17:23 Bernard Spil (brnrd) 

security/openssl: Major version update to 3.0

 * OpenSSL 1.1.1 is EoL, update to new LTS version
 * Aligns with upcoming OpenSSL version in 14.0

    d5ec2e1

11:00 mat 

Revert the OpenSSL 1.1.0 update, it was not tested.

With hat:	portmgr
Sponsored by:	Absolight

 

09:59 dinoex 

- update to 1.1.0
- bump SHLIBVERSION

 

14:42 dinoex 

- use portable cpu option for sparcv8

 

01:47 zi 

- Resolve build issue

With hat:	ports-secteam

 

21:37 zi 

- Update to 1.0.2b
- Partially pacify portlint

With hat:	ports-secteam
Security:	8305e215-1080-11e5-8ba2-000c2980a9f3

 

08:38 marino 

security/openssl: Remove patch hunk for configuring pthreads

The patching of Configure file for pthreads is unnecessary -- the effect
of -lpthread -D_REENTRANT is the same as -pthread -D_REENTRANT, so just
remove it to make things even more simpler.

 

08:30 marino 

security category: Remove $PTHREAD_LIBS

approved by:	PTHREAD blanket

 

10:53 dinoex 

- Security update to 1.0.2a
- termios.h now default
- fix patches
- fix manpage generation
- option ZLIB removed from default
- restore padlock support
- restore RFC-5705
- restore patch history
- restore build on older FreeBSD
- restore soname
Security: https://www.openssl.org/news/secadv_20150319.txt
Security: CVE-2015-0291
Security: CVE-2015-0204
Security: CVE-2015-0290
Security: CVE-2015-0207
Security: CVE-2015-0286
Security: CVE-2015-0208
Security: CVE-2015-0287
Security: CVE-2015-0289
Security: CVE-2015-0292
Security: CVE-2015-0293
Security: CVE-2015-1787
Security: CVE-2015-0285
Security: CVE-2015-0209
Security: CVE-2015-0288

 

22:15 delphij 

Fix botched patch, this fixes build for i386.

Reported by:	ohauer
Pointy hat to:	delphij

 

20:23 delphij 

Update to 1.0.1m to fix multiple vulnerabilities.

With hat:	so

 

16:25 dinoex 

- remove workaround for amd64

 

16:58 dinoex 

- fix perl path for CURRENT
PR:		188486

 

21:06 dinoex 

- update to 1.0.1

12:33 dinoex 

- update to openssl-1.0.0a
Security: CVE-2010-1633
this problem was already fixed in 1.0.0 with option WITH_DTLS_BUGS

15:21 dinoex 

- fix path in c_rehash
Submitted by:   Matthias Andree
Obtained from:  http://rt.openssl.org/Ticket/Display.html?id=2234

- add more DTLS bugfixes
Obtained from:  http://sctp.fh-muenster.de/

18:42 dinoex 

- update to 1.0.0
- regression tested on i386, amd64 and ia64
- use DIST_SUBDIR to resolve conflicts with old patchfiles
- new options DTLS_RENEGOTIATION, DTLS_HEARTBEAT, TLS_EXTRACTOR, SCTP

18:00 dinoex 

- allow use of faster CPU
- enable SSE2 optimisations
- fix thread option
- cleanup

- fix spelling
- pass no-zlib option
Submitted by:   b.f.

13:30 dinoex 

- new option WITH_OPENSSL_THREADS
- revert Configure
- bump shared libs

12:13 ale 

Don't link unneeded PTHREAD_LIBS.

Approved by:    portmgr

18:48 dinoex 

- update to 0.9.8j
- move patches from files-beta back to files
- FIPS disabled with force
- support for crypto_hw device cloning restored
- support for crypto_hw aes_256 restored

10:35 dinoex 

- backout last patch

10:33 dinoex 

- update default build options on aplha
Submitted by:   textfield@yahoo.com

03:03 dinoex 

- Support amd64

05:49 dinoex 

- enable threads on ia64
- OPENSSL_OVERWRITE_BASE
  defaults to STABLE/CURRENT shared lib version
  This solves problems when the share lib is deinstalled.
  ports/50292
PR:             50292

18:24 dinoex 

- honor CC and use PTHREAD_LIBS and PTHREAD_FLAGS
marius@alchemy.franken.de

21:12 dinoex 

- merged some patches in distribution
- added thread support on alpha, sparc64
- Update to 0.9.7a (with security fix)
- defaults openssl to port