Opened 17 years ago

Closed 17 years ago

Last modified 5 years ago

#1641 closed update (fixed)

UPDATE: openssl version 0.9.7d CAN-2004-0079

Reported by: danielluke (Daniel J. Luke) Owned by: ssen@…
Priority: Normal Milestone:
Component: ports Version: 1.0
Keywords: Cc:
Port: openssl

Description (last modified by ryandesign (Ryan Schmidt))

Update openssl to version 0.9.7d because of security issue (http://www.openssl.org/news/ secadv_20040317.txt - CAN-2004-0079)

The advisory indicates that the vulnerability is probably limited to potential DOS.

I'm attempting to build this on both a 10.2 and 10.3 system currently, the diffs below are therefore not fully tested.

diffs inline:

cvs server: Diffing .
Index: Portfile
===================================================================
RCS file: /Volumes/src/cvs/od/proj/darwinports/dports/devel/openssl/Portfile,v
retrieving revision 1.7
diff -u -d -b -w -r1.7 Portfile
--- Portfile    27 Oct 2003 01:59:01 -0000      1.7
+++ Portfile    17 Mar 2004 17:14:02 -0000
@@ -2,8 +2,7 @@
 
 PortSystem 1.0
 name                   openssl
-version                        0.9.7c
-revision               1
+version                        0.9.7d
 platforms              darwin freebsd
 categories             devel security
 maintainers            ssen@opendarwin.org
@@ -17,7 +16,7 @@
 cryptography library.
 
 master_sites           http://www.openssl.org/source/
-checksums              md5 c54fb36218adaaaba01ef733cd88c8ec
+checksums              md5 1b49e90fc8a75c3a507c0a624529aca5
 
 depends_lib            lib:libz.1:zlib
 
cvs server: Diffing files
Index: files/patch-Makefile.org
===============================================================
====
RCS file: /Volumes/src/cvs/od/proj/darwinports/dports/devel/openssl/files/patch-Makefile.org,v
retrieving revision 1.2
diff -u -d -b -w -r1.2 patch-Makefile.org
--- files/patch-Makefile.org    27 Oct 2003 01:59:07 -0000      1.2
+++ files/patch-Makefile.org    17 Mar 2004 17:14:02 -0000
@@ -9,12 +9,3 @@
                -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \
                -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \
        libs="-l`basename $$i${SHLIB_EXT} .dylib` $$libs"; \
-@@ -832,7 +832,7 @@
-               fi; \
-       fi
-       cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
--      chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
-+      chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
- 
- install_docs:
-       @$(PERL) $(TOP)/util/mkdir-p.pl \

Change History (6)

comment:1 Changed 17 years ago by danielluke (Daniel J. Luke)

This builds and installs fine on both my 10.2 and 10.3 machines. It also passes the openssl test suite and seems to be working fine with applications linked against openssl.

comment:2 Changed 17 years ago by ssen@…

Owner: changed from ssen@… to dluke@…

Why did you remove the part of the path to make pkgconfig 755?

comment:3 Changed 17 years ago by ssen@…

Owner: changed from dluke@… to ssen@…

Oh, I see

comment:4 Changed 17 years ago by danielluke (Daniel J. Luke)

The makefile changed and the patch didn't apply.

It looks like the old makefile set $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig to 644, while the patch changed it to 755.

The makefile in the 0.9.7d release doesn't chmod $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig, it sets $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc to 644

comment:5 Changed 17 years ago by toby@…

Resolution: fixed
Status: newclosed

This was committed a while back...

comment:6 Changed 5 years ago by ryandesign (Ryan Schmidt)

Description: modified (diff)
Port: openssl added
Type: defectupdate
Note: See TracTickets for help on using tickets.