnlab-switch.ch/mirror/openssl/source/ \ - ftp://sunsite.uio.no/pub/security/openssl/source/ + ftp://sunsite.uio.no/pub/security/openssl/source/ .else . if !empty(OPENSSL_STABLE:M[yY][eE][sS]) DISTNAME= openssl-${OPENSSL_VERS:C/[a-z]$//}-stable-SNAP-${OPENSSL_SNAPSHOT} |