Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#46499 closed update (fixed)

Security Update: openssl 1.0.1k

Reported by: Schamschula (Marius Schamschula) Owned by: mww@…
Priority: High Milestone:
Component: ports Version: 2.3.3
Keywords: haspatch Cc: neverpanic (Clemens Lang)
Port: openssl

Description

openssl has been updated to version 1.0.1k. See http://www.openssl.org/news/secadv_20150108.txt for details.

Attachments (1)

Portfile-openssl.diff (1.1 KB) - added by Schamschula (Marius Schamschula) 3 years ago.

Download all attachments as: .zip

Change History (9)

Changed 3 years ago by Schamschula (Marius Schamschula)

comment:1 Changed 3 years ago by ryandesign (Ryan Schmidt)

  • Cc mww@… removed
  • Owner changed from macports-tickets@… to mww@…

comment:2 Changed 3 years ago by neverpanic (Clemens Lang)

  • Cc cal@… added
  • Priority changed from Normal to High

comment:3 Changed 3 years ago by neverpanic (Clemens Lang)

  • Resolution set to fixed
  • Status changed from new to closed

comment:4 Changed 3 years ago by mouse07410 (Mouse)

openssl 1.0.1k update breaks certificate signature. Mac OS X 10.9.5, Xcode-6.1.1.

$ openssl verify -verbose -CAfile Forest_CA.pem RabbitMQ-server.pem
RabbitMQ-server.pem: CN = RabbitMQ-server, O = The Burrow, OU = Messengers, C = US
error 7 at 0 depth lookup:certificate signature failure
$ openssl version
OpenSSL 1.0.1k 8 Jan 2015
$ /usr/bin/openssl verify -verbose -CAfile Forest_CA.pem RabbitMQ-server.pem
RabbitMQ-server.pem: OK
$ /usr/bin/openssl version
OpenSSL 0.9.8za 5 Jun 2014
$

This does not happen with each and every certificate, but with many. I'd be happy to provide more info, if you tell me what kind of info would help you diagnose and fix this problem.

comment:5 follow-up: Changed 3 years ago by mouse07410 (Mouse)

  • Resolution fixed deleted
  • Status changed from closed to reopened

comment:6 in reply to: ↑ 5 Changed 3 years ago by larryv (Lawrence Velázquez)

  • Resolution set to fixed
  • Status changed from reopened to closed

The port was updated to 1.0.1k, so this ticket should remain closed. Please open a new ticket for your new problem.

comment:7 Changed 3 years ago by neverpanic (Clemens Lang)

Also, in your new ticket, please attach certificate files that can be used to reproduce the problem, mention this is a regression and put me in the Cc list. Did you report this upstream yet, because it doesn't look like an issue limited to MacPorts only.

comment:8 Changed 3 years ago by mouse07410 (Mouse)

Done. New ticket is #46596 https://trac.macports.org/ticket/46596, and I've put cal on the Cc list.

Haven't reported this upstream because I've no clue what upstream is, and how to report there.

Note: See TracTickets for help on using tickets.