Ignore:
Timestamp:
Jun 5, 2014, 4:41:12 PM (3 years ago)
Author:
cal@…
Message:

openssl: update to 1.0.1h, maintainer override due to security implications, remove dovecot2 revbump instruction

Update to fix CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, and CVE-2014-3470.
Remove dovecot2 revbump instruction because only a single user seems to have been affected by the issue – I couln't reproduce.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/dports/devel/openssl/Portfile

    r119601 r120682  
    55
    66name                openssl
    7 version             1.0.1g
     7version             1.0.1h
    88epoch               1
    99
    1010# At least the following ports statically link OpenSSL and need to be revbumped
    1111# for every update of OpenSSL:
    12 #  - dovecot2
     12#  - ...
    1313# Although they dynamically link OpenSSL, at least the following ports need to
    1414# be revbumped for every update of OpenSSL:
     
    3131
    3232master_sites        http://www.openssl.org/source/
    33 checksums           md5     de62b43dfcd858e66a74bee1c834e959 \
    34                     sha1    b28b3bcb1dc3ee7b55024c9f795be60eb3183e3c \
    35                     rmd160  cd2eb879646a2b91b2f67dfaf99eb9668ba5d7ea \
    36                     sha256  53cb818c3b90e507a8348f4f5eaedb05d8bfe5358aabb508b7263cc670c3e028
     33checksums           md5     8d6d684a9430d5cc98a62a5d8fbda8cf \
     34                    sha1    b2239599c8bf8f7fc48590a55205c26abe560bf8 \
     35                    rmd160  aeb1e0f41074d499d5411510fd645455730ed05e \
     36                    sha256  9d1c8a9836aa63e2c6adb684186cbd4371c9e9dcc01d6e3bb447abf2d4d3d093
    3737
    3838depends_lib         port:zlib
Note: See TracChangeset for help on using the changeset viewer.