#43273 closed update (fixed)
openssl @ 1.0.1g - fixes heartbeat vulnerability
| Reported by: | ldninten@… | Owned by: | neverpanic (Clemens Lang) |
|---|---|---|---|
| Priority: | High | Milestone: | |
| Component: | ports | Version: | |
| Keywords: | Cc: | mww@…, cooljeanius (Eric Gallager) | |
| Port: | openssl |
Description (last modified by mf2k (Frank Schima))
See http://heartbleed.com/ for details about the vulnerability
It's fixed in 1.0.1g
I just updated the sha1 & md5 checksums + bumped version
Attachments (2)
Change History (7)
Changed 10 years ago by ldninten@…
| Attachment: | openssl.diff added |
|---|
comment:1 Changed 10 years ago by mf2k (Frank Schima)
| Description: | modified (diff) |
|---|---|
| Keywords: | heartbleed removed |
| Owner: | changed from macports-tickets@… to mww@… |
| Priority: | High → Normal |
| Version: | 2.2.1 |
comment:2 Changed 10 years ago by ldninten@…
Sorry, I've never used trac before
Here's the patch with correct signature
Changed 10 years ago by ldninten@…
| Attachment: | openssl_with_signatures.diff added |
|---|
comment:3 Changed 10 years ago by neverpanic (Clemens Lang)
| Cc: | mww@… added |
|---|---|
| Owner: | changed from mww@… to cal@… |
| Priority: | Normal → High |
| Status: | new → assigned |
comment:4 Changed 10 years ago by neverpanic (Clemens Lang)
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
According to https://guide.macports.org/#project.update-policies.nonmaintainer, bullet point three: "A critical port is broken that affects many users." I have updated openssl in r118671 because this is a serious flaw and we should minimize the risk for our users.
Note: See
TracTickets for help on using
tickets.
In the future, please use WikiFormatting, and Cc the port maintainers (
port info --maintainers openssl). The Priority field is for use by Macports team members' use only.In your patch, you removed the
rmd160andsha256checksums. Those need to be restored.