Add patch from http://www.openssl.org/news/secadv_20030219.txt:

In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked via timing by performing a MAC computation even if incorrrect block cipher padding has been found. This is a countermeasure against active attacks where the attacker has to distinguish between bad padding and a MAC verification error. (CAN-2003-0078) Bump PKGREVISION.
author: wiz <wiz@pkgsrc.org> 2003-02-20 07:59:24 +0000
committer: wiz <wiz@pkgsrc.org> 2003-02-20 07:59:24 +0000
commit: f628ba9e29293c2b9fc8be20c7ccb9e373a08083 (patch)
tree: 2fd41cca74f0e625f58e720904c0ee631a08e40c /security/openssl/distinfo
parent: e34a5c50ad4981f38a1434873dbe044f7ce67447 (diff)
download: pkgsrc-f628ba9e29293c2b9fc8be20c7ccb9e373a08083.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/security/openssl/distinfo b/security/openssl/distinfo
index 363dd38cd53..a4e2a93950c 100644
--- a/security/openssl/distinfo
+++ b/security/openssl/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2002/12/03 14:02:24 grant Exp $
+$NetBSD: distinfo,v 1.16 2003/02/20 07:59:25 wiz Exp $
 
 SHA1 (openssl-0.9.6g.tar.gz) = 5b3cdad1d33134c97f659a8ad5dbf4ca4cf3d9c8
 Size (openssl-0.9.6g.tar.gz) = 2170570 bytes
@@ -10,3 +10,4 @@ SHA1 (patch-ac) = 9d53250cf7267461d57edc26573bcd822cd945db
 SHA1 (patch-ad) = ee8283d5537edce1bb60470c616ebabfda0aa084
 SHA1 (patch-ae) = f4bf6ae5aa41b55d9978376e4e50ee10c10dd288
 SHA1 (patch-af) = fd470396c5f54ea2d333df44504c03e7c6c8dc96
+SHA1 (patch-ag) = d470c7da2cff7ba37ac38d6ceb79751a7d21d432
author	wiz <wiz@pkgsrc.org>	2003-02-20 07:59:24 +0000
committer	wiz <wiz@pkgsrc.org>	2003-02-20 07:59:24 +0000
commit	f628ba9e29293c2b9fc8be20c7ccb9e373a08083 (patch)
tree	2fd41cca74f0e625f58e720904c0ee631a08e40c /security/openssl/distinfo
parent	e34a5c50ad4981f38a1434873dbe044f7ce67447 (diff)
download	pkgsrc-f628ba9e29293c2b9fc8be20c7ccb9e373a08083.tar.gz