kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
391257 commits 42 branches 80 tags 2.7 GiB
Commit graph

255 commits

Author SHA1 Message Date
Mathieu Arnold
597afc47ba Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u. 
With hat:	portmgr
Sponsored by:	Absolight
 2016-04-01 14:25:16 +00:00
Bernard Spil
8be19dc2f2 security/libressl*: Register conflict with security/openssl-devel 
- Add conflict for security/openssl-devel
 - Sort conflicts alphabetically

Reviewed by:	feld (mentor), koobs (mentor)
Approved by:	feld (mentor)
Differential Revision:	D5539
 2016-03-06 20:06:41 +00:00
Dirk Meyer
1ceea83375 - extend CONFLICTS for openssl-devel 2016-03-03 19:00:40 +00:00
Mark Felder
567236a098 security/openssl: Revert disabling of SSLv2 and MD2 
Disabling SSLv2 without a shared library bump has a visible impact to
some applications. It is unclear at this time if disabling MD2 could
cause the same issues, but both are being reverted at the moment to be
safe.

PR:		195796
 2016-03-03 13:58:50 +00:00
Mark Felder
8cc6bb3d58 security/openssl: Disable SSLv2 and MD2 
SSLv2 is being disabled due to DROWN.

MD2 is being disabled as it should not have been enabled by default.
This was disabled by upstream back in 2009.

PR:		195796
Approved by:	delphij, eadler
Security:	CVE-2009-2409
Security:	CVE-2016-0800
 2016-03-02 22:31:29 +00:00
Dirk Meyer
349d37dc46 - Security update to 1.0.2g 
Security: https://www.openssl.org/news/secadv/20160301.txt
Security: CVE-2016-0800
Security: CVE-2016-0705
Security: CVE-2016-0798
Security: CVE-2016-0797
Security: CVE-2016-0799
Security: CVE-2016-0702
Security: CVE-2016-0703
Security: CVE-2016-0704
 2016-03-01 16:40:55 +00:00
Dirk Meyer
6d63d735ca - mark options ASM broken on sparc64 
PR:		204527
 2016-02-13 09:48:26 +00:00
Dirk Meyer
f2a695b69f - add new manpages 
Submitted by:	olli hauer
 2016-01-28 17:35:21 +00:00
Dirk Meyer
f02e202d6f - Security update: 
- add LICENSE_FILE
MFH:		2016Q1
Security: CVE-2015-3197
Security: CVE-2016-0701
 2016-01-28 15:09:46 +00:00
Bernard Spil
eaddf50838 security/openssl: Fix No-SSLv3 option 
- This change adds `no-ssl3-method` to config args
  - Bump portrevision

Testing with security/openssl buillt with SSL3 option disabled [1]
revealed that the openssl binary and the libraries still support SSLv3
connections and methods. With the added no-ssl3-method argument passed
to the config script, the binary no longer supports the -ssl3 option
and ports requiring SSLv3 methods fail on undefined references to
methods.

PR:		203693 [1]
Reviewed by:	koobs (mentor), feld (mentor, ports-secteam), dinoex (maintainer)
Approved by:	koobs (mentor), feld (mentor, ports-secteam
MFH:		2016Q1
Differential Revision:	D4924
 2016-01-13 17:29:12 +00:00
Xin LI
aa17a3d400 Update to 1.0.2e. 
Security:	CVE-2015-3193
Security:	CVE-2015-3194
Security:	CVE-2015-3195
Security:	CVE-2015-3196
Security:	CVE-2015-1794
MFH:		2015Q4
Approved by:	so
 2015-12-05 09:41:11 +00:00
Dirk Meyer
6ca111ee08 - use post-install-DOCS-on 
- cleanup text in IGNORE
 2015-11-21 18:36:50 +00:00
Dirk Meyer
96ad3f4e05 - new OPTION MAN3 
PR:		201459
 2015-09-05 13:17:47 +00:00
Dirk Meyer
e33a63f84c - Security update to 1.0.2d 
Security: http://openssl.org/news/secadv_20150709.txt
 2015-07-09 20:54:36 +00:00
Dirk Meyer
32ee0ec0e7 - update to 1.0.2c 2015-06-12 16:47:11 +00:00
Ryan Steinmetz
2edc2d000e - Update to 1.0.2b 
- Partially pacify portlint

With hat:	ports-secteam
Security:	8305e215-1080-11e5-8ba2-000c2980a9f3
 2015-06-11 21:37:29 +00:00
Mathieu Arnold
60d1a83c2a MASTER_SITES cleanup. 
- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight
 2015-05-14 10:15:04 +00:00
Dirk Meyer
74a49f66a2 - patchfiles for option PADLOCK renamed again 
PR:		199444
 2015-04-25 09:36:01 +00:00
Dirk Meyer
b8c14435b5 - disable option ASM by default 
- bump PORTREVISION
PR:		196756
 2015-04-12 17:28:07 +00:00
John Marino
c55ac89dcd security category: Remove $PTHREAD_LIBS 
approved by:	PTHREAD blanket
 2015-03-25 08:30:27 +00:00
Dirk Meyer
a4e7653b21 - Security update to 1.0.2a 
- termios.h now default
- fix patches
- fix manpage generation
- option ZLIB removed from default
- restore padlock support
- restore RFC-5705
- restore patch history
- restore build on older FreeBSD
- restore soname
Security: https://www.openssl.org/news/secadv_20150319.txt
Security: CVE-2015-0291
Security: CVE-2015-0204
Security: CVE-2015-0290
Security: CVE-2015-0207
Security: CVE-2015-0286
Security: CVE-2015-0208
Security: CVE-2015-0287
Security: CVE-2015-0289
Security: CVE-2015-0292
Security: CVE-2015-0293
Security: CVE-2015-1787
Security: CVE-2015-0285
Security: CVE-2015-0209
Security: CVE-2015-0288
 2015-03-21 10:53:13 +00:00
Dirk Meyer
1f3b87b7e9 - mark BROKEN options 2015-03-19 21:55:02 +00:00
Xin LI
8f4ff84d95 Update to 1.0.1m to fix multiple vulnerabilities. 
With hat:	so
 2015-03-19 20:23:36 +00:00
Dirk Meyer
88e0c8f493 - update to 1.0.1l 
- fix option PADLOCK
 2015-01-16 09:17:38 +00:00
Xin LI
0fd5e6d2fe Update to 1.01k. 
With hat:	ports-secteam
Security:	vuxml 4e536c14-9791-11e4-977d-d050992ecde8
Security:	CVE-2014-3569
Security:	CVE-2014-3570
Security:	CVE-2014-3571
Security:	CVE-2014-3572
Security:	CVE-2014-8275
Security:	CVE-2015-0204
Security:	CVE-2015-0205
Security:	CVE-2015-0206
 2015-01-09 00:02:30 +00:00
Dirk Meyer
41a563525f - new option TLSEXPCIPHERS 
PR:		195270
Submitted by:	yuri@rawbw.com

- options ordered by function
- extends descriptions
 2014-11-23 10:34:38 +00:00
Xin LI
70302614ee Update to 1.01j. 
With hat:	ports-secteam
Security:	vuxml 03175e62-5494-11e4-9cc1-bc5ff4fb5e7b
Security:	CVE-2014-3513
Security:	CVE-2014-3566
Security:	CVE-2014-3567
Security:	CVE-2014-3568
 2014-10-15 18:34:13 +00:00
Dirk Meyer
2ca2348f2d - remove workaround for amd64 2014-08-14 16:25:11 +00:00
Dirk Meyer
8ba4016c73 - new options SSL2 SSL3 
Suggested by:	Velcro Leaf
 2014-08-11 04:27:53 +00:00
Xin LI
348a9f3991 Update to 1.01i. 
With hat:	ports-secteam
Security:	vuxml 8aff07eb-1dbd-11e4-b6ba-3c970e169bc2
Security:	CVE-2014-3505
Security:	CVE-2014-3506
Security:	CVE-2014-3507
Security:	CVE-2014-3508
Security:	CVE-2014-3509
Security:	CVE-2014-3510
Security:	CVE-2014-3511
Security:	CVE-2014-3512
Security:	CVE-2014-5139
 2014-08-06 23:37:49 +00:00
Adam Weinberger
5d2373a092 Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS. 2014-07-15 16:57:39 +00:00
Dirk Meyer
7e5bca039b - add CONFLICTS because of libressl 2014-07-13 20:47:21 +00:00
Dag-Erling Smørgrav
b1c276f17e Include the final letter in the CPE version field. 2014-07-10 10:27:39 +00:00
Dirk Meyer
0622b71a49 - allow OPENSSLDIR be changed in /etc/make.conf or Makefile.local 2014-07-03 16:49:37 +00:00
Xin LI
9fafdf3747 Update to 1.0.1h. 
Approved by:	so (ports-security@ blanket)
Security:	5ac53801-ec2e-11e3-9cf3-3c970e169bc2
 2014-06-05 12:54:40 +00:00
Dag-Erling Smørgrav
2870907ca1 Add CPE information. 
With hat:	ports-secteam
 2014-06-04 16:54:56 +00:00
Dirk Meyer
eaac0ade39 - Security patch 
Security: CVE-2014-0198
Security: http://seclists.org/oss-sec/2014/q2/232
Security: https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321
Obtained from:	OpenBSD
 2014-05-03 16:36:42 +00:00
Dirk Meyer
736d01387f - fix a 4 year old "use-after-free" problem 
https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest
http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse
http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/008_openssl.patch
Obtained from:	OpenBSD
 2014-04-13 08:40:13 +00:00
Bryan Drewery
5aaebd82e9 - Update to 1.0.1g 
Changes:
  - Fix for CVE-2014-0160
  - Add TLS padding extension workaround for broken servers.
  - Fix for CVE-2014-0076

Security:	CVE-2014-0160
Security:	CVE-2014-0076
Security:	https://www.openssl.org/news/secadv_20140407.txt
With hat:	portmgr
MFH:		2014Q2
 2014-04-07 21:46:40 +00:00
Dirk Meyer
ae1515c459 - add missing LIB_DEPENDS for forbidden option GMP 2014-03-30 19:37:22 +00:00
Dirk Meyer
2f6d449998 - reset GREP_OPTIONS 
PR:		188030
 2014-03-28 18:23:44 +00:00
Dirk Meyer
280380c162 - remove broken MANPREFIX 2014-03-04 06:51:37 +00:00
Dirk Meyer
7ac73b4f5c - error out early if users trying to break their base system 
PR:		187076
 2014-03-02 13:13:27 +00:00
Dirk Meyer
e4fb23b723 - use STAGEDIR 
PR:		186753
Submitted by:	Takefu
 2014-02-14 14:33:59 +00:00
Dirk Meyer
ec753258a2 - fix option PADLOCK 
Submitted by:	Renato Botelho
 2014-01-08 20:52:58 +00:00
Dirk Meyer
252a9b7c5f - better fix for perl5.18 
Submitted by:	Jung-uk Kim

- clean up
 2014-01-08 07:12:01 +00:00
Dirk Meyer
4b97ad6a76 - Security update to openssl-1.0.1f 
- remove broken patches
- new fix for perl5.18
- fix option GMP

Security: http://www.openssl.org/news/vulnerabilities.html
Security: CVE-2013-4353
Security: CVE-2013-6449
Security: CVE-2013-6450
Security: 5aaa257e-772d-11e3-a65a-3c970e169bc2
 2014-01-07 20:40:22 +00:00
Dirk Meyer
03aac0d70a - fix build with perl 5.16 
Submitted by:	Takefu
 2013-09-21 09:45:25 +00:00
Baptiste Daroussin
a65ed2e51b Add NO_STAGE all over the place in preparation for the staging support (cat: security) 2013-09-20 22:55:24 +00:00
Baptiste Daroussin
cddacdc1a8 Convert to new perl framework 
Convert USE_GMAKE to USES
 2013-09-16 16:45:35 +00:00