PolarSSL ChangeLog

= Version 1.2.11 released 2014-07-11
Features
   * Entropy module now supports seed writing and reading

Changes
   * Introduced POLARSSL_HAVE_READDIR_R for systems without it
   * Improvements to the CMake build system, contributed by Julian Ospald.
   * Work around a bug of the version of Clang shipped by Apple with Mavericks
     that prevented bignum.c from compiling. (Reported by Rafael Baptista.)
   * Improvements to tests/Makefile, contributed by Oden Eriksson.
   * Use UTC time to check certificate validity.
   * Reject certificates with times not in UTC, per RFC 5280.
   * Migrate zeroizing of data to polarssl_zeroize() instead of memset()
     against unwanted compiler optimizations

Security
   * Forbid change of server certificate during renegotiation to prevent
     "triple handshake" attack when authentication mode is optional (the
     attack was already impossible when authentication is required).
   * Check notBefore timestamp of certificates and CRLs from the future.
   * Forbid sequence number wrapping
   * Prevent potential NULL pointer dereference in ssl_read_record() (found by
     TrustInSoft)
   * Fix length checking for AEAD ciphersuites (found by Codenomicon).
     It was possible to crash the server (and client) using crafted messages
     when a GCM suite was chosen.

Bugfix
   * Fixed X.509 hostname comparison (with non-regular characters)
   * SSL now gracefully handles missing RNG
   * crypt_and_hash app checks MAC before final decryption
   * Fixed x509_crt_parse_path() bug on Windows platforms
   * Added missing MPI_CHK() around some statements in mpi_div_mpi() (found by
     TrustInSoft)
   * Fixed potential overflow in certificate size verification in
     ssl_write_certificate() (found by TrustInSoft)
   * Fix ASM format in bn_mul.h
   * Potential memory leak in bignum_selftest()
   * Replaced expired test certificate
   * ssl_mail_client now terminates lines with CRLF, instead of LF
   * Fix bug in RSA PKCS#1 v1.5 "reversed" operations
   * Fixed testing with out-of-source builds using cmake
   * Fixed version-major intolerance in server
   * Fixed CMake symlinking on out-of-source builds
   * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
     Alex Wilson.)
   * ssl_init() was leaving a dirty pointer in ssl_context if malloc of
     out_ctr failed
   * ssl_handshake_init() was leaving dirty pointers in subcontexts if malloc
     of one of them failed
   * x509_get_current_time() uses localtime_r() to prevent thread issues
   * Some example server programs were not sending the close_notify alert.
   * Potential memory leak in mpi_exp_mod() when error occurs during
     calculation of RR.
   * Improve interoperability by not writing extension length in ClientHello
     when no extensions are present (found by Matthew Page)
   * rsa_check_pubkey() now allows an E up to N
   * On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
   * mpi_fill_random() was creating numbers larger than requested on
     big-endian platform when size was not an integer number of limbs
   * Fix detection of DragonflyBSD in net.c (found by Markus Pfeiffer)
   * Stricter check on SSL ClientHello internal sizes compared to actual packet
     size (found by TrustInSoft)
   * Fix preprocessor checks for bn_mul PPC asm (found by Barry K. Nathan).
   * Use \n\t rather than semicolons for bn_mul asm, since some assemblers
     interpret semicolons as comment delimiters (found by Barry K. Nathan).
   * Disable broken Sparc64 bn_mul assembly (found by Florian Obser).
   * Fix base64_decode() to return and check length correctly (in case of
     tight buffers)

= Version 1.2.10 released 2013-10-07
Changes
   * Changed RSA blinding to a slower but thread-safe version
   * Make get_pkcs_padding() constant-time

Bugfix
   * Fixed memory leak in RSA as a result of introduction of blinding
   * Fixed ssl_pkcs11_decrypt() prototype
   * Fixed MSVC project files

= Version 1.2.9 released 2013-10-01
Changes
   * x509_verify() now case insensitive for cn (RFC 6125 6.4)

Bugfix
   * Fixed potential memory leak when failing to resume a session
   * Fixed potential file descriptor leaks (found by Remi Gacogne)
   * Minor fixes

Security
   * Fixed potential heap buffer overflow on large hostname setting
   * Fixed potential negative value misinterpretation in load_file()
   * RSA blinding on CRT operations to counter timing attacks
     (found by Cyril Arnaud and Pierre-Alain Fouque)

2 files changed, 7 insertions, 8 deletions

diff --git a/security/polarssl/Makefile b/security/polarssl/Makefile
index f0e5583e6b3..490543cc3fb 100644
--- a/security/polarssl/Makefile
+++ b/security/polarssl/Makefile
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.4 2014/05/29 23:37:25 wiz Exp $
+# $NetBSD: Makefile,v 1.5 2014/07/16 10:03:57 obache Exp $
 #
 
-DISTNAME=		polarssl-1.2.8-gpl
+DISTNAME=		polarssl-1.2.11-gpl
 PKGNAME=		${DISTNAME:-gpl=}
-PKGREVISION=		1
 CATEGORIES=		security devel
-MASTER_SITES=		http://polarssl.org/code/releases/
+MASTER_SITES=		https://polarssl.org/download/
 EXTRACT_SUFX=		.tgz
 
 MAINTAINER=		pkgsrc-users@NetBSD.org
diff --git a/security/polarssl/distinfo b/security/polarssl/distinfo
index c5c8f52c1c0..e8ad6c7d611 100644
--- a/security/polarssl/distinfo
+++ b/security/polarssl/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.2 2013/09/11 13:17:25 obache Exp $
+$NetBSD: distinfo,v 1.3 2014/07/16 10:03:57 obache Exp $
 
-SHA1 (polarssl-1.2.8-gpl.tgz) = a3e69d4e9302529c5006dcb7d8ecab9c99488036
-RMD160 (polarssl-1.2.8-gpl.tgz) = e86bda2371c258a8b26703199128df64c7d2e3c9
-Size (polarssl-1.2.8-gpl.tgz) = 998609 bytes
+SHA1 (polarssl-1.2.11-gpl.tgz) = 40cb3a833245273946c2075e6c948bbcda8a1be9
+RMD160 (polarssl-1.2.11-gpl.tgz) = 8c9ff2687ded57e1b0ef5b351f61019b6e9c7347
+Size (polarssl-1.2.11-gpl.tgz) = 1020170 bytes
 SHA1 (patch-Makefile) = d35397c1df60e384c2a0826844ac8765fd1fef1a