FreshPorts -- security/libressl: Free version of the SSL/TLS protocol forked from OpenSSL

Port details

libressl Free version of the SSL/TLS protocol forked from OpenSSL

3.3.3 security =15 3.3.3Version of this port present on the latest quarterly branch.

Maintainer: brnrd@FreeBSD.org

Port Added: 2014-07-12 12:03:53

Last Update: 2021-05-04 14:31:51

Commit Hash: 06920f4

People watching this port, also watch:: nginx, openssl, pkg, tmux, rsync

Also Listed In: devel

License: BSD4CLAUSE

Description:

LibreSSL is an open-source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. It was forked from the OpenSSL cryptographic software library in April 2014 as a response by OpenBSD developers to the Heartbleed security vulnerability in OpenSSL, with the aim of refactoring the OpenSSL code so as to provide a more secure implementation. LibreSSL was forked from the OpenSSL library starting with the 1.0.1g branch and will follow the security guidelines used elsewhere in the OpenBSD project. WWW: http://www.libressl.org/

SVNWeb : git : Homepage

pkg-plist: as obtained via: make generate-plist

There is no configure plist information for this port.

Dependency lines:

libressl>0:security/libressl

Conflicts:

CONFLICTS_INSTALL:

libressl-devel-libtls-[0-9]*
openssl-[0-9]*
openssl-devel-[0-9]*

Conflicts Matches:

There are no Conflicts Matches for this port. This is usually an error.

To install the port: cd /usr/ports/security/libressl/ && make install clean

To add the package, run one of these commands:

pkg install security/libressl
pkg install libressl

PKGNAME: libressl

Package flavors (<flavor>: <package>)

default: libressl
libtls: libressl-libtls

distinfo:

TIMESTAMP = 1620128354 SHA256 (libressl-3.3.3.tar.gz) = a471565b36ccd1a70d0bd7d37c6e95c43a26a62829b487d9d2cdebfe58be3066 SIZE (libressl-3.3.3.tar.gz) = 3848064

Packages (timestamps in pop-ups are UTC):

libressl
ABI	latest	quarterly
FreeBSD:11:aarch64	2.7.4	3.1.3
FreeBSD:11:amd64	3.3.3	3.3.3
FreeBSD:11:armv6	2.3.6	3.1.4
FreeBSD:11:i386	3.3.3	3.3.3
FreeBSD:11:mips	-	-
FreeBSD:11:mips64	2.3.6	3.1.4
FreeBSD:12:aarch64	2.7.4	3.3.3
FreeBSD:12:amd64	3.3.3	3.3.3
FreeBSD:12:armv6	2.7.4	3.1.4
FreeBSD:12:armv7	2.7.4	3.1.4
FreeBSD:12:i386	3.3.3	3.3.3
FreeBSD:12:mips	-	-
FreeBSD:12:mips64	2.7.4	3.1.3
FreeBSD:12:powerpc64	-	3.2.5
FreeBSD:13:aarch64	3.2.3	3.3.3
FreeBSD:13:amd64	3.3.3	3.3.3
FreeBSD:13:armv6	3.2.3	3.2.5
FreeBSD:13:armv7	3.2.3	3.2.5
FreeBSD:13:i386	3.3.3	3.3.3
FreeBSD:13:mips	-	-
FreeBSD:13:mips64	-	-
FreeBSD:13:powerpc64	3.2.3	3.3.3
FreeBSD:14:aarch64	3.3.3	-
FreeBSD:14:amd64	3.3.3	-
FreeBSD:14:armv6	3.2.5	-
FreeBSD:14:armv7	3.2.5	-
FreeBSD:14:i386	3.3.3	-
FreeBSD:14:mips	-	-
FreeBSD:14:mips64	-	-
FreeBSD:14:powerpc64	3.2.5	-

libressl-libtls
ABI	latest	quarterly
FreeBSD:11:aarch64	-	-
FreeBSD:11:amd64	3.3.3	3.3.3
FreeBSD:11:armv6	-	-
FreeBSD:11:i386	3.3.3	3.3.3
FreeBSD:11:mips	-	-
FreeBSD:11:mips64	-	-
FreeBSD:12:aarch64	-	3.3.3
FreeBSD:12:amd64	3.3.3	3.3.3
FreeBSD:12:armv6	-	-
FreeBSD:12:armv7	-	-
FreeBSD:12:i386	3.3.3	3.3.3
FreeBSD:12:mips	-	-
FreeBSD:12:mips64	-	-
FreeBSD:12:powerpc64	-	-
FreeBSD:13:aarch64	-	3.3.3
FreeBSD:13:amd64	3.3.3	3.3.3
FreeBSD:13:armv6	-	-
FreeBSD:13:armv7	-	-
FreeBSD:13:i386	3.3.3	3.3.3
FreeBSD:13:mips	-	-
FreeBSD:13:mips64	-	-
FreeBSD:13:powerpc64	-	3.3.3
FreeBSD:14:aarch64	3.3.3	-
FreeBSD:14:amd64	3.3.3	-
FreeBSD:14:armv6	-	-
FreeBSD:14:armv7	-	-
FreeBSD:14:i386	3.3.3	-
FreeBSD:14:mips	-	-
FreeBSD:14:mips64	-	-
FreeBSD:14:powerpc64	-	-

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

pkgconf>=1.3.0_1 : devel/pkgconf

This port is required by:

for Build

Deleted ports which required this port:

Expand this list of 2 deleted ports

for Libraries

net/gmid

for Run

Deleted ports which required this port:

Expand this list of 1 deleted port

* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

Configuration Options:: ===> The following configuration options are available for libressl-3.3.3: MAN3=on: Install API manpages (section 3) NC=on: Install TLS-enabled netcat ===> Use 'make config' to modify these settings
Options name:: security_libressl

USES:: cpe libtool pathfix pkgconfig

Master Sites:

Expand this list (7 items)

Collapse this list.

Notes from UPDATING

These upgrade notes are taken from /usr/ports/UPDATING

2019-04-22

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  The port has been updated to the latest stable version 2.9 of LibreSSL.
  The shared library versions of the libraries have been bumped.

  After upgrading, manually update all packages that depend on any of the
  libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
  versions of these libraries have changed. Normally, you can obtain the
  list of dependent software by running the following command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

Expand this list (10 items)

2018-10-20

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  The port has been updated to the latest stable version 2.8 of LibreSSL.
  The shared library versions of the libraries have been bumped.

  After upgrading, manually update all packages that depend on any of the
  libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
  versions of these libraries have changed. Normally, you can obtain the
  list of dependent software by running the following command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

2018-04-28

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  The port has been updated to the latest stable version 2.7 of LibreSSL.
  The shared library versions of the libraries have been bumped.

  After upgrading, manually update all packages that depend on any of the
  libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
  versions of these libraries have changed. Normally, you can obtain the
  list of dependent software by running the following command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

2017-11-07

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  The port has been updated to the latest stable version 2.6 of LibreSSL.
  The shared library versions of the libraries have been bumped.

  After upgrading, manually update all packages that depend on any of the
  libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
  versions of these libraries have changed. Normally, you can obtain the
  list of dependent software by running the following command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

2017-04-11

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  The port has been updated to the latest stable version 2.5 of LibreSSL.
  The shared library versions of the libraries have been bumped.

  After upgrading, manually update all packages that depend on any of the
  libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
  versions of these libraries have changed. Normally, you can obtain the
  list of dependent software by running the following command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

2016-08-11

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  The port has been updated to the latest stable version 2.4 of LibreSSL.
  The shared library versions of the libraries have been bumped.
  With this update, the patch for the OPENSSL_VERSION_NUMBER has been
  removed. This causes issues with a number of ports. Patches for all
  ports for which this issues is known can be found on
  https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER

  After upgrading, manually update all packages that depend on any of the
  libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
  versions of these libraries have changed. Normally, you can obtain the
  list of dependent software by running the following command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

2016-05-03

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  LibreSSL 2.3 has removed SSLv3 support completely which leads to issues
  with a number of ports. Patches for many of these issues can be found
  on https://wiki.freebsd.org/OpenSSL/No-SSLv3

  After upgrading to 2.3.4, manually update all packages that depend on
  any of the libraries provided by LibreSSL (libssl, libcrypto and
  libtls) since the versions of these libraries have changed. Normally,
  you can obtain the list of dependent software by running the following
  command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

2015-08-06

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  After upgrading to 2.2.2, manually update all packages that depend on
  any of the libraries provided by LibreSSL (libssl, libcrypto and
  libtls) since the versions of these libraries have changed. Normally,
  you can obtain the list of dependent software by running the following
  command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

2015-07-08

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  After upgrading to 2.2.1, manually update all packages that depend on
  any of the libraries provided by LibreSSL (libssl, libcrypto and
  libtls) since the versions of these libraries have changed. Normally,
  you can obtain the list of dependent software by running the following
  command:

  pkg query -e '%n = libressl' %ro

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies.

2015-06-15

Affects: users of security/libressl

Author: brnrd@FreeBSD.org

Reason: 
  After upgrading libressl, manually update all packages that depend on
  this library since its version has changed. Normally, you can obtain the
  list of dependent software by running the following command:

  pkg query -e '%n = libressl' %ro

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies.

2015-03-04

Affects: users of security/libressl

Author: vsevolod@highsecure.ru

Reason: 
  After upgrading of libressl you should manually update all packages that
  depending on this library since its version has been changed. Normally,
  you could obtain the list of dependent software by running the following
  command:

  pkg query -e '%n = libressl' %ro

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies.

Collapse this list.

Number of commits found: 76

Date	By	Description
Commit History - (may be incomplete: see SVNWeb link above for full details)
04 May 2021 14:31:51 3.3.3	brnrd	security/libressl: Upgrade to 3.3.3 * Add libtls flavor
06 Apr 2021 14:31:07 3.2.5	mat	Remove # $FreeBSD$ from Makefiles.
20 Mar 2021 18:35:47 3.2.5	brnrd	security/libressl: Security update to 3.2.5 Security: eeca52dc-866c-11eb-b8d6-d4c9ef517024
16 Mar 2021 15:43:22 3.2.4_1	brnrd	security/libressl: Security fix for potential use-after-free MFH: 2021Q1 Security: eeca52dc-866c-11eb-b8d6-d4c9ef517024
13 Feb 2021 10:12:57 3.2.4	brnrd	security/libressl: Bugfix update to 3.2.4 * See errata 013 from OpenBSD 6.8 * Various interoperability issues and memory leaks were discovered in libcrypto and libssl
11 Dec 2020 10:40:03 3.2.3	brnrd	security/libressl: Security update to 3.2.3 MFH: 2020Q4 Security: 88dfd92f-3b9c-11eb-929d-d4c9ef517024
19 Oct 2020 18:02:55 3.2.2	brnrd	security/libressl: Update to 3.2.2
19 Aug 2020 07:03:12 3.1.4	brnrd	security/libressl: Update to 3.1.4 * Interoperability and bug fixes (incl hang) MFH: 2020Q3
16 Jun 2020 07:00:52 3.1.3	brnrd	security/libressl: Chain-validation update to 3.1.3
21 May 2020 11:12:15 3.1.2	brnrd	security/libressl: Bugfix update to 3.1.2 * Fixes client crash MFH: 2020Q2
08 May 2020 20:17:22 3.1.1	brnrd	security/libressl: Update to 3.1.1 * 3.1 branch now stable (OpenBSD 6.7)
27 Apr 2020 13:10:14 3.0.2	brnrd	security/openssl-devel: Resurrect OpenSSL devel port
01 Jan 2020 17:30:19 3.0.2	brnrd	Chase rename of security/openssl111 - Categories n-z MFH: 2020Q1
19 Oct 2019 14:23:00 3.0.2	brnrd	security/libressl: Update to 3.0.2 * no SHLIBVER bump
22 May 2019 18:24:29 2.9.2	brnrd	security/libressl: Update to 2.9.2
22 Apr 2019 19:44:58 2.9.1	brnrd	security/libressl: Update to 2.9.1 - Requires a rebuild of all dependent ports
16 Dec 2018 11:08:56 2.8.3	brnrd	security/libressl: Security update to 2.8.3 Security: 6f170cf2-e6b7-11e8-a9a8-b499baebfeaf
20 Oct 2018 10:30:23 2.8.2	brnrd	security/libressl: Update to 2.8.2 - Requires rebuild of all dependent ports
12 Sep 2018 11:36:17 2.7.4	brnrd	Chase CONFLICTS after addition of security/openssl111 - While here mark OpenSSL 1.1.0 deprecated see: https://www.openssl.org/policies/releasestrat.html
14 Jun 2018 17:28:54 2.7.4	brnrd	security/libressl: Security update to 2.7.4 MFH: 2018Q2 Security: c82ecac5-6e3f-11e8-8777-b499baebfeaf
06 May 2018 19:08:26 2.7.3	brnrd	security/libressl: Don't stage man3 manpages if MAN3 off
06 May 2018 12:16:09 2.7.3	brnrd	security/libressl: Update to 2.7.3
30 Apr 2018 08:08:49 2.7.2_1	brnrd	security/libressl: Use -pthread Reported by: jbeich, eadler
29 Apr 2018 12:37:37 2.7.2_1	brnrd	security/libressl: Force linking libthr - Fixes problems with loading private ssh keys
28 Apr 2018 20:09:44 2.7.2	brnrd	security/libressl: Add version.mk change
28 Apr 2018 19:46:57 2.7.2	brnrd	security/libressl: Update to 2.7.2 - Most important ports are compatible, see https://wiki.freebsd.org/LibreSSL/2.7 for more info
27 Apr 2018 10:16:47 2.6.4_1	brnrd	security/libressl: Bump portrevision - Everybody deserves AES-NI off-load Reported by: adamw
24 Apr 2018 19:50:43 2.6.4	brnrd	security/libressl: Fix AES-NI assembly detection - While here, fix broken man3 option Reported by: Franco Fichtner <franco opnsense org>
21 Dec 2017 07:07:23 2.6.4	brnrd	security/libressl: Bugfix update to 2.6.4 - Fixes (No-)TLS with broken smtp clients MFH: 2017Q4
07 Nov 2017 15:30:52 2.6.3	brnrd	security/libressl: Update to 2.6.3 - Align with security/libressl-devel - Switch to using new install-man5 target for MAN3 option - Add UPDATING entry
13 Jul 2017 10:49:16 2.5.5	brnrd	security/libressl: Update to 2.5.5 - Bugfix update to 2.5.5 - nc manpage install fixed upstream
03 May 2017 08:44:36 2.5.4	brnrd	security/libressl: Update to 2.5.4 - Security update to 2.5.4 - Remove CVE-2017-8301 patch (included in 2.5.4) Security: 24673ed7-2bf3-11e7-b291-b499baebfeaf
29 Apr 2017 17:10:09 2.5.3_1	brnrd	security/libressl: Fix vulnerability Obtained from: OpenBSD MFH: 2017Q2 Security: 24673ed7-2bf3-11e7-b291-b499baebfeaf Security: CVE-2017-8301
11 Apr 2017 19:01:34 2.5.3	brnrd	security/libressl: Update to 2.5.3 - Update to 2.5.3 - Bump shlib versions - Add UPDATING entry for shlib version bumps - Use --enable-nc configure arg - Align with CFLAGS from -devel - Remove commented EXPLICIT_BZERO blurb - Update pkg-plist - Add x25519, drop krb5_asn header - Add ocspcheck binary - Added/removed man-pages
01 Feb 2017 09:59:34 2.4.5	brnrd	security/libressl: Update to 2.4.5 - Update version to 2.4.5 - Remove patch now included
11 Jan 2017 11:42:37 2.4.4_1	brnrd	security/libressl: Fix ECDSA P-256 timing attack vuln - Add patch from OpenBSD MFH: 2017Q1 Security: 7caebe30-d7f1-11e6-a9a5-b499baebfeaf Security: CVE-2016-7056
02 Dec 2016 11:58:22 2.4.4	mat	Do not use post-stage. Use post-install instead. The only reason to use post-stage is because the port needs to do "things" at a later time, like some plist manipulation. While there, fold post-install in do-install targets when they are defined. PR: 214780 Submitted by: mat Exp-run by: antoine Sponsored by: Absolight
15 Nov 2016 21:51:28 2.4.4	brnrd	security/libressl: Update to 2.4.4 - Bug-fix update to 2.4.4 - Improve MAN3 option handling - add extra-patch
30 Oct 2016 14:56:57 2.4.3	brnrd	security/libressl: Switch to CONFLICTS_INSTALL - There's no conflict at build time PR: 213691
21 Oct 2016 12:51:41 2.4.3	mat	${RM} already has -f. PR: 213570 Submitted by: mat Exp-run by: antoine Sponsored by: Absolight
27 Sep 2016 20:50:33 2.4.3	brnrd	security/libressl: Update to 2.4.3 - Update to 2.4.3 - Only affected by CVE-2016-6304 (high) MFH: 2016Q3 Security: CVE-2016-6304 Security: 43eaa656-80bc-11e6-bf52-b499baebfeaf
11 Aug 2016 20:06:03 2.4.2	brnrd	security/libressl: Update to 2.4.2 - Update to latest stable version 2.4.2 - Add UPDATING entry - Remove OPENSSL_VERSION_NUMBER patch - Change post-install targets to post-stage where possible - Bump libcrypto version in version.mk PR: 211701
03 Aug 2016 19:25:11 2.3.7	brnrd	security/libressl: Update to 2.3.7 - Bugfix update [1] Release notes: - http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.7-relnotes.txt
16 Jun 2016 13:22:59 2.3.6	mat	Add DEFAULT_VERSIONS=ssl=XXX Move the openssl detection routine to bsd.default-version.mk. Add warnings telling people to not use WITH_OPENSSL_PORT or WITH_OPENSSL_BASE. To ease maintainability, change the way the different ssl libraries version numbers are checked. PR: 210149 Submitted by: mat Exp-run by: antoine Sponsored by: The FreeBSD Foundation, Absolight Differential Revision: https://reviews.freebsd.org/D6577
09 Jun 2016 20:33:10 2.3.6	brnrd	security/libressl: Update to version 2.3.6 Security: CVE-2016-2178 Sponsored by: BSDCan DevSummit
01 Jun 2016 06:51:53 2.3.5	brnrd	security/libressl: Update to 2.3.5 - Update to bug-fix version 2.3.5 - `signify` verified tarball - Remove MAKE_JOBS_UNSAFE added in 2.3.4
03 May 2016 21:15:44 2.3.4	brnrd	security/libressl: Update to 2.3.4 - Upstream marked the 2.3 branch as stable - Bump SHLIB_VERSION in bsd.openssl.mk - Note SHLIB_VERSION bump and SSLv3 removal in UPDATING - Add TLS-enabled netcat binary - Fix linking issues with MySQL 5.7 [1] - Includes vulnerability fixes [2] PR: 208759 [1] Security: 01d729ca-1143-11e6-b55e-b499baebfeaf [2] Reviewed_by: feld (mentor), koobs (mentor) Approved by: feld (mentor, ports-secteam) Differential Revision: D5902
06 Mar 2016 20:06:41 2.2.6	brnrd	security/libressl*: Register conflict with security/openssl-devel - Add conflict for security/openssl-devel - Sort conflicts alphabetically Reviewed by: feld (mentor), koobs (mentor) Approved by: feld (mentor) Differential Revision: D5539
31 Jan 2016 11:48:37 2.2.6	brnrd	security/libressl: Update to 2.2.6 - Update to version 2.2.6 [1] - Remove CA root cert that is installed by default Changes: ftp://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.6-relnotes.txt [1] Reviewed by: koobs (mentor), feld (mentor) Approved by: (mentor) Differential Revision: D5115
05 Jan 2016 19:47:13 2.2.5	brnrd	ecurity/libressl: Take MAINTAINER'ship - As requested by current maintainer via email Reviewed by: koobs (mentor), vsevolod (maintainer), feld (mentor) Approved by: koobs (mentor), vsevolod (maintainer) Differential Revision: D4782
08 Dec 2015 10:02:19 2.2.5	brnrd	security/libressl: Update to 2.2.5 - Version 2.2.5 addresses CVE-2015-2394 - Refactor regression-test target to TEST_TARGET - Add LibreSSL < 2.2.5/2.3.1_1 vuxml entry Reviewed by: koobs (mentor), feld (ports-secteam), delphij (ports-secteam) Approved by: koobs (mentor), delphij (ports-secteam) Security: 215e740e-9c56-11e5-90e7-b499baebfeaf MFH: 2015Q4 Differential Revision: https://reviews.freebsd.org/D4393
16 Oct 2015 07:13:03 2.2.4	brnrd	security/libressl: Fix memory leak and buffer overflow DoS vulnerability * Update to 2.2.4 (fixing vulnerabilities) * Create vuxml entry Differential Revision: https://reviews.freebsd.org/D3916 Submitted by: Bernard Spil <brnrd@freebsd.org> Reviewed by: delphij Approved by: delphij (secteam) MFC after: 2015Q4 Security: e75a96df-73ca-11e5-9b45-b499baebfeaf Security: CVE-2015-5333, CVE-2015-5334
15 Sep 2015 19:22:46 2.2.3	brnrd	security/libressl: Fix AESNI support PR: 200894 Approved by: vsevolod (maintainer, mentor)
31 Aug 2015 12:25:43 2.2.3	brnrd	security/libressl: Update to 2.2.3 - Update to 2.2.3 - Show compiler flags/invokes in build-log Changes: ftp://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.3-relnotes.txt Reviewed by: koobs (mentor) Approved by: koobs (mentor) Differential Revision: https://reviews.freebsd.org/D3537
06 Aug 2015 19:36:47 2.2.2	brnrd	Revert pkg-plist OPENSSL_SHLIBVER addition Reported by: antoine
06 Aug 2015 19:13:18 2.2.2	brnrd	security/libressl: Update to 2.2.2 * Bump SHLIB versions of libssl/crypto/tls * Bump OPENSSL_SHLIBVER in bsd.openssl.mk * Add UPDATING entry for SHLIB version bump * Narrow scope of CONFLICTS (portlint) Changes: ftp://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.2-relnotes.txt Differential_revision: D3278 Reviewed by: koobs (mentor), vsevolod (maintainer, mentor) Approved by: koobs (mentor)
08 Jul 2015 19:27:48 2.2.1	brnrd	security/libressl: Update to 2.2.1 * Minor update from OpenBSD LibreSSL-portable * Bumps all SHLIB versions * Bumps OPENSSL_SHLIBVER in bsd.openssl.mk * Adds UPDATING entry for SHLIB version bump * MFH as 2.2.0 already closes several vulns Changes: ftp://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.1-relnotes.txt Differential revision: https://reviews.freebsd.org/D2963 Reviewed by: vsevolod (maintainer/mentor), koobs (mentor) Approved by: vsevolod (maintainer/mentor), koobs (mentor) MFH: 2015Q3
14 Jun 2015 13:28:27 2.2.0	brnrd	security/libressl: Update to 2.2.0 - Update to 2.2.0 - Remove opensslfeatures.h patch (included upstream) - Add pkg-plist (mainly documentation) - Bump libcrypto SHLIB version in Mk/bsd.openssl.mk Changes: http://marc.info/?l=openbsd-announce&m=143404058913441 Reviewed_by: vsevolod, koobs Approved by: vsevolod (maintainer, mentor), koobs (mentor) Security: 8305e215-1080-11e5-8ba2-000c2980a9f3 Differential revision: D2770 MFH: 2015Q2
12 Jun 2015 02:23:34 2.1.7	vsevolod	- Update to 2.1.7 that fixes the recent openssl vulnerabilities Submitted by: zi via IRC
01 Jun 2015 07:25:55 2.1.6_1	brnrd	security/libressl: Backport change for missing EGD feature - LibreSSL uses opensslfeatures.h to set defines for removed features - RAND_egd support was removed before first portable release - Change adds OPENSSL_NO_EGD define to make porting easier - Change is part of coming 2.2.0 version Approved by: vsevolod (maintainer, mentor), koobs (mentor) Obtained from: OpenBSD MFC after: 1 month
14 May 2015 10:15:09 2.1.6	mat	MASTER_SITES cleanup. - Replace ${MASTER_SITE_FOO} with FOO. - Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9% of the time.) - Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and no hint of what it should be was present. - Fix some logic. - And generally, make things more simple and easy to understand. While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and SAMBA macros. Also, replace some EXTRACT_SUFX occurences with USES=tar:*. Checked by: make fetch-urlall-list With hat: portmgr Sponsored by: Absolight
19 Mar 2015 23:11:49 2.1.6	vsevolod	- Update to 2.1.6 - Remove incorrectly added patch files PR: 198718 Submitted by: Bernard Spil <spil.oss at gmail.com> Security: CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289
19 Mar 2015 15:30:24 2.1.5_1	vsevolod	- Backport the following fixes from openssl [1]: CVE-2015-0207 Segmentation fault in DTLSv1_listen moderate CVE-2015-0209 Use After Free following d2i_ECPrivatekey error low CVE-2015-0286 Segmentation fault in ASN1_TYPE_cmp moderate CVE-2015-0287 ASN.1 structure reuse memory corruption moderate CVE-2015-0289 PKCS7 NULL pointer dereferences moderate - Enable libtls component [2] - Bump portrevision PR: 198681 [1] Submitted by: Bernard Spil <spil.oss at gmail.com> [1], naddy [2]
18 Mar 2015 09:55:01 2.1.5	vsevolod	- Update to 2.1.5 PR: 198651 Submitted by: Bernard Spil <spil.oss at gmail.com>
04 Mar 2015 09:34:26 2.1.4	vsevolod	- Update to 2.1.4 PR: 198269 Submitted by: Bernard Spil <spil.oss at gmail.com>
22 Jan 2015 16:48:38 2.1.3	vsevolod	- Update to 2.1.3 PR: 197005 Submitted by: Bernard Spil <spil.oss at gmail.com>
16 Dec 2014 22:06:34 2.1.2	vsevolod	- Update to 2.1.2
17 Oct 2014 10:13:02 2.1.1	vsevolod	- Update to 2.1.1.
13 Oct 2014 08:33:04 2.1.0	vsevolod	- Update to 2.1.0 Submitted by: Johan Schuijt <johan at 300.nl> via private email
17 Aug 2014 14:22:00 2.0.5	vsevolod	- Update to 2.0.5. Submitted by: Johan Schuijt <johan at 300.nl> via private email
07 Aug 2014 12:56:14 2.0.4	vsevolod	- Update to 2.0.4. Notice: openssl CVEs are not yet fixed in this version.
22 Jul 2014 14:08:54 2.0.3	vsevolod	Update to 2.0.3.
16 Jul 2014 11:07:25 2.0.2	vsevolod	Update to 2.0.2
13 Jul 2014 14:52:26 2.0.1	vsevolod	- Update to 2.0.1
12 Jul 2014 20:49:36 2.0.0_1	vsevolod	- Fix OPENSSL_VERSION_NUMBER to identify that libressl supports features of openssl 1.0.1g only - Add LIBRESSL_VERSION_NUMBER to distinguish from openssl - Strip libraries correctly - Bump PORTREVISION
12 Jul 2014 12:03:43 2.0.0	vsevolod	Add libressl port - OpenBSD fork of the popular OpenSSL library.

Number of commits found: 76

Login
User Login Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts? About the authors Issues FAQ How big is it? Security Policy Privacy Blog Contact

Search
Enter Keywords: more...

Latest Vulnerabilities

mosquitto	Jul 24
asterisk13	Jul 23
asterisk13	Jul 23
asterisk16	Jul 23
asterisk16	Jul 23
asterisk16	Jul 23
asterisk18	Jul 23
asterisk18	Jul 23
asterisk18	Jul 23
pjsip	Jul 23
chromium	Jul 21
curl	Jul 21
mysql57-server	Jul 20
mysql80-server	Jul 20
gitea	Jul 18

12 vulnerabilities affecting 138 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2021-07-25 19:04:46

Ports
Home Categories Deleted ports Sanity Test Failures Newsfeeds

Statistics

Graphs
NEW Graphs (Javascript)

Calculated hourly:

Port count	45932
Broken	79
Deprecated	167
Ignore	310
Forbidden	4
Restricted	8
No CDROM	1
Vulnerable	26
Expired	115
Set to expire	141
Interactive	0
new 24 hours	0
new 48 hours	4
new 7 days	30
new fortnight	85
new month	191