From 5eeaf0622af3be7ab62a354a7e3b3adc7b11db9b Mon Sep 17 00:00:00 2001 From: tron Date: Sun, 15 Jun 2014 12:55:05 +0000 Subject: Pullup ticket #4432 - requested by obache emulators/suse131_openssl: security update Revisions pulled up: - emulators/suse131_openssl/Makefile 1.9 - emulators/suse131_openssl/distinfo 1.9 --- Module Name: pkgsrc Committed By: obache Date: Fri Jun 6 09:53:29 UTC 2014 Modified Files: pkgsrc/emulators/suse131_openssl: Makefile distinfo Log Message: Apply openSUSE-SU-2014:0764-1 openSUSE Security Update: openssl: update to version 1.0.1h Description: The openssl library was updated to version 1.0.1h fixing various security issues and bugs: Security issues fixed: - CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. - CVE-2014-0221: Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. - CVE-2014-0195: Fix DTLS invalid fragment vulnerability. A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. - CVE-2014-3470: Fix bug in TLS code where clients enable anonymous ECDH ciphersuites are subject to a denial of service attack. Bump PKGREVISION. --- emulators/suse131_openssl/Makefile | 6 +++--- emulators/suse131_openssl/distinfo | 14 +++++++------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/emulators/suse131_openssl/Makefile b/emulators/suse131_openssl/Makefile index dfc5a933504..8a093a93f13 100644 --- a/emulators/suse131_openssl/Makefile +++ b/emulators/suse131_openssl/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.3.2.4 2014/05/14 20:57:59 tron Exp $ +# $NetBSD: Makefile,v 1.3.2.5 2014/06/15 12:55:05 tron Exp $ DISTNAME= suse_openssl-${SUSE_VERSION} -PKGREVISION= 7 +PKGREVISION= 8 CATEGORIES= emulators -RPMUPDPKGS+= libopenssl1_0_0-1.0.1g-11.44.1.${SUSE_ARCH} +RPMUPDPKGS+= libopenssl1_0_0-1.0.1h-11.48.1.${SUSE_ARCH} MAINTAINER= pkgsrc-users@NetBSD.org COMMENT= Linux compatibility package for OpenSSL diff --git a/emulators/suse131_openssl/distinfo b/emulators/suse131_openssl/distinfo index a4907bc1629..aefe9ebb4f3 100644 --- a/emulators/suse131_openssl/distinfo +++ b/emulators/suse131_openssl/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.3.2.4 2014/05/14 20:57:59 tron Exp $ +$NetBSD: distinfo,v 1.3.2.5 2014/06/15 12:55:05 tron Exp $ -SHA1 (suse131/libopenssl1_0_0-1.0.1g-11.44.1.i586.rpm) = 06696d4d499147bf836134f6fda0fc5ceebe001a -RMD160 (suse131/libopenssl1_0_0-1.0.1g-11.44.1.i586.rpm) = fd356fb9e27312db6368e7ed43a76b216a2f9962 -Size (suse131/libopenssl1_0_0-1.0.1g-11.44.1.i586.rpm) = 762008 bytes -SHA1 (suse131/libopenssl1_0_0-1.0.1g-11.44.1.x86_64.rpm) = 7678bd9f85f861ec7c9c277755d264af1f4458f6 -RMD160 (suse131/libopenssl1_0_0-1.0.1g-11.44.1.x86_64.rpm) = 2fb4cc38743d66d293da09ae043f61674191be76 -Size (suse131/libopenssl1_0_0-1.0.1g-11.44.1.x86_64.rpm) = 812058 bytes +SHA1 (suse131/libopenssl1_0_0-1.0.1h-11.48.1.i586.rpm) = 9a06f864be4ead3704e6f6fa3a2e8d381294c9af +RMD160 (suse131/libopenssl1_0_0-1.0.1h-11.48.1.i586.rpm) = 41eda2b2f92ed1fd1d4f57e955b06f033898dde5 +Size (suse131/libopenssl1_0_0-1.0.1h-11.48.1.i586.rpm) = 763568 bytes +SHA1 (suse131/libopenssl1_0_0-1.0.1h-11.48.1.x86_64.rpm) = 08d4a810c404b3c9219d575b91d01ba707ac908d +RMD160 (suse131/libopenssl1_0_0-1.0.1h-11.48.1.x86_64.rpm) = b3e7fcd49c919bda726782b72c91d464b9d4838f +Size (suse131/libopenssl1_0_0-1.0.1h-11.48.1.x86_64.rpm) = 815035 bytes -- cgit v1.2.3