FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
openssl SSL and crypto library
1.0.2j_1,1 security on this many watch lists=366 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
Maintainer: brnrd@FreeBSD.org search for ports maintained by this maintainer
Port Added: unknown
Also Listed In: devel
License: OpenSSL
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, full-featured, and Open Source toolkit implementing
the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security
(TLS v1) protocols with full-strength cryptography world-wide. The
project is managed by a worldwide community of volunteers that use
the Internet to communicate, plan, and develop the OpenSSL tookit
and its related documentation.

OpenSSL is based on the excellent SSLeay library developed by Eric
A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under
an Apache-style licence, which basically means that you are free
to get and use it for commercial and non-commercial purposes subject
to some simple license conditions.

WWW: http://www.openssl.org/
WWW: http://sctp.fh-muenster.de/dtls-patches.html
SVNWeb : Homepage : PortsMon

To install the port: cd /usr/ports/security/openssl/ && make install clean
To add the package: pkg install openssl

PKGNAME: openssl

distinfo:

TIMESTAMP = 1474893748
SHA256 (openssl-1.0.2j/openssl-1.0.2j.tar.gz) = e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431
SIZE (openssl-1.0.2j/openssl-1.0.2j.tar.gz) = 5307912
SHA256 (openssl-1.0.2j/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 2eddcb7ab342285cb637ce6b6be143cca835f449f35dd9bb8c7b9167ba2117a7
SIZE (openssl-1.0.2j/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3717
SHA256 (openssl-1.0.2j/1002-backport-changes-from-upstream-padlock-module.patch) = aee88a24622ce9d71e38deeb874e58435dcf8ff5690f56194f0e4a00fb09b260
SIZE (openssl-1.0.2j/1002-backport-changes-from-upstream-padlock-module.patch) = 5770
SHA256 (openssl-1.0.2j/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = c10b8aaf56a4f4f79ca195fc587e0bb533f643e777d7a3e6fb0350399a6060ea
SIZE (openssl-1.0.2j/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = 20935
SHA256 (openssl-1.0.2j/1004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 97eb4411d0fc0890e94bc7c2d682f68b71135da782af769ca73914b37da2b1fd
SIZE (openssl-1.0.2j/1004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 832


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. perl5>=5.20<5.21 : lang/perl5.20

This port is required by:

for Build
  1. benchmarks/wrk
  2. databases/mariadb100-client
  3. databases/mariadb100-server
  4. databases/postgresql83-client*
  5. databases/postgresql83-server*
  6. databases/postgresql84-client*
  7. databases/postgresql84-server*
  8. Expand this list (138 items)
  9. deskutils/gtkjournal*
  10. deskutils/kdepim3*
  11. devel/cargo
  12. devel/eet*
  13. devel/efl
  14. devel/ptlib26*
  15. devel/uclmmbase*
  16. dns/bind10*
  17. dns/bind96*
  18. dns/bind98*
  19. dns/knot*
  20. dns/knot1
  21. dns/nsd3*
  22. dns/validns
  23. ftp/php5-ftp*
  24. ftp/php52-ftp*
  25. ftp/php53-ftp*
  26. games/live-f1*
  27. irc/inspircd12*
  28. irc/irssi-devel*
  29. irc/irssi-fish
  30. irc/solid-ircd*
  31. japanese/p5-Mail-SpamAssassin*
  32. lang/hiphop-php*
  33. lang/python32*
  34. lang/ruby18*
  35. lang/ruby19*
  36. lang/ruby20*
  37. mail/althea*
  38. mail/cyrus-imapd2*
  39. mail/cyrus-imapd22*
  40. mail/elm+ME*
  41. mail/mail-notification*
  42. mail/mixminion*
  43. mail/p5-Mail-SpamAssassin*
  44. mail/p5-Mail-SpamAssassin-Alt*
  45. mail/php5-imap*
  46. mail/php52-imap*
  47. mail/php53-imap*
  48. mail/postfix-tls*
  49. mail/sendmail-ldap*
  50. mail/sendmail-sasl*
  51. mail/zmailer*
  52. misc/amanda25-client*
  53. misc/amanda25-server*
  54. misc/amanda26-client*
  55. misc/amanda26-server*
  56. misc/amanda32-client*
  57. misc/amanda32-server*
  58. misc/bibletime-devel*
  59. multimedia/vic*
  60. net/callweaver*
  61. net/diradmin*
  62. net/kojoney*
  63. net/kphone*
  64. net/ntp-rc*
  65. net/openldap23-client*
  66. net/openldap23-sasl-client*
  67. net/openldap23-server*
  68. net/tac_plus-libradius*
  69. net/v6eval*
  70. net/wire*
  71. net-im/centericq*
  72. net-im/libjingle*
  73. net-im/libmsn*
  74. net-im/sigram*
  75. net-im/sim-im*
  76. net-im/sim-im-devel*
  77. net-im/tg*
  78. net-mgmt/php5-snmp*
  79. net-mgmt/php52-snmp*
  80. net-mgmt/php53-snmp*
  81. net-mgmt/virt-viewer
  82. net-mgmt/zenoss*
  83. net-p2p/libtorrent-devel*
  84. net-p2p/libtorrent-rasterbar-15*
  85. net-p2p/libtorrent-rasterbar-15-python*
  86. net-p2p/libtorrent-rasterbar-16*
  87. net-p2p/libtorrent-rasterbar-16-python*
  88. net-p2p/solidcoin*
  89. russian/xmms*
  90. security/aolserver-nsencrypt*
  91. security/aolserver-nsopenssl*
  92. security/botan*
  93. security/distcache-devel*
  94. security/engine_pkcs11*
  95. security/fwbuilder-devel*
  96. security/krb5-111*
  97. security/krb5-maint*
  98. security/openssh-portable-base*
  99. security/openssh-portable-devel*
  100. security/openssh-portable66*
  101. security/openvpn-beta*
  102. security/openvpn20*
  103. security/openvpn22*
  104. security/pam_pgina*
  105. security/php5-openssl*
  106. security/php52-openssl*
  107. security/php53-openssl*
  108. security/qca-ossl*
  109. security/softhsm2
  110. sysutils/cfengine-devel*
  111. sysutils/cfengine36-rc*
  112. sysutils/ori
  113. sysutils/sge62*
  114. sysutils/syslog-ng-rc*
  115. sysutils/syslog-ng33*
  116. sysutils/syslog-ng34*
  117. sysutils/syslog-ng35*
  118. sysutils/syslog-ng36
  119. textproc/exmpp*
  120. www/aria*
  121. www/mod_tsa
  122. www/neon29*
  123. www/nginx
  124. www/nginx-devel
  125. www/nginx-full
  126. www/nginx-lite
  127. www/nginx-naxsi
  128. www/node
  129. www/node06*
  130. www/node4
  131. www/node5*
  132. www/node6
  133. www/node7
  134. www/obhttpd
  135. www/w3m-m17n*
  136. www/w3m-m17n-img*
  137. x11/kdebase3*
  138. x11/kdelibs3*
  139. x11/kdelibs3-nocups*
  140. Collapse this list.
for Run
  1. benchmarks/wrk
  2. databases/mariadb100-client
  3. databases/mariadb100-server
  4. databases/postgresql83-client*
  5. databases/postgresql83-server*
  6. databases/postgresql84-client*
  7. databases/postgresql84-server*
  8. Expand this list (138 items)
  9. deskutils/gtkjournal*
  10. deskutils/kdepim3*
  11. devel/cargo
  12. devel/eet*
  13. devel/efl
  14. devel/ptlib26*
  15. devel/uclmmbase*
  16. dns/bind10*
  17. dns/bind96*
  18. dns/bind98*
  19. dns/knot*
  20. dns/knot1
  21. dns/nsd3*
  22. dns/validns
  23. ftp/php5-ftp*
  24. ftp/php52-ftp*
  25. ftp/php53-ftp*
  26. games/live-f1*
  27. irc/inspircd12*
  28. irc/irssi-devel*
  29. irc/irssi-fish
  30. irc/solid-ircd*
  31. japanese/p5-Mail-SpamAssassin*
  32. lang/hiphop-php*
  33. lang/python32*
  34. lang/ruby18*
  35. lang/ruby19*
  36. lang/ruby20*
  37. mail/althea*
  38. mail/cyrus-imapd2*
  39. mail/cyrus-imapd22*
  40. mail/elm+ME*
  41. mail/mail-notification*
  42. mail/mixminion*
  43. mail/p5-Mail-SpamAssassin*
  44. mail/p5-Mail-SpamAssassin-Alt*
  45. mail/php5-imap*
  46. mail/php52-imap*
  47. mail/php53-imap*
  48. mail/postfix-tls*
  49. mail/sendmail-ldap*
  50. mail/sendmail-sasl*
  51. mail/zmailer*
  52. misc/amanda25-client*
  53. misc/amanda25-server*
  54. misc/amanda26-client*
  55. misc/amanda26-server*
  56. misc/amanda32-client*
  57. misc/amanda32-server*
  58. misc/bibletime-devel*
  59. multimedia/vic*
  60. net/callweaver*
  61. net/diradmin*
  62. net/kojoney*
  63. net/kphone*
  64. net/ntp-rc*
  65. net/openldap23-client*
  66. net/openldap23-sasl-client*
  67. net/openldap23-server*
  68. net/tac_plus-libradius*
  69. net/v6eval*
  70. net/wire*
  71. net-im/centericq*
  72. net-im/libjingle*
  73. net-im/libmsn*
  74. net-im/sigram*
  75. net-im/sim-im*
  76. net-im/sim-im-devel*
  77. net-im/tg*
  78. net-mgmt/php5-snmp*
  79. net-mgmt/php52-snmp*
  80. net-mgmt/php53-snmp*
  81. net-mgmt/virt-viewer
  82. net-mgmt/zenoss*
  83. net-p2p/libtorrent-devel*
  84. net-p2p/libtorrent-rasterbar-15*
  85. net-p2p/libtorrent-rasterbar-15-python*
  86. net-p2p/libtorrent-rasterbar-16*
  87. net-p2p/libtorrent-rasterbar-16-python*
  88. net-p2p/solidcoin*
  89. russian/xmms*
  90. security/aolserver-nsencrypt*
  91. security/aolserver-nsopenssl*
  92. security/botan*
  93. security/distcache-devel*
  94. security/engine_pkcs11*
  95. security/fwbuilder-devel*
  96. security/krb5-111*
  97. security/krb5-maint*
  98. security/openssh-portable-base*
  99. security/openssh-portable-devel*
  100. security/openssh-portable66*
  101. security/openvpn-beta*
  102. security/openvpn20*
  103. security/openvpn22*
  104. security/pam_pgina*
  105. security/php5-openssl*
  106. security/php52-openssl*
  107. security/php53-openssl*
  108. security/qca-ossl*
  109. security/softhsm2
  110. sysutils/cfengine-devel*
  111. sysutils/cfengine36-rc*
  112. sysutils/ori
  113. sysutils/sge62*
  114. sysutils/syslog-ng-rc*
  115. sysutils/syslog-ng33*
  116. sysutils/syslog-ng34*
  117. sysutils/syslog-ng35*
  118. sysutils/syslog-ng36
  119. textproc/exmpp*
  120. www/aria*
  121. www/mod_tsa
  122. www/neon29*
  123. www/nginx
  124. www/nginx-devel
  125. www/nginx-full
  126. www/nginx-lite
  127. www/nginx-naxsi
  128. www/node
  129. www/node06*
  130. www/node4
  131. www/node5*
  132. www/node6
  133. www/node7
  134. www/obhttpd
  135. www/w3m-m17n*
  136. www/w3m-m17n-img*
  137. x11/kdebase3*
  138. x11/kdelibs3*
  139. x11/kdelibs3-nocups*
  140. Collapse this list.
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...
Configuration Options
===> The following configuration options are available for openssl-1.0.2j_1,1:
     DOCS=on: Build and/or install documentation
     EC=on: Optimize NIST elliptic curves
     MAN3=on: Install API manpages (section 3)
     PADLOCK=off: VIA Padlock support
     RFC3779=off: RFC3779 support (BGP)
     SHARED=on: Build shared libs
     THREADS=on: Threading support
     ZLIB=off: zlib compression support
====> Cipher Suite support
     EXPCIPHERS=off: Include experimental ciphers
     RC5=off: RC5 cipher (patented)
====> Hash Function Support
     MD2=on: MD2 hash (obsolete)
====> Optimizations
     ASM=off: Optimized Assembler code
     SSE2=on: Runtime SSE2 detection
====> Protocol Support
     SCTP=on: SCTP protocol support
     SSL2=on: SSLv2 protocol support
     SSL3=on: SSLv3 protocol support
===> Use 'make config' to modify these settings

USES:
cpe perl5

Master Sites:
  1. ftp://ftp.cert.dfn.de/pub/tools/net/openssl/source/
  2. http://www.openssl.org/source/
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2012-04-19
    Affects: users of security/openssl
    Author: dinoex@FreeBSD.org
    Reason: 
      The OpenSSL port has been updated to 1.0.1a. Please rebuild all
      ports that depend on it.
    
      If you use portmaster:
            portmaster -r openssl
      Or, if you would prefer a more gradual approach:
            portmaster -w openssl (check the man page for more information)
    
      If you use portupgrade:
            portupgrade -fr security/openssl
    
    
Port Moves

Number of commits found: 290 (showing only 100 on this page)

1 | 2 | 3  »  

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
28 Oct 2016 20:05:48
Original commit files touched by this commit  1.0.2j_1,1
Revision:424879
brnrd search for other commits by this committer
security/openssl: Bump PORTREVISION

  - Make sure ports get rebuilt

PR:		209582
Reported by:	mat
28 Oct 2016 19:49:18
Original commit files touched by this commit  1.0.2j,1
Revision:424878
brnrd search for other commits by this committer
security/openssl: Bump shared library version

  - Bump shlib version for security/openssl
  - Bump shlib version for security/openssl-devel
  - Add instructions to UPDATING

PR:		209582
Reported by:	Matthew D. Fuller <fullermd@over-yonder.net>
MFH:		2016Q4
21 Oct 2016 12:51:41
Original commit files touched by this commit  1.0.2j,1
Revision:424411  Sanity Test Failure
mat search for other commits by this committer
${RM} already has -f.

PR:		213570
Submitted by:	mat
Exp-run by:	antoine
Sponsored by:	Absolight
06 Oct 2016 19:38:48
Original commit files touched by this commit  1.0.2j,1
Revision:423434
brnrd search for other commits by this committer
security/openssl: Fix ldconfig issue

  - OPT_USE= feature does not behave as expected

Reported by:	dinoex
Differential Revision:	D8166
04 Oct 2016 18:35:00
Original commit files touched by this commit  1.0.2j,1
Revision:423288
brnrd search for other commits by this committer
security/openssl: Mark MAKE_JOBS_UNSAFE

  - Revert removal of MAKE_JOBS_UNSAFE in r423112

Reported by:	D. Randolph
02 Oct 2016 11:51:00
Original commit files touched by this commit  1.0.2j,1
Revision:423112
brnrd search for other commits by this committer
security/openssl: Modernize port

  - Group options
  - Migrate to <OPT>_CONFIGURE helpers
  - Use CONFIGURE_ARGS not EXTRACONFIGURE
  - Remove make-jobs unsafe (introduced 2009 / 0.9.8)
  - Remove base SHLIBVER_BASE check (introduced 2006)
  - Revert to default CPE_VERSION
  - Rework MAN3 option
  - Fix plist when SHARED disabled

Reviewed by:	mat
Differential Revision:	D8025
26 Sep 2016 13:47:20
Original commit files touched by this commit  1.0.2j,1
Revision:422776
brnrd search for other commits by this committer
security/openssl: Update to 1.0.2j

  - Update to 1.0.2j
  - Fixes Missing CRL sanity check (CVE-2016-7052)

Security:	337d8-83ed-11e6-bf52-b499baebfeaf
25 Sep 2016 06:06:59
Original commit files touched by this commit  1.0.2i,1
Revision:422739 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- add missing man pages to pkg-plist (fix package building)

from poudriere log:
 ===> Parsing plist
 ===> Checking for items in STAGEDIR missing from pkg-plist
 Error: Orphaned: man/man3/d2i_AutoPrivateKey.3.gz
 Error: Orphaned: man/man3/d2i_PrivateKey.3.gz
 Error: Orphaned: man/man3/d2i_Private_key.3.gz
 Error: Orphaned: man/man3/i2d_PrivateKey.3.gz
 ===> Error: Plist issues found.
 *** Error code 1
 ====>> Error: check-plist failures detected
 !!! build failure encountered !!!

Approved by:	blanket
24 Sep 2016 20:23:53
Original commit files touched by this commit  1.0.2i,1
Revision:422737 This port version is marked as vulnerable.
brnrd search for other commits by this committer
security/openssl: Take maintainership
24 Sep 2016 13:15:48
Original commit files touched by this commit  1.0.2i,1
Revision:422717 This port version is marked as vulnerable.
marino search for other commits by this committer
devel/openssl: change CONFLICTS to CONFLICTS_INSTALL

THere's no problem building openssl with other ports SSL libraries
installed, the conflict comes when it's time to install it.
24 Sep 2016 06:43:04
Original commit files touched by this commit  1.0.2i,1
Revision:422700 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- add option ASM for OPNsense
- drop MAINTAINERSHIP caused of version naming change
23 Sep 2016 12:54:20
Original commit files touched by this commit  1.0.2i,1
Revision:422668 This port version is marked as vulnerable.
brnrd search for other commits by this committer
security/openssl: Update to 1.0.2i

  - Update to 1.0.2i
  - Move from PORTREVISION to PORTVERSION updates
  - Remove patches that are included upstream

Reviewed by:	mat, delphij
MFH:		2016Q3
Sponsored by:	EuroBSDcon 2016 DevSummit
Differential Revision:	D8006
15 Sep 2016 22:05:45
Original commit files touched by this commit  1.0.2_15,1
Revision:422233 This port version is marked as vulnerable.
mat search for other commits by this committer
ftp.openssl.org is being taken out.

https://mta.openssl.org/pipermail/openssl-announce/2016-September/000075.html

Sponsored by:	Absolight
12 Sep 2016 18:10:41
Original commit files touched by this commit  1.0.2_15,1
Revision:421945 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- unroll for loop
Submitted by:	John Marino
28 Aug 2016 16:19:16
Original commit files touched by this commit  1.0.2_15,1
Revision:421025 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- remove options ASM and GMP
27 Aug 2016 11:00:44
Original commit files touched by this commit  1.0.2_14,1
Revision:420968 This port version is marked as vulnerable.
mat search for other commits by this committer
Revert the OpenSSL 1.1.0 update, it was not tested.

With hat:	portmgr
Sponsored by:	Absolight
27 Aug 2016 09:59:48
Original commit files touched by this commit  1.1.0
Revision:420967 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 1.1.0
- bump SHLIBVERSION
14 Aug 2016 20:46:55
Original commit files touched by this commit  1.0.2_14
Revision:420199 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- cleanup options
20 Jul 2016 15:33:20
Original commit files touched by this commit  1.0.2_14
Revision:418840 This port version is marked as vulnerable.
mat search for other commits by this committer
Cleanup $() variables in ports Makefiles.

Mostly replace with ${}, but sometime, replace with $$() because it is
what was intended in the first place. (I think.)

Sponsored by:	Absolight
20 Jun 2016 19:16:43
Original commit files touched by this commit  1.0.2_14
Revision:417176 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix possible integer overflow and application crash
Security: CVE-2016-2177
MFH:		2016Q2
16 Jun 2016 18:15:09
Original commit files touched by this commit  1.0.2_13
Revision:416976 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update warning message for new macros
16 Jun 2016 13:22:59
Original commit files touched by this commit  1.0.2_13
Revision:416965 This port version is marked as vulnerable.
mat search for other commits by this committer
Add DEFAULT_VERSIONS=ssl=XXX

Move the openssl detection routine to bsd.default-version.mk.
Add warnings telling people to not use WITH_OPENSSL_PORT or
WITH_OPENSSL_BASE.

To ease maintainability, change the way the different ssl libraries
version numbers are checked.

PR:		210149
Submitted by:	mat
Exp-run by:	antoine
Sponsored by:	The FreeBSD Foundation, Absolight
Differential Revision:	https://reviews.freebsd.org/D6577
12 Jun 2016 21:29:58
Original commit files touched by this commit  1.0.2_13
Revision:416823 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Fix DSA, preserve BN_FLG_CONSTTIME
Security: CVE-2016-2178
03 May 2016 15:19:21
Original commit files touched by this commit  1.0.2_12
Revision:414534 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security update to 1.0.2h
Security: https://www.openssl.org/news/secadv/20160503.txt
Security: CVE-2016-2105
Security: CVE-2016-2106
Security: CVE-2016-2107
Security: CVE-2016-2108
Security: CVE-2016-2109
Security: CVE-2016-2176
MFH:		2016Q2
07 Apr 2016 14:39:14
Original commit files touched by this commit  1.0.2_11
Revision:412667 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- add some more manpages
PR:		208602
Submitted by:	timp87@gmail.com
04 Apr 2016 19:09:39
Original commit files touched by this commit  1.0.2_11
Revision:412526 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- remove NOPRECIOUS*
- make portlint happier
01 Apr 2016 14:25:18
Original commit files touched by this commit  1.0.2_11
Revision:412349 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.

With hat:	portmgr
Sponsored by:	Absolight
06 Mar 2016 20:06:41
Original commit files touched by this commit  1.0.2_11
Revision:410481 This port version is marked as vulnerable.
brnrd search for other commits by this committer
security/libressl*: Register conflict with security/openssl-devel

 - Add conflict for security/openssl-devel
 - Sort conflicts alphabetically

Reviewed by:	feld (mentor), koobs (mentor)
Approved by:	feld (mentor)
Differential Revision:	D5539
03 Mar 2016 19:00:40
Original commit files touched by this commit  1.0.2_11
Revision:410067 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- extend CONFLICTS for openssl-devel
03 Mar 2016 13:58:50
Original commit files touched by this commit  1.0.2_11
Revision:410039 This port version is marked as vulnerable.
feld search for other commits by this committer
security/openssl: Revert disabling of SSLv2 and MD2

Disabling SSLv2 without a shared library bump has a visible impact to
some applications. It is unclear at this time if disabling MD2 could
cause the same issues, but both are being reverted at the moment to be
safe.

PR:		195796
02 Mar 2016 22:31:29
Original commit files touched by this commit  1.0.2_10
Revision:409967 This port version is marked as vulnerable.
feld search for other commits by this committer
security/openssl: Disable SSLv2 and MD2

SSLv2 is being disabled due to DROWN.

MD2 is being disabled as it should not have been enabled by default.
This was disabled by upstream back in 2009.

PR:		195796
Approved by:	delphij, eadler
Security:	CVE-2009-2409
Security:	CVE-2016-0800
01 Mar 2016 16:40:55
Original commit files touched by this commit  1.0.2_9
Revision:409885 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security update to 1.0.2g

Security: https://www.openssl.org/news/secadv/20160301.txt
Security: CVE-2016-0800
Security: CVE-2016-0705
Security: CVE-2016-0798
Security: CVE-2016-0797
Security: CVE-2016-0799
Security: CVE-2016-0702
Security: CVE-2016-0703
Security: CVE-2016-0704
13 Feb 2016 09:48:27
Original commit files touched by this commit  1.0.2_8
Revision:408778 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- mark options ASM broken on sparc64
PR:		204527
28 Jan 2016 17:35:21
Original commit files touched by this commit  1.0.2_8
Revision:407415 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- add new manpages
Submitted by:	olli hauer
28 Jan 2016 15:09:46
Original commit files touched by this commit  1.0.2_7
Revision:407411 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security update:
- add LICENSE_FILE
MFH:		2016Q1
Security: CVE-2015-3197
Security: CVE-2016-0701
13 Jan 2016 17:29:12
Original commit files touched by this commit  1.0.2_6
Revision:406060 This port version is marked as vulnerable.
brnrd search for other commits by this committer
security/openssl: Fix No-SSLv3 option

  - This change adds `no-ssl3-method` to config args
  - Bump portrevision

Testing with security/openssl buillt with SSL3 option disabled [1]
revealed that the openssl binary and the libraries still support SSLv3
connections and methods. With the added no-ssl3-method argument passed
to the config script, the binary no longer supports the -ssl3 option
and ports requiring SSLv3 methods fail on undefined references to
methods.

PR:		203693 [1]
Reviewed by:	koobs (mentor), feld (mentor, ports-secteam), dinoex (maintainer)
Approved by:	koobs (mentor), feld (mentor, ports-secteam
MFH:		2016Q1
Differential Revision:	D4924
05 Dec 2015 09:41:11
Original commit files touched by this commit  1.0.2_5
Revision:403044 This port version is marked as vulnerable.
delphij search for other commits by this committer
Update to 1.0.2e.

Security:	CVE-2015-3193
Security:	CVE-2015-3194
Security:	CVE-2015-3195
Security:	CVE-2015-3196
Security:	CVE-2015-1794
MFH:		2015Q4
Approved by:	so
21 Nov 2015 18:36:50
Original commit files touched by this commit  1.0.2_4
Revision:402178 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- use post-install-DOCS-on
- cleanup text in IGNORE
05 Sep 2015 13:17:48
Original commit files touched by this commit  1.0.2_4
Revision:396168 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- new OPTION MAN3
PR:		201459
10 Jul 2015 13:32:27
Original commit files touched by this commit  1.0.2_4
Revision:391702 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- add more manpage links
09 Jul 2015 20:54:37
Original commit files touched by this commit  1.0.2_4
Revision:391681 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security update to 1.0.2d

Security: http://openssl.org/news/secadv_20150709.txt
12 Jun 2015 16:47:11
Original commit files touched by this commit  1.0.2_3
Revision:389288 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 1.0.2c
12 Jun 2015 14:42:23
Original commit files touched by this commit  1.0.2_2
Revision:389275 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- use portable cpu option for sparcv8
12 Jun 2015 14:40:28
Original commit files touched by this commit  1.0.2_2
Revision:389274 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix path in SIZE lines
12 Jun 2015 14:19:49
Original commit files touched by this commit  1.0.2_2
Revision:389273 This port version is marked as vulnerable.
zi search for other commits by this committer
- Correct patch filename for SIZE
12 Jun 2015 14:09:08
Original commit files touched by this commit  1.0.2_2
Revision:389269 This port version is marked as vulnerable.
zi search for other commits by this committer
- Restore missing checksum for
1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
- Correct ordering
12 Jun 2015 01:47:01
Original commit files touched by this commit  1.0.2_2
Revision:389258 This port version is marked as vulnerable.
zi search for other commits by this committer
- Resolve build issue

With hat:	ports-secteam
11 Jun 2015 21:37:29
Original commit files touched by this commit  1.0.2_2
Revision:389255 This port version is marked as vulnerable.
zi search for other commits by this committer
- Update to 1.0.2b
- Partially pacify portlint

With hat:	ports-secteam
Security:	8305e215-1080-11e5-8ba2-000c2980a9f3
14 May 2015 10:15:09
Original commit files touched by this commit  1.0.2_1
Revision:386312 This port version is marked as vulnerable.
mat search for other commits by this committer
MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight
25 Apr 2015 09:36:02
Original commit files touched by this commit  1.0.2_1
Revision:384721 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- patchfiles for option PADLOCK renamed again
PR:		199444
12 Apr 2015 17:28:08
Original commit files touched by this commit  1.0.2_1
Revision:383877 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- disable option ASM by default
- bump PORTREVISION
PR:		196756
26 Mar 2015 08:38:25
Original commit files touched by this commit  1.0.2
Revision:382293 This port version is marked as vulnerable.
marino search for other commits by this committer
security/openssl: Remove patch hunk for configuring pthreads

The patching of Configure file for pthreads is unnecessary -- the effect
of -lpthread -D_REENTRANT is the same as -pthread -D_REENTRANT, so just
remove it to make things even more simpler.
25 Mar 2015 08:30:28
Original commit files touched by this commit  1.0.2
Revision:382200 This port version is marked as vulnerable.
marino search for other commits by this committer
security category: Remove $PTHREAD_LIBS

approved by:	PTHREAD blanket
21 Mar 2015 10:53:14
Original commit files touched by this commit  1.0.2
Revision:381789 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security update to 1.0.2a
- termios.h now default
- fix patches
- fix manpage generation
- option ZLIB removed from default
- restore padlock support
- restore RFC-5705
- restore patch history
- restore build on older FreeBSD
- restore soname
Security: https://www.openssl.org/news/secadv_20150319.txt
Security: CVE-2015-0291
Security: CVE-2015-0204
Security: CVE-2015-0290
Security: CVE-2015-0207
Security: CVE-2015-0286
Security: CVE-2015-0208
Security: CVE-2015-0287
Security: CVE-2015-0289
Security: CVE-2015-0292
Security: CVE-2015-0293
Security: CVE-2015-1787
Security: CVE-2015-0285
Security: CVE-2015-0209
Security: CVE-2015-0288
19 Mar 2015 22:15:37
Original commit files touched by this commit  1.0.1_19
Revision:381697 This port version is marked as vulnerable.
delphij search for other commits by this committer
Fix botched patch, this fixes build for i386.

Reported by:	ohauer
Pointy hat to:	delphij
19 Mar 2015 21:55:03
Original commit files touched by this commit  1.0.1_19
Revision:381695 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- mark BROKEN options
19 Mar 2015 20:23:37
Original commit files touched by this commit  1.0.1_19
Revision:381686 This port version is marked as vulnerable.
delphij search for other commits by this committer
Update to 1.0.1m to fix multiple vulnerabilities.

With hat:	so
16 Jan 2015 09:17:39
Original commit files touched by this commit  1.0.1_18
Revision:377159 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 1.0.1l
- fix option PADLOCK
09 Jan 2015 00:02:31
Original commit files touched by this commit  1.0.1_17
Revision:376576 This port version is marked as vulnerable.
delphij search for other commits by this committer
Update to 1.01k.

With hat:	ports-secteam
Security:	vuxml 4e536c14-9791-11e4-977d-d050992ecde8
Security:	CVE-2014-3569
Security:	CVE-2014-3570
Security:	CVE-2014-3571
Security:	CVE-2014-3572
Security:	CVE-2014-8275
Security:	CVE-2015-0204
Security:	CVE-2015-0205
Security:	CVE-2015-0206
23 Nov 2014 10:34:38
Original commit files touched by this commit  1.0.1_16
Revision:373140 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- new option TLSEXPCIPHERS
PR:		195270
Submitted by:	yuri@rawbw.com

- options ordered by function
- extends descriptions
15 Oct 2014 18:34:14
Original commit files touched by this commit  1.0.1_16
Revision:370940 This port version is marked as vulnerable.
delphij search for other commits by this committer
Update to 1.01j.

With hat:	ports-secteam
Security:	vuxml 03175e62-5494-11e4-9cc1-bc5ff4fb5e7b
Security:	CVE-2014-3513
Security:	CVE-2014-3566
Security:	CVE-2014-3567
Security:	CVE-2014-3568
14 Aug 2014 16:25:12
Original commit files touched by this commit  1.0.1_15
Revision:364855 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- remove workaround for amd64
11 Aug 2014 04:27:53
Original commit files touched by this commit  1.0.1_14
Revision:364585 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- new options SSL2 SSL3
Suggested by:	Velcro Leaf
06 Aug 2014 23:37:50
Original commit files touched by this commit  1.0.1_14
Revision:364234 This port version is marked as vulnerable.
delphij search for other commits by this committer
Update to 1.01i.

With hat:	ports-secteam
Security:	vuxml 8aff07eb-1dbd-11e4-b6ba-3c970e169bc2
Security:	CVE-2014-3505
Security:	CVE-2014-3506
Security:	CVE-2014-3507
Security:	CVE-2014-3508
Security:	CVE-2014-3509
Security:	CVE-2014-3510
Security:	CVE-2014-3511
Security:	CVE-2014-3512
Security:	CVE-2014-5139
03 Aug 2014 15:30:04
Original commit files touched by this commit  1.0.1_13
Revision:363914 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- rename patch files
29 Jul 2014 14:30:10
Original commit files touched by this commit  1.0.1_13
Revision:363328 This port version is marked as vulnerable.
adamw search for other commits by this committer
Rename security/ patches to reflect the files they modify.
15 Jul 2014 16:57:39
Original commit files touched by this commit  1.0.1_13
Revision:361977 This port version is marked as vulnerable.
adamw search for other commits by this committer
Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS.
13 Jul 2014 20:47:22
Original commit files touched by this commit  1.0.1_13
Revision:361710 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- add CONFLICTS because of libressl
10 Jul 2014 10:27:39
Original commit files touched by this commit  1.0.1_13
Revision:361437 This port version is marked as vulnerable.
des search for other commits by this committer
Include the final letter in the CPE version field.
03 Jul 2014 16:49:37
Original commit files touched by this commit  1.0.1_13
Revision:360408 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- allow OPENSSLDIR be changed in /etc/make.conf or Makefile.local
05 Jun 2014 12:54:40
Original commit files touched by this commit  1.0.1_13
Revision:356632 This port version is marked as vulnerable.
delphij search for other commits by this committer
Update to 1.0.1h.

Approved by:	so (ports-security@ blanket)
Security:	5ac53801-ec2e-11e3-9cf3-3c970e169bc2
04 Jun 2014 16:54:57
Original commit files touched by this commit  1.0.1_12
Revision:356523 This port version is marked as vulnerable.
des search for other commits by this committer
Add CPE information.

With hat:	ports-secteam
03 May 2014 16:36:42
Original commit files touched by this commit  1.0.1_12
Revision:352928 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security patch
Security: CVE-2014-0198
Security: http://seclists.org/oss-sec/2014/q2/232
Security:
https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321
Obtained from:	OpenBSD
13 Apr 2014 08:40:14
Original commit files touched by this commit  1.0.1_11
Revision:351191 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix a 4 year old "use-after-free" problem
https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest
http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse
http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/008_openssl.patch
Obtained from:	OpenBSD
12 Apr 2014 16:58:26
Original commit files touched by this commit  1.0.1_10
Revision:351109 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix perl path for CURRENT
PR:		188486
07 Apr 2014 21:46:40
Original commit files touched by this commit  1.0.1_10
Revision:350548 This port version is marked as vulnerable.
bdrewery search for other commits by this committer
- Update to 1.0.1g

Changes:
  - Fix for CVE-2014-0160
  - Add TLS padding extension workaround for broken servers.
  - Fix for CVE-2014-0076

Security:	CVE-2014-0160
Security:	CVE-2014-0076
Security:	https://www.openssl.org/news/secadv_20140407.txt
With hat:	portmgr
MFH:		2014Q2
30 Mar 2014 19:37:22
Original commit files touched by this commit  1.0.1_9
Revision:349669 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- add missing LIB_DEPENDS for forbidden option GMP
28 Mar 2014 18:23:44
Original commit files touched by this commit  1.0.1_9
Revision:349440 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- reset GREP_OPTIONS
PR:		188030
04 Mar 2014 06:51:38
Original commit files touched by this commit  1.0.1_9
Revision:346994 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- remove broken MANPREFIX
02 Mar 2014 13:13:28
Original commit files touched by this commit  1.0.1_9
Revision:346762 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- error out early if users trying to break their base system
PR:		187076
14 Feb 2014 14:34:00
Original commit files touched by this commit  1.0.1_9
Revision:344212 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- use STAGEDIR
PR:		186753
Submitted by:	Takefu
08 Jan 2014 20:52:58
Original commit files touched by this commit  1.0.1_9
Revision:339174 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix option PADLOCK
Submitted by:	Renato Botelho
08 Jan 2014 07:12:01
Original commit files touched by this commit  1.0.1_9
Revision:339068 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- better fix for perl5.18
Submitted by:	Jung-uk Kim

- clean up
07 Jan 2014 20:40:22
Original commit files touched by this commit  1.0.1_9
Revision:339031 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security update to openssl-1.0.1f
- remove broken patches
- new fix for perl5.18
- fix option GMP

Security: http://www.openssl.org/news/vulnerabilities.html
Security: CVE-2013-4353
Security: CVE-2013-6449
Security: CVE-2013-6450
Security: 5aaa257e-772d-11e3-a65a-3c970e169bc2
21 Sep 2013 09:45:25
Original commit files touched by this commit  1.0.1_8
Revision:327799 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix build with perl 5.16
Submitted by:	Takefu
20 Sep 2013 22:55:26
Original commit files touched by this commit  1.0.1_8
Revision:327769 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
16 Sep 2013 16:45:35
Original commit files touched by this commit  1.0.1_8
Revision:327414 This port version is marked as vulnerable.
bapt search for other commits by this committer
Convert to new perl framework
Convert USE_GMAKE to USES
09 Sep 2013 18:22:13
Original commit files touched by this commit  1.0.1_8
Revision:326837 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- drop depedency to makedepend
Submitted by:	Darren Pilgrim
18 Jun 2013 04:33:06
Original commit files touched by this commit  1.0.1_8
Revision:321170 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix build when libc.so is not a symlink
Submitted by:	Bryan Drewery
18 Mar 2013 06:20:21
Original commit files touched by this commit  1.0.1_8
Revision:314526 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix wording of option
Submitted by:	Warren Block
05 Mar 2013 20:47:18
Original commit files touched by this commit  1.0.1_8
Revision:313480 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- updated patches for options PADLOCK
03 Mar 2013 22:37:47
Original commit files touched by this commit  1.0.1_8
Revision:313383 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix build with manpages
25 Feb 2013 06:07:10
Original commit files touched by this commit  1.0.1_8
Revision:312906 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix broken symlink in manpage
Submitted by:	Warren Block
13 Feb 2013 20:23:04
Original commit files touched by this commit  1.0.1_8
Revision:312171 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 1.0.1e
10 Feb 2013 16:20:47
Original commit files touched by this commit  1.0.1_7
Revision:312033 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix paddding in TLS1.1 and DTLS on amd64
06 Feb 2013 20:13:08
Original commit files touched by this commit  1.0.1_6
Revision:311793 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- Security update to 1.0.1d
Security: CVE-2012-2686
Security: CVE-2013-0166
Security: CVE-2013-0169
Security: http://www.openssl.org/news/secadv_20120510.txt
03 Feb 2013 06:36:23
Original commit files touched by this commit  1.0.1_5
Revision:311452 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix option PADLOCK
PR:		175622
Submitted by:	Mathieu Simon
29 Jan 2013 18:46:39
Original commit files touched by this commit  1.0.1_5
Revision:311178 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- enable optimized NIST ECC on 64-bit little-endian machines
PR:		175663
Submitted by:	bf
29 Jan 2013 05:34:22
Original commit files touched by this commit  1.0.1_4
Revision:311150 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- make the pkg-message respect PREFIX
PR:		175663
Submitted by:	bf
28 Jan 2013 18:07:32
Original commit files touched by this commit  1.0.1_4
Revision:311133 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- mark option PADLOCK as BROKEN
PR:		175622

Number of commits found: 290 (showing only 100 on this page)

1 | 2 | 3  »  

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
firefoxDec 01
firefox-esrDec 01
libxulDec 01
linux-firefoxDec 01
linux-thunderbirdDec 01
thunderbirdDec 01
tsharkDec 01
tshark-liteDec 01
wiresharkDec 01
wireshark-liteDec 01
wireshark-qt5Dec 01
expat2*Nov 30
expat2*Nov 30
gnupg1*Nov 30
libgcrypt*Nov 30

18 vulnerabilities affecting 59 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 26920
Broken 314
Deprecated 151
Ignore 577
Forbidden 1
Restricted 213
No CDROM 82
Vulnerable 58
Expired 13
Set to expire 130
Interactive 0
new 24 hours 6
new 48 hours12
new 7 days57
new fortnight106
new month280

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.