summaryrefslogtreecommitdiff
path: root/security/openssl
diff options
context:
space:
mode:
Diffstat (limited to 'security/openssl')
-rw-r--r--security/openssl/Makefile4
-rw-r--r--security/openssl/distinfo4
-rw-r--r--security/openssl/patches/patch-ao54
3 files changed, 48 insertions, 14 deletions
diff --git a/security/openssl/Makefile b/security/openssl/Makefile
index f6c96c77a5a..78299f44f51 100644
--- a/security/openssl/Makefile
+++ b/security/openssl/Makefile
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.127 2007/08/04 14:29:43 tnn Exp $
+# $NetBSD: Makefile,v 1.128 2007/10/21 17:52:52 adrianp Exp $
OPENSSL_SNAPSHOT?= # empty
OPENSSL_STABLE?= # empty
@@ -24,7 +24,7 @@ MASTER_SITES= ftp://ftp.openssl.org/snapshot/
. endif
.endif
-PKGREVISION= 4
+PKGREVISION= 5
SVR4_PKGNAME= ossl
CATEGORIES= security
MAINTAINER= pkgsrc-users@NetBSD.org
diff --git a/security/openssl/distinfo b/security/openssl/distinfo
index dde5511b061..2e04f07cf63 100644
--- a/security/openssl/distinfo
+++ b/security/openssl/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.55 2007/08/04 14:29:43 tnn Exp $
+$NetBSD: distinfo,v 1.56 2007/10/21 17:52:52 adrianp Exp $
SHA1 (openssl-0.9.7i.tar.gz) = 4c23925744d43272fa19615454da44e01465eb06
RMD160 (openssl-0.9.7i.tar.gz) = 0dce52c5793a0c37f17b620f7d26bbf9e4fcf755
@@ -14,7 +14,7 @@ SHA1 (patch-ak) = 7f9960a97cbe83c381c2a4565ca3a6e4e661bf54
SHA1 (patch-al) = 64fd0be6adf30821b4c4bba3c9088c6dcbff3ba7
SHA1 (patch-am) = 209aad896f976e5acc9bf66f5e3fdf6193d2ff3d
SHA1 (patch-an) = c38cf54341ae5b770f984859c1a3bf6df41e0532
-SHA1 (patch-ao) = 834860d35eaa1211db664346a362822114bd16ef
+SHA1 (patch-ao) = 625c6379b38769b639bc7f87ccb0d23c651bf5eb
SHA1 (patch-ap) = 9473b8e69b71864baab3d38ee3de90e7027b1b0b
SHA1 (patch-aq) = 68704a8048f7eea3744ae5e04dda09c676762923
SHA1 (patch-ar) = 575be597244eb04576651d7b0276604d51fa7464
diff --git a/security/openssl/patches/patch-ao b/security/openssl/patches/patch-ao
index 0b53ba7001a..7bc30bd52be 100644
--- a/security/openssl/patches/patch-ao
+++ b/security/openssl/patches/patch-ao
@@ -1,15 +1,49 @@
-$NetBSD: patch-ao,v 1.1 2006/09/30 04:20:24 taca Exp $
+$NetBSD: patch-ao,v 1.2 2007/10/21 17:52:53 adrianp Exp $
-# http://secunia.com/advisories/22130/
+# CVE-2007-5135
---- ssl/ssl_lib.c.orig 2005-06-11 05:00:39.000000000 +0900
+--- ssl/ssl_lib.c.orig 2005-06-10 21:00:39.000000000 +0100
+++ ssl/ssl_lib.c
-@@ -1187,7 +1187,7 @@ char *SSL_get_shared_ciphers(const SSL *
+@@ -1169,7 +1169,6 @@ int SSL_set_cipher_list(SSL *s,const cha
+ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
+ {
+ char *p;
+- const char *cp;
+ STACK_OF(SSL_CIPHER) *sk;
+ SSL_CIPHER *c;
+ int i;
+@@ -1182,20 +1181,21 @@ char *SSL_get_shared_ciphers(const SSL *
+ sk=s->session->ciphers;
+ for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+ {
+- /* Decrement for either the ':' or a '\0' */
+- len--;
++ int n;
++
c=sk_SSL_CIPHER_value(sk,i);
- for (cp=c->name; *cp; )
- {
+- for (cp=c->name; *cp; )
+- {
- if (len-- == 0)
-+ if (len-- <= 0)
- {
- *p='\0';
- return(buf);
+- {
+- *p='\0';
+- return(buf);
+- }
+- else
+- *(p++)= *(cp++);
+- }
+- *(p++)=':';
++ n=strlen(c->name);
++ if (n+1 > len)
++ {
++ if (p != buf)
++ --p;
++ *p='\0';
++ return buf;
++ }
++ strcpy(p,c->name);
++ p+=n;
++ *(p++)=':';
++ len-=n+1;
+ }
+ p[-1]='\0';
+ return(buf);