svn commit: r422912 - in branches/2016Q3: . security/libressl security/libressl/files

Bernard Spil brnrd at FreeBSD.org
Thu Sep 29 11:52:36 UTC 2016


Author: brnrd
Date: Thu Sep 29 11:52:35 2016
New Revision: 422912
URL: https://svnweb.freebsd.org/changeset/ports/422912

Log:
  MFH: r416626 r419542 r420102 r422829
  
  security/libressl: Update to version 2.3.6
  
  Security:	CVE-2016-2178
  Sponsored by:	BSDCan DevSummit
  
  security/libressl: Update to 2.3.7
  
    - Bugfix update [1]
  
  Release notes:
    - http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.7-relnotes.txt
  
  security/libressl: Update to 2.4.2
  
    - Update to latest stable version 2.4.2
    - Add UPDATING entry
    - Remove OPENSSL_VERSION_NUMBER patch
    - Change post-install targets to post-stage where possible
    - Bump libcrypto version in version.mk
  
  PR:		211701
  
  security/libressl: Update to 2.4.3
  
    - Update to 2.4.3
    - Only affected by CVE-2016-6304 (high)
  
  Security:	CVE-2016-6304
  Security: 	43eaa656-80bc-11e6-bf52-b499baebfeaf
  
  Approved by:	ports-secteam (feld)

Deleted:
  branches/2016Q3/security/libressl/files/
Modified:
  branches/2016Q3/UPDATING
  branches/2016Q3/security/libressl/Makefile
  branches/2016Q3/security/libressl/distinfo
  branches/2016Q3/security/libressl/pkg-plist
  branches/2016Q3/security/libressl/version.mk
Directory Properties:
  branches/2016Q3/   (props changed)

Modified: branches/2016Q3/UPDATING
==============================================================================
--- branches/2016Q3/UPDATING	Thu Sep 29 09:02:54 2016	(r422911)
+++ branches/2016Q3/UPDATING	Thu Sep 29 11:52:35 2016	(r422912)
@@ -6,6 +6,34 @@ You should get into the habit of checkin
 you update your ports collection, before attempting any port upgrades.
 
 20160811:
+  AFFECTS: users of security/libressl
+  AUTHOR: brnrd at FreeBSD.org
+
+  The port has been updated to the latest stable version 2.4 of LibreSSL.
+  The shared library versions of the libraries have been bumped.
+  With this update, the patch for the OPENSSL_VERSION_NUMBER has been
+  removed. This causes issues with a number of ports. Patches for all
+  ports for which this issues is known can be found on
+  https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER
+
+  After upgrading, manually update all packages that depend on any of the
+  libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
+  versions of these libraries have changed. Normally, you can obtain the
+  list of dependent software by running the following command:
+
+  # pkg info -r libressl
+
+  Then you should rebuild all ports depending on libressl to avoid dangling
+  shared library dependencies. Poudriere and pkg handle this correctly,
+  portmaster and portupgrade users can use the following to rebuild all
+  dependent ports.
+
+  Portmaster users:
+      portmaster -r libressl
+  Portupgrade users:
+      portupgrade -fr security/libressl
+
+20160811:
   AFFECTS: users of databases/postgresqlNN-server with ICU patch
   AUTHOR: girgen at FreeBSD.org
 

Modified: branches/2016Q3/security/libressl/Makefile
==============================================================================
--- branches/2016Q3/security/libressl/Makefile	Thu Sep 29 09:02:54 2016	(r422911)
+++ branches/2016Q3/security/libressl/Makefile	Thu Sep 29 11:52:35 2016	(r422912)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	libressl
-PORTVERSION=	2.3.6
+PORTVERSION=	2.4.3
 CATEGORIES=	security devel
 MASTER_SITES=	OPENBSD/LibreSSL
 
@@ -32,15 +32,15 @@ CFLAGS+=	-fpic -DPIC
 INSTALL_TARGET=	install-strip
 TEST_TARGET=	check
 
-post-install-NC-on:
+post-stage-NC-on:
 	${INSTALL_PROGRAM} ${WRKSRC}/apps/nc/.libs/nc ${STAGEDIR}/${PREFIX}/bin/nc
 	${INSTALL_MAN} ${WRKSRC}/apps/nc/nc.1 ${STAGEDIR}/${PREFIX}/man/man1/nc.1
 
+post-stage:
+	${RM} -rf ${STAGEDIR}/${PREFIX}/etc/ssl/cert.pem
+
 post-install-MAN3-off:
 	${RM} -rf ${STAGEDIR}/${PREFIX}/man/man3
 	${REINPLACE_CMD} -e '/^man\/man3/d' ${TMPPLIST}
 
-post-install:
-	${RM} -rf ${STAGEDIR}/${PREFIX}/etc/ssl/cert.pem
-
 .include <bsd.port.mk>

Modified: branches/2016Q3/security/libressl/distinfo
==============================================================================
--- branches/2016Q3/security/libressl/distinfo	Thu Sep 29 09:02:54 2016	(r422911)
+++ branches/2016Q3/security/libressl/distinfo	Thu Sep 29 11:52:35 2016	(r422912)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1465503719
-SHA256 (libressl-2.3.6.tar.gz) = 358a4779e6813bd06f07db0cf0f0fe531401ed0c6ed958973d404416c3d537fa
-SIZE (libressl-2.3.6.tar.gz) = 3013459
+TIMESTAMP = 1475008406
+SHA256 (libressl-2.4.3.tar.gz) = bd5726f3e247e7a7d30ce69946d174b8fb92d999d22710c65f176c969812960e
+SIZE (libressl-2.4.3.tar.gz) = 3014721

Modified: branches/2016Q3/security/libressl/pkg-plist
==============================================================================
--- branches/2016Q3/security/libressl/pkg-plist	Thu Sep 29 09:02:54 2016	(r422911)
+++ branches/2016Q3/security/libressl/pkg-plist	Thu Sep 29 11:52:35 2016	(r422912)
@@ -75,16 +75,16 @@ include/openssl/x509v3.h
 include/tls.h
 lib/libcrypto.a
 lib/libcrypto.so
-lib/libcrypto.so.37
-lib/libcrypto.so.37.0.0
+lib/libcrypto.so.38
+lib/libcrypto.so.38.0.0
 lib/libssl.a
 lib/libssl.so
-lib/libssl.so.38
-lib/libssl.so.38.0.0
+lib/libssl.so.39
+lib/libssl.so.39.0.0
 lib/libtls.a
 lib/libtls.so
-lib/libtls.so.10
-lib/libtls.so.10.0.0
+lib/libtls.so.11
+lib/libtls.so.11.0.0
 libdata/pkgconfig/libcrypto.pc
 libdata/pkgconfig/libssl.pc
 libdata/pkgconfig/libtls.pc

Modified: branches/2016Q3/security/libressl/version.mk
==============================================================================
--- branches/2016Q3/security/libressl/version.mk	Thu Sep 29 09:02:54 2016	(r422911)
+++ branches/2016Q3/security/libressl/version.mk	Thu Sep 29 11:52:35 2016	(r422912)
@@ -1 +1 @@
-OPENSSL_SHLIBVER?=	37
+OPENSSL_SHLIBVER?=	38


More information about the svn-ports-branches mailing list