svn commit: r428139 - branches/2016Q4/security/py-cryptography
Mark Felder
feld at FreeBSD.org
Thu Dec 8 17:08:56 UTC 2016
Author: feld
Date: Thu Dec 8 17:08:55 2016
New Revision: 428139
URL: https://svnweb.freebsd.org/changeset/ports/428139
Log:
MFH: r428138
security/py-pycryptography: Fix build on FreeBSD 9.3
Modern py-cryptography requires a more modern OpenSSL. This switch to
requiring OpenSSL from ports is a disruptive change, but it will protect
these users from the recently patched vulnerabilites.
Support for OpenSSL 0.9.8 was removed in pycryptography as of version 1.4.
The last release to support OpenSSL 0.9.8 was 1.3.4 which is still
vulnerable to the HDKF key generation bug. It appears that version 1.4
did build successfully on FreeBSD 9.3, but upstream had abandoned
support for OpenSSL 0.9.8 at that point so it is unclear if it was fully
functional.
PR: 214915
Approved by: ports-secteam (with hat)
Modified:
branches/2016Q4/security/py-cryptography/Makefile
Directory Properties:
branches/2016Q4/ (props changed)
Modified: branches/2016Q4/security/py-cryptography/Makefile
==============================================================================
--- branches/2016Q4/security/py-cryptography/Makefile Thu Dec 8 17:07:22 2016 (r428138)
+++ branches/2016Q4/security/py-cryptography/Makefile Thu Dec 8 17:08:55 2016 (r428139)
@@ -27,6 +27,11 @@ USE_PYTHON= autoplist distutils
CFLAGS+= -I${OPENSSLINC}
LDFLAGS+= -L${OPENSSLLIB}
+# Modern py-cyptography requires newer OpenSSL
+.if ${OSVERSION} < 1000000
+WITH_OPENSSL_PORT= yes
+.endif
+
.include <bsd.port.pre.mk>
.if ${PYTHON_REL} < 3300
More information about the svn-ports-all
mailing list