Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#46499 closed update (fixed)

Security Update: openssl 1.0.1k

Reported by: Schamschula (Marius Schamschula) Owned by: mww@…
Priority: High Milestone:
Component: ports Version: 2.3.3
Keywords: haspatch Cc: neverpanic (Clemens Lang)
Port: openssl


openssl has been updated to version 1.0.1k. See for details.

Attachments (1)

Portfile-openssl.diff (1.1 KB) - added by Schamschula (Marius Schamschula) 6 years ago.

Download all attachments as: .zip

Change History (9)

Changed 6 years ago by Schamschula (Marius Schamschula)

Attachment: Portfile-openssl.diff added

comment:1 Changed 6 years ago by ryandesign (Ryan Schmidt)

Cc: mww@… removed
Owner: changed from macports-tickets@… to mww@…

comment:2 Changed 6 years ago by neverpanic (Clemens Lang)

Cc: cal@… added
Priority: NormalHigh

comment:3 Changed 6 years ago by neverpanic (Clemens Lang)

Resolution: fixed
Status: newclosed

comment:4 Changed 6 years ago by mouse07410 (Mouse)

openssl 1.0.1k update breaks certificate signature. Mac OS X 10.9.5, Xcode-6.1.1.

$ openssl verify -verbose -CAfile Forest_CA.pem RabbitMQ-server.pem
RabbitMQ-server.pem: CN = RabbitMQ-server, O = The Burrow, OU = Messengers, C = US
error 7 at 0 depth lookup:certificate signature failure
$ openssl version
OpenSSL 1.0.1k 8 Jan 2015
$ /usr/bin/openssl verify -verbose -CAfile Forest_CA.pem RabbitMQ-server.pem
RabbitMQ-server.pem: OK
$ /usr/bin/openssl version
OpenSSL 0.9.8za 5 Jun 2014

This does not happen with each and every certificate, but with many. I'd be happy to provide more info, if you tell me what kind of info would help you diagnose and fix this problem.

comment:5 Changed 6 years ago by mouse07410 (Mouse)

Resolution: fixed
Status: closedreopened

comment:6 in reply to:  5 Changed 6 years ago by larryv (Lawrence Velázquez)

Resolution: fixed
Status: reopenedclosed

The port was updated to 1.0.1k, so this ticket should remain closed. Please open a new ticket for your new problem.

comment:7 Changed 6 years ago by neverpanic (Clemens Lang)

Also, in your new ticket, please attach certificate files that can be used to reproduce the problem, mention this is a regression and put me in the Cc list. Did you report this upstream yet, because it doesn't look like an issue limited to MacPorts only.

comment:8 Changed 6 years ago by mouse07410 (Mouse)

Done. New ticket is #46596, and I've put cal on the Cc list.

Haven't reported this upstream because I've no clue what upstream is, and how to report there.

Note: See TracTickets for help on using tickets.