Commit History - (may be incomplete: see SVNWeb link above for full details) |
Date | By | Description |
13 Feb 2021 10:12:57
3.2.4

|
brnrd  |
security/libressl: Bugfix update to 3.2.4
* See errata 013 from OpenBSD 6.8
* Various interoperability issues and memory leaks were discovered in
libcrypto and libssl |
11 Dec 2020 10:40:03
3.2.3

|
brnrd  |
security/libressl: Security update to 3.2.3
MFH: 2020Q4
Security: 88dfd92f-3b9c-11eb-929d-d4c9ef517024 |
19 Oct 2020 18:02:55
3.2.2

|
brnrd  |
security/libressl: Update to 3.2.2 |
19 Aug 2020 07:03:12
3.1.4

|
brnrd  |
security/libressl: Update to 3.1.4
* Interoperability and bug fixes (incl hang)
MFH: 2020Q3 |
16 Jun 2020 07:00:52
3.1.3

|
brnrd  |
security/libressl: Chain-validation update to 3.1.3 |
21 May 2020 11:12:15
3.1.2

|
brnrd  |
security/libressl: Bugfix update to 3.1.2
* Fixes client crash
MFH: 2020Q2 |
08 May 2020 20:17:22
3.1.1

|
brnrd  |
security/libressl: Update to 3.1.1
* 3.1 branch now stable (OpenBSD 6.7) |
27 Apr 2020 13:10:14
3.0.2

|
brnrd  |
security/openssl-devel: Resurrect OpenSSL devel port |
01 Jan 2020 17:30:19
3.0.2

|
brnrd  |
Chase rename of security/openssl111
- Categories n-z
MFH: 2020Q1 |
19 Oct 2019 14:23:00
3.0.2

|
brnrd  |
security/libressl: Update to 3.0.2
* no SHLIBVER bump |
22 May 2019 18:24:29
2.9.2

|
brnrd  |
security/libressl: Update to 2.9.2 |
22 Apr 2019 19:44:58
2.9.1

|
brnrd  |
security/libressl: Update to 2.9.1
- Requires a rebuild of all dependent ports |
16 Dec 2018 11:08:56
2.8.3

|
brnrd  |
security/libressl: Security update to 2.8.3
Security: 6f170cf2-e6b7-11e8-a9a8-b499baebfeaf |
20 Oct 2018 10:30:23
2.8.2

|
brnrd  |
security/libressl: Update to 2.8.2
- Requires rebuild of all dependent ports |
12 Sep 2018 11:36:17
2.7.4

|
brnrd  |
Chase CONFLICTS after addition of security/openssl111
- While here mark OpenSSL 1.1.0 deprecated
see: https://www.openssl.org/policies/releasestrat.html |
14 Jun 2018 17:28:54
2.7.4

|
brnrd  |
security/libressl: Security update to 2.7.4
MFH: 2018Q2
Security: c82ecac5-6e3f-11e8-8777-b499baebfeaf |
06 May 2018 19:08:26
2.7.3

|
brnrd  |
security/libressl: Don't stage man3 manpages if MAN3 off |
06 May 2018 12:16:09
2.7.3

|
brnrd  |
security/libressl: Update to 2.7.3 |
30 Apr 2018 08:08:49
2.7.2_1

|
brnrd  |
security/libressl: Use -pthread
Reported by: jbeich, eadler |
29 Apr 2018 12:37:37
2.7.2_1

|
brnrd  |
security/libressl: Force linking libthr
- Fixes problems with loading private ssh keys |
28 Apr 2018 20:09:44
2.7.2

|
brnrd  |
security/libressl: Add version.mk change |
28 Apr 2018 19:46:57
2.7.2

|
brnrd  |
security/libressl: Update to 2.7.2
- Most important ports are compatible, see
https://wiki.freebsd.org/LibreSSL/2.7 for more info |
27 Apr 2018 10:16:47
2.6.4_1

|
brnrd  |
security/libressl: Bump portrevision
- Everybody deserves AES-NI off-load
Reported by: adamw |
24 Apr 2018 19:50:43
2.6.4

|
brnrd  |
security/libressl: Fix AES-NI assembly detection
- While here, fix broken man3 option
Reported by: Franco Fichtner <franco opnsense org> |
21 Dec 2017 07:07:23
2.6.4

|
brnrd  |
security/libressl: Bugfix update to 2.6.4
- Fixes (No-)TLS with broken smtp clients
MFH: 2017Q4 |
07 Nov 2017 15:30:52
2.6.3

|
brnrd  |
security/libressl: Update to 2.6.3
- Align with security/libressl-devel
- Switch to using new install-man5 target for MAN3 option
- Add UPDATING entry |
13 Jul 2017 10:49:16
2.5.5

|
brnrd  |
security/libressl: Update to 2.5.5
- Bugfix update to 2.5.5
- nc manpage install fixed upstream |
03 May 2017 08:44:36
2.5.4

|
brnrd  |
security/libressl: Update to 2.5.4
- Security update to 2.5.4
- Remove CVE-2017-8301 patch (included in 2.5.4)
Security: 24673ed7-2bf3-11e7-b291-b499baebfeaf |
29 Apr 2017 17:10:09
2.5.3_1

|
brnrd  |
security/libressl: Fix vulnerability
Obtained from: OpenBSD
MFH: 2017Q2
Security: 24673ed7-2bf3-11e7-b291-b499baebfeaf
Security: CVE-2017-8301 |
11 Apr 2017 19:01:34
2.5.3

|
brnrd  |
security/libressl: Update to 2.5.3
- Update to 2.5.3
- Bump shlib versions
- Add UPDATING entry for shlib version bumps
- Use --enable-nc configure arg
- Align with CFLAGS from -devel
- Remove commented EXPLICIT_BZERO blurb
- Update pkg-plist
- Add x25519, drop krb5_asn header
- Add ocspcheck binary
- Added/removed man-pages |
01 Feb 2017 09:59:34
2.4.5

|
brnrd  |
security/libressl: Update to 2.4.5
- Update version to 2.4.5
- Remove patch now included |
11 Jan 2017 11:42:37
2.4.4_1

|
brnrd  |
security/libressl: Fix ECDSA P-256 timing attack vuln
- Add patch from OpenBSD
MFH: 2017Q1
Security: 7caebe30-d7f1-11e6-a9a5-b499baebfeaf
Security: CVE-2016-7056 |
02 Dec 2016 11:58:22
2.4.4

|
mat  |
Do not use post-stage. Use post-install instead.
The only reason to use post-stage is because the port needs to do
"things" at a later time, like some plist manipulation.
While there, fold post-install in do-install targets when they are
defined.
PR: 214780
Submitted by: mat
Exp-run by: antoine
Sponsored by: Absolight |
15 Nov 2016 21:51:28
2.4.4

|
brnrd  |
security/libressl: Update to 2.4.4
- Bug-fix update to 2.4.4
- Improve MAN3 option handling
- add extra-patch |
30 Oct 2016 14:56:57
2.4.3

|
brnrd  |
security/libressl: Switch to CONFLICTS_INSTALL
- There's no conflict at build time
PR: 213691 |
21 Oct 2016 12:51:41
2.4.3

|
mat  |
${RM} already has -f.
PR: 213570
Submitted by: mat
Exp-run by: antoine
Sponsored by: Absolight |
27 Sep 2016 20:50:33
2.4.3

|
brnrd  |
security/libressl: Update to 2.4.3
- Update to 2.4.3
- Only affected by CVE-2016-6304 (high)
MFH: 2016Q3
Security: CVE-2016-6304
Security: 43eaa656-80bc-11e6-bf52-b499baebfeaf |
11 Aug 2016 20:06:03
2.4.2

|
brnrd  |
security/libressl: Update to 2.4.2
- Update to latest stable version 2.4.2
- Add UPDATING entry
- Remove OPENSSL_VERSION_NUMBER patch
- Change post-install targets to post-stage where possible
- Bump libcrypto version in version.mk
PR: 211701 |
03 Aug 2016 19:25:11
2.3.7

|
brnrd  |
security/libressl: Update to 2.3.7
- Bugfix update [1]
Release notes:
- http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.7-relnotes.txt |
16 Jun 2016 13:22:59
2.3.6

|
mat  |
Add DEFAULT_VERSIONS=ssl=XXX
Move the openssl detection routine to bsd.default-version.mk.
Add warnings telling people to not use WITH_OPENSSL_PORT or
WITH_OPENSSL_BASE.
To ease maintainability, change the way the different ssl libraries
version numbers are checked.
PR: 210149
Submitted by: mat
Exp-run by: antoine
Sponsored by: The FreeBSD Foundation, Absolight
Differential Revision: https://reviews.freebsd.org/D6577 |
09 Jun 2016 20:33:10
2.3.6

|
brnrd  |
security/libressl: Update to version 2.3.6
Security: CVE-2016-2178
Sponsored by: BSDCan DevSummit |
01 Jun 2016 06:51:53
2.3.5

|
brnrd  |
security/libressl: Update to 2.3.5
- Update to bug-fix version 2.3.5
- `signify` verified tarball
- Remove MAKE_JOBS_UNSAFE added in 2.3.4 |
03 May 2016 21:15:44
2.3.4

|
brnrd  |
security/libressl: Update to 2.3.4
- Upstream marked the 2.3 branch as stable
- Bump SHLIB_VERSION in bsd.openssl.mk
- Note SHLIB_VERSION bump and SSLv3 removal in UPDATING
- Add TLS-enabled netcat binary
- Fix linking issues with MySQL 5.7 [1]
- Includes vulnerability fixes [2]
PR: 208759 [1]
Security: 01d729ca-1143-11e6-b55e-b499baebfeaf [2]
Reviewed_by: feld (mentor), koobs (mentor)
Approved by: feld (mentor, ports-secteam)
Differential Revision: D5902 |
06 Mar 2016 20:06:41
2.2.6

|
brnrd  |
security/libressl*: Register conflict with security/openssl-devel
- Add conflict for security/openssl-devel
- Sort conflicts alphabetically
Reviewed by: feld (mentor), koobs (mentor)
Approved by: feld (mentor)
Differential Revision: D5539 |
31 Jan 2016 11:48:37
2.2.6

|
brnrd  |
security/libressl: Update to 2.2.6
- Update to version 2.2.6 [1]
- Remove CA root cert that is installed by default
Changes:
ftp://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.6-relnotes.txt [1]
Reviewed by: koobs (mentor), feld (mentor)
Approved by: (mentor)
Differential Revision: D5115 |
05 Jan 2016 19:47:13
2.2.5

|
brnrd  |
ecurity/libressl: Take MAINTAINER'ship
- As requested by current maintainer via email
Reviewed by: koobs (mentor), vsevolod (maintainer), feld (mentor)
Approved by: koobs (mentor), vsevolod (maintainer)
Differential Revision: D4782 |
08 Dec 2015 10:02:19
2.2.5

|
brnrd  |
security/libressl: Update to 2.2.5
- Version 2.2.5 addresses CVE-2015-2394
- Refactor regression-test target to TEST_TARGET
- Add LibreSSL < 2.2.5/2.3.1_1 vuxml entry
Reviewed by: koobs (mentor), feld (ports-secteam), delphij (ports-secteam)
Approved by: koobs (mentor), delphij (ports-secteam)
Security: 215e740e-9c56-11e5-90e7-b499baebfeaf
MFH: 2015Q4
Differential Revision: https://reviews.freebsd.org/D4393 |
16 Oct 2015 07:13:03
2.2.4

|
brnrd  |
security/libressl: Fix memory leak and buffer overflow DoS vulnerability
* Update to 2.2.4 (fixing vulnerabilities)
* Create vuxml entry
Differential Revision: https://reviews.freebsd.org/D3916
Submitted by: Bernard Spil <brnrd@freebsd.org>
Reviewed by: delphij
Approved by: delphij (secteam)
MFC after: 2015Q4
Security: e75a96df-73ca-11e5-9b45-b499baebfeaf
Security: CVE-2015-5333, CVE-2015-5334 |
15 Sep 2015 19:22:46
2.2.3

|
brnrd  |
security/libressl: Fix AESNI support
PR: 200894
Approved by: vsevolod (maintainer, mentor) |
31 Aug 2015 12:25:43
2.2.3

|
brnrd  |
security/libressl: Update to 2.2.3
- Update to 2.2.3
- Show compiler flags/invokes in build-log
Changes:
ftp://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.3-relnotes.txt
Reviewed by: koobs (mentor)
Approved by: koobs (mentor)
Differential Revision: https://reviews.freebsd.org/D3537 |
06 Aug 2015 19:36:47
2.2.2

|
brnrd  |
Revert pkg-plist OPENSSL_SHLIBVER addition
Reported by: antoine |
06 Aug 2015 19:13:18
2.2.2

|
brnrd  |
security/libressl: Update to 2.2.2
* Bump SHLIB versions of libssl/crypto/tls
* Bump OPENSSL_SHLIBVER in bsd.openssl.mk
* Add UPDATING entry for SHLIB version bump
* Narrow scope of CONFLICTS (portlint)
Changes:
ftp://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.2-relnotes.txt
Differential_revision: D3278
Reviewed by: koobs (mentor), vsevolod (maintainer, mentor)
Approved by: koobs (mentor) |
08 Jul 2015 19:27:48
2.2.1

|
brnrd  |
security/libressl: Update to 2.2.1
* Minor update from OpenBSD LibreSSL-portable
* Bumps all SHLIB versions
* Bumps OPENSSL_SHLIBVER in bsd.openssl.mk
* Adds UPDATING entry for SHLIB version bump
* MFH as 2.2.0 already closes several vulns
Changes:
ftp://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.1-relnotes.txt
Differential revision: https://reviews.freebsd.org/D2963
Reviewed by: vsevolod (maintainer/mentor), koobs (mentor)
Approved by: vsevolod (maintainer/mentor), koobs (mentor)
MFH: 2015Q3 |
14 Jun 2015 13:28:27
2.2.0

|
brnrd  |
security/libressl: Update to 2.2.0
- Update to 2.2.0
- Remove opensslfeatures.h patch (included upstream)
- Add pkg-plist (mainly documentation)
- Bump libcrypto SHLIB version in Mk/bsd.openssl.mk
Changes:
http://marc.info/?l=openbsd-announce&m=143404058913441
Reviewed_by: vsevolod, koobs
Approved by: vsevolod (maintainer, mentor), koobs (mentor)
Security: 8305e215-1080-11e5-8ba2-000c2980a9f3
Differential revision: D2770
MFH: 2015Q2 |
12 Jun 2015 02:23:34
2.1.7

|
vsevolod  |
- Update to 2.1.7 that fixes the recent openssl vulnerabilities
Submitted by: zi via IRC |
01 Jun 2015 07:25:55
2.1.6_1

|
brnrd  |
security/libressl: Backport change for missing EGD feature
- LibreSSL uses opensslfeatures.h to set defines for removed features
- RAND_egd support was removed before first portable release
- Change adds OPENSSL_NO_EGD define to make porting easier
- Change is part of coming 2.2.0 version
Approved by: vsevolod (maintainer, mentor), koobs (mentor)
Obtained from: OpenBSD
MFC after: 1 month |
14 May 2015 10:15:09
2.1.6

|
mat  |
MASTER_SITES cleanup.
- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.
While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.
Also, replace some EXTRACT_SUFX occurences with USES=tar:*.
Checked by: make fetch-urlall-list
With hat: portmgr
Sponsored by: Absolight |
19 Mar 2015 23:11:49
2.1.6

|
vsevolod  |
- Update to 2.1.6
- Remove incorrectly added patch files
PR: 198718
Submitted by: Bernard Spil <spil.oss at gmail.com>
Security: CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288,
CVE-2015-0289 |
19 Mar 2015 15:30:24
2.1.5_1

|
vsevolod  |
- Backport the following fixes from openssl [1]:
CVE-2015-0207 Segmentation fault in DTLSv1_listen moderate
CVE-2015-0209 Use After Free following d2i_ECPrivatekey error low
CVE-2015-0286 Segmentation fault in ASN1_TYPE_cmp moderate
CVE-2015-0287 ASN.1 structure reuse memory corruption moderate
CVE-2015-0289 PKCS7 NULL pointer dereferences moderate
- Enable libtls component [2]
- Bump portrevision
PR: 198681 [1]
Submitted by: Bernard Spil <spil.oss at gmail.com> [1], naddy [2] |
18 Mar 2015 09:55:01
2.1.5

|
vsevolod  |
- Update to 2.1.5
PR: 198651
Submitted by: Bernard Spil <spil.oss at gmail.com> |
04 Mar 2015 09:34:26
2.1.4

|
vsevolod  |
- Update to 2.1.4
PR: 198269
Submitted by: Bernard Spil <spil.oss at gmail.com> |
22 Jan 2015 16:48:38
2.1.3

|
vsevolod  |
- Update to 2.1.3
PR: 197005
Submitted by: Bernard Spil <spil.oss at gmail.com> |
16 Dec 2014 22:06:34
2.1.2

|
vsevolod  |
- Update to 2.1.2 |
17 Oct 2014 10:13:02
2.1.1

|
vsevolod  |
- Update to 2.1.1. |
13 Oct 2014 08:33:04
2.1.0

|
vsevolod  |
- Update to 2.1.0
Submitted by: Johan Schuijt <johan at 300.nl> via private email |
17 Aug 2014 14:22:00
2.0.5

|
vsevolod  |
- Update to 2.0.5.
Submitted by: Johan Schuijt <johan at 300.nl> via private email |
07 Aug 2014 12:56:14
2.0.4

|
vsevolod  |
- Update to 2.0.4.
Notice: openssl CVEs are not yet fixed in this version. |
22 Jul 2014 14:08:54
2.0.3

|
vsevolod  |
Update to 2.0.3. |
16 Jul 2014 11:07:25
2.0.2

|
vsevolod  |
Update to 2.0.2 |
13 Jul 2014 14:52:26
2.0.1

|
vsevolod  |
- Update to 2.0.1 |
12 Jul 2014 20:49:36
2.0.0_1

|
vsevolod  |
- Fix OPENSSL_VERSION_NUMBER to identify that libressl supports features of
openssl 1.0.1g only
- Add LIBRESSL_VERSION_NUMBER to distinguish from openssl
- Strip libraries correctly
- Bump PORTREVISION |
12 Jul 2014 12:03:43
2.0.0

|
vsevolod  |
Add libressl port - OpenBSD fork of the popular OpenSSL library. |