Update openssl pacakge to 0.9.8u.

 Changes between 0.9.8t and 0.9.8u [12 Mar 2012]

  *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
     in CMS and PKCS7 code. When RSA decryption fails use a random key for
     content decryption and always return the same error. Note: this attack
     needs on average 2^20 messages so it only affects automated senders. The
     old behaviour can be reenabled in the CMS code by setting the
     CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
     an MMA defence is not necessary.
     Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
     this issue. (CVE-2012-0884)
     [Steve Henson]

  *) Fix CVE-2011-4619: make sure we really are receiving a
     client hello before rejecting multiple SGC restarts. Thanks to
     Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
     [Steve Henson]

1 files changed, 2 insertions, 3 deletions

diff --git a/security/openssl/Makefile b/security/openssl/Makefile
index eb2db2c99d0..7876125a616 100644
--- a/security/openssl/Makefile
+++ b/security/openssl/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.162 2012/03/05 00:26:54 pettai Exp $
+# $NetBSD: Makefile,v 1.163 2012/03/13 03:11:32 taca Exp $
 
 OPENSSL_SNAPSHOT?=	# empty
 OPENSSL_STABLE?=	# empty
-OPENSSL_VERS?=		0.9.8t
+OPENSSL_VERS?=		0.9.8u
 
 .if empty(OPENSSL_SNAPSHOT)
 DISTNAME=	openssl-${OPENSSL_VERS}
@@ -22,7 +22,6 @@ MASTER_SITES=	ftp://ftp.openssl.org/snapshot/
 .endif
 
 SVR4_PKGNAME=	ossl
-PKGREVISION=	1
 CATEGORIES=	security
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://www.openssl.org/