| non port: security/wolfssl/Makefile |
|
SVNWeb
|
Number of commits found: 40 |
|
Sat, 4 Feb 2023
|
[ 15:44 Santhosh Raju (fox)  ]    2621a7fc
security/wolfssl: Update to v5.5.4
Changes since v5.5.3:
wolfSSL Release 5.5.4 (Dec 21, 2022)
Release 5.5.4 of wolfSSL embedded TLS has bug fixes and new features including:
New Feature Additions
* QUIC related changes for HAProxy integration and config option
* Support for Analog Devices MAXQ1080 and MAXQ1065
* Testing and build of wolfSSL with NuttX
* New software based entropy gatherer with configure option
--enable-entropy-memuseOP (Only the first 15 lines of the commit message are shown above  )
|
|
Sat, 12 Nov 2022
|
[ 05:55 Santhosh Raju (fox) ] e711537
security/wolfssl: Update to v5.5.3
Changes since v5.5.1:
wolfSSL Release 5.5.3 (Nov 2, 2022)
Release 5.5.3 of wolfSSL embedded TLS has the following bug fix:
Fixes
* Fix for possible buffer zeroization overrun introduced at the end of v5.5.2
release cycle in GitHub pull request 5743
(https://github.com/wolfSSL/wolfssl/pull/5743) and fixed in pull request 5757
(https://github.com/wolfSSL/wolfssl/pull/5757). In the case where a specific
memory allocation failed or a hardware fault happened there was the potential (Only the first 15 lines of the commit message are shown above )
|
|
Sat, 1 Oct 2022
|
[ 11:55 Santhosh Raju (fox) ] 44b4eda
security/wolfssl: Update to v5.5.1
Changes since v5.5.0:
wolfSSL Release 5.5.1 (Sep 28, 2022) Latest
Vulnerabilities
* [Med] Denial of service attack and buffer overflow against TLS 1.3 servers
using session ticket resumption. When built with --enable-session-ticket and
making use of TLS 1.3 server code in wolfSSL, there is the possibility of a
malicious client to craft a malformed second ClientHello packet that causes
the server to crash. This issue is limited to when using both
--enable-session-ticket and TLS 1.3 on the server side. Users with TLS 1.3
servers, and having --enable-session-ticket, should update to the latest
version of wolfSSL. Thanks to Max at Trail of Bits for the report and (Only the first 15 lines of the commit message are shown above )
|
|
Wed, 7 Sep 2022
|
[ 21:10 Stefan Eßer (se) ] b7f0544 (Only the first 10 of 27931 ports in this commit are shown above. )
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above )
|
|
Sun, 4 Sep 2022
|
[ 08:43 Santhosh Raju (fox) ] d915d5a
security/wolfssl: Update to v5.5.0
Changes since v5.4.0:
wolfSSL Release 5.5.0 (Aug 30, 2022)
Note:
** If not free’ing FP_ECC caches per thread by calling wc_ecc_fp_free there is
a
possible memory leak during TLS 1.3 handshakes which use ECC. Users are urged
to confirm they are free’ing FP_ECC caches per thread if enabled to avoid
this issue.
Release 5.5.0 of wolfSSL embedded TLS has bug fixes and new features including:
Vulnerabilities (Only the first 15 lines of the commit message are shown above )
|
|
Mon, 8 Aug 2022
|
[ 08:07 Santhosh Raju (fox) ] 4850ea1
security/wolfssl: Update to v5.4.0
Changes since v5.3.0:
wolfSSL Release 5.4.0 (July 11, 2022)
Note:
** Future releases of wolfSSL will turn off TLS 1.1 by default
** Release 5.4.0 made SP math the default math implementation. To make an
equivalent build as –disable-fastmath from previous versions of wolfSSL,
now
requires using the configure option –enable-heapmath instead.
Release 5.4.0 of wolfSSL embedded TLS has bug fixes and new features including:
Vulnerabilities (Only the first 15 lines of the commit message are shown above )
|
|
Sat, 7 May 2022
|
[ 11:43 Santhosh Raju (fox) ] 9819bae
security/wolfssl: Update to v5.3.0
Changes since v5.2.0:
Release 5.3.0 of wolfSSL embedded TLS has bug fixes and new features including:
New Feature Additions
Ports
* Updated support for Stunnel to version 5.61
* Add i.MX8 NXP SECO use for secure private ECC keys and expand
cryptodev-linux for use with the RSA/Curve25519 with the Linux CAAM driver
* Allow encrypt then mac with Apache port
* Update Renesas TSIP version to 1.15 on GR-ROSE and certificate signature
data for TSIP / SCE example(Only the first 15 lines of the commit message are shown above )
|
|
Sat, 26 Feb 2022
|
[ 06:58 Santhosh Raju (fox) ] ba4cf68
security/wolfssl: Update to v5.2.0
Changes since v5.1.1:
wolfSSL Release 5.2.0 (Feb 21, 2022)
Release 5.2.0 of wolfSSL embedded TLS has bug fixes and new features including:
Vulnerabilities
* [High] A TLS v1.3 server who requires mutual authentication can be
bypassed. If a malicious client does not send the certificate_verify message
a client can connect without presenting a certificate even if the server
requires one. Thank you to Aina Toky Rasoamanana and Olivier Levillain of
Télécom SudParis.
* [High] A TLS v1.3 client attempting to authenticate a TLS v1.3 server can(Only the first 15 lines of the commit message are shown above )
|
|
Sat, 8 Jan 2022
|
[ 09:57 Santhosh Raju (fox) ] 91258b1
security/wolfssl: Update to v5.1.1
Changes since v5.1.0:
wolfSSL Release 5.1.1 (Jan 3rd, 2022)
Release 5.1.1 of wolfSSL embedded TLS has a high vulnerability fix:
Vulnerabilities
* [High] In connections using AES-CBC or DES3 with TLS/DTLS 1.2 or 1.1 the IV
being used is not random. Users using wolfSSL version 5.0.0 or 5.1.0 doing
TLS/DTLS 1.2 or 1.1 connections, without AEAD only, should update the
version of wolfSSL used.
|
|
Thu, 30 Dec 2021
|
[ 01:26 Santhosh Raju (fox) ] 677f4c2
security/wolfssl: Update to v5.1.0
Changes since v5.0.0:
wolfSSL Release 5.1.0 (Dec 27, 2021)
Release 5.1.0 of wolfSSL embedded TLS has bug fixes and new features including:
Vulnerabilities
* [Low] Potential for DoS attack on a wolfSSL client due to processing hello
packets of the incorrect side. This affects only connections using TLS v1.2
or less that have also been compromised by a man in the middle
attack. Thanks to James Henderson, Mathy Vanhoef, Chris M. Stone, Sam
L. Thomas, Nicolas Bailleut, and Tom Chothia (University of Birmingham, KU
Leuven, ENS Rennes for the report.(Only the first 15 lines of the commit message are shown above )
|
|
Sat, 6 Nov 2021
|
[ 04:57 Santhosh Raju (fox) ] 71c26f5
security/wolfssl: Update to v5.0.0
Changes since v4.8.1:
wolfSSL Release 5.0.0 (Nov 01, 2021)
Release 5.0.0 of wolfSSL embedded TLS has bug fixes and new features including:
Vulnerabilities
* [\Low] Hang with DSA signature creation when a specific q value is used in a
maliciously crafted key. If a DSA key with an invalid q value of either 1 or
0 was decoded and used for creating a signature, it would result in a hang
in wolfSSL. Users that are creating signatures with DSA and are using keys
supplied from an outside source are affected.
* [\Low] Issue with incorrectly validating a certificate that has multiple(Only the first 15 lines of the commit message are shown above )
|
|
Fri, 10 Sep 2021
|
[ 21:18 Bernhard Froehlich (decke) ] 7753754
security/wolfssl: Add CPE information
Approved by: portmgr (blanket)
|
|
Sat, 24 Jul 2021
|
[ 04:49 Santhosh Raju (fox) ] e4b7701
security/wolfssl: Updates to v4.8.1
Changes since v4.8.0:
wolfSSL Release 4.8.1 (July 16, 2021)
Release 4.8.1 of wolfSSL embedded TLS has an OCSP vulnerability fix:
Vulnerabilities
* [High] OCSP verification issue when response is for a certificate with no
relation to the chain in question BUT that response contains the NoCheck
extension which effectively disables ALL verification of that one cert.
Users who should upgrade to 4.8.1 are TLS client users doing OCSP, TLS
server users doing mutual auth with OCSP, and CertManager users doing OCSP
independent of TLS. Thanks to Jan Nauber, Marco Smeets, Werner Rueschenbaum
and Alissa Kim of Volkswagen Infotainment for the report.
|
|
Thu, 15 Jul 2021
|
[ 04:40 Santhosh Raju (fox) ] 711845c
security/wolfssl: Updates to v4.8.0
Changes since v4.7.0:
wolfSSL Release 4.8.0 (July 09, 2021)
Release 4.8.0 of wolfSSL embedded TLS has bug fixes and new features including:
Vulnerabilities
* [Low] OCSP request/response verification issue. In the case that the serial
number in the OCSP request differs from the serial number in the OCSP
response the error from the comparison was not resulting in a failed
verification. We recommend users that have wolfSSL version 4.6.0 and 4.7.0
with OCSP enabled update their version of wolfSSL. Version 4.5.0 and earlier
are not affected by this report. Thanks to Rainer, Roee, Barak, Hila and(Only the first 15 lines of the commit message are shown above )
|
|
Wed, 7 Apr 2021
|
[ 08:09 Mathieu Arnold (mat) ] cf118cc (Only the first 10 of 8873 ports in this commit are shown above. )
One more small cleanup, forgotten yesterday.
Reported by: lwhsu
|
|
Tue, 6 Apr 2021
|
[ 14:31 Mathieu Arnold (mat) ] 305f148 (Only the first 10 of 29333 ports in this commit are shown above. )
Remove # $FreeBSD$ from Makefiles.
|
|
Mon, 8 Mar 2021
|
[ 04:10 fox ]  
security/wolfssl: Updates to v4.7.0
- Remove the memory leak patch since now it is upstreamed.
Changes since v4.6.0:
wolfSSL Release 4.7.0 (February 16, 2021)
Release 4.7.0 of wolfSSL embedded TLS has bug fixes and new features including:
New Feature Additions
* Compatibility Layer expansion SSL_get_verify_mode, X509_VERIFY_PARAM API,
X509_STORE_CTX API added
* WOLFSSL_PSK_IDENTITY_ALERT macro added for enabling a subset of TLS alerts
* Function wolfSSL_CTX_NoTicketTLSv12 added to enable turning off session(Only the first 15 lines of the commit message are shown above )
|
|
Wed, 24 Feb 2021
|
[ 15:43 tobik ]
security/wolfssl: Fix QA issues
====> Checking for pkg-plist issues (check-plist)
===> Parsing plist
===> Checking for items in STAGEDIR missing from pkg-plist
===> Checking for items in pkg-plist which are not in STAGEDIR
Error: Missing: %%DOCSDIR%%/README.txt
Error: Missing: %%DOCSDIR%%/example/client.c
Error: Missing: %%DOCSDIR%%/example/echoclient.c
Error: Missing: %%DOCSDIR%%/example/echoserver.c
Error: Missing: %%DOCSDIR%%/example/sctp-client-dtls.c
Error: Missing: %%DOCSDIR%%/example/sctp-client.c
Error: Missing: %%DOCSDIR%%/example/sctp-server-dtls.c
Error: Missing: %%DOCSDIR%%/example/sctp-server.c
Error: Missing: %%DOCSDIR%%/example/server.c (Only the first 15 lines of the commit message are shown above )
|
|
Fri, 29 Jan 2021
|
[ 22:11 fox ]
security/wolfssl: Add DEBUG option and enable more features.
- Set --enable-opensslall which is needed for
wolfSSL_X509_NAME_print_ex() and friends.
- Set --enable-certgen to allow certificate generation.
- Define WOLFSSL_ALT_NAMES so one can generate certificates
with the Subject Alternative Name extension.
- Set --enable-sessioncerts to allow to inspect certificates
with wolfSSL_get_peer_cert_chain().
- Set --enable-des3 so one can load PBES2-3DES-CBC-encoded keys.
Additionally a patch to prevent memory leaks is included.
PR: 252829
Submitted by: Fabian Keil <fk@fabiankeil.de>
Reported by: Fabian Keil <fk@fabiankeil.de>
Approved by: fox (maintainer)
|
|
Mon, 28 Dec 2020
|
[ 16:44 fox ]
security/wolfssl: Updates to v4.6.0
Changes since v4.5.0:
wolfSSL Release 4.6.0 (December 22, 2020)
Release 4.6.0 of wolfSSL embedded TLS has bug fixes and new features including:
New Feature Additions
New Build Options
* wolfSSL now enables linux kernel module support. Big news for Linux kernel
module developers with crypto requirements! wolfCrypt and wolfSSL are now
loadable as modules in the Linux kernel, providing the entire libwolfssl(Only the first 15 lines of the commit message are shown above )
|
|
Tue, 17 Nov 2020
|
[ 16:06 pkubaj ]
security/wolfssl: fix build on big-endian
Merge upstream patch to fix build on big-endian architectures.
Also unmark mips and mips64 as broken, now builds fine.
MFH: 2020Q4 (fix build blanket)
|
|
Sat, 22 Aug 2020
|
[ 01:23 fox ]
security/wolfssl: Updates to v4.5.0
Changes since v4.4.0:
wolfSSL Release 4.5.0 (August 19, 2020)
If you have questions about this release, feel free to contact us on our
info@ address.
Release 4.5.0 of wolfSSL embedded TLS has bug fixes and new features including:
New Feature Additions
* Added Xilinx Vitis 2019.2 example and README updates
* TLS v1.3 is now enabled by default (Only the first 15 lines of the commit message are shown above )
|
|
Sat, 2 May 2020
|
[ 07:20 fox ]
security/wolfssl: Fixes build failure.
Uploaded the distfile manually into distcache to prevent failures during fetch.
Reviewed by: philip
|
|
Thu, 23 Apr 2020
|
[ 19:18 fox ]
security/wolfssl: Updates to v4.4.0
Changes since v4.3.0:
wolfSSL Release 4.4.0 (04/22/2020)
If you have questions about this release, feel free to contact us on our
info@ address.
Release 4.4.0 of wolfSSL embedded TLS has bug fixes and new features including:
New Feature Additions
* Hexagon support.
* DSP builds to offload ECC verify operations.
* Certificate Manager callback support. (Only the first 15 lines of the commit message are shown above )
|
|
Sun, 26 Jan 2020
|
[ 05:27 fox ]
security/wolfssl: Updates to 4.3.0
- Minor portlint / portfmt fixes.
- Take ownership of the port.
Changes: https://www.wolfssl.com/docs/wolfssl-changelog/
PR: 242853
Submitted by: takefu@airport.fm
Reviewed by: philip
|
|
Fri, 13 Dec 2019
|
[ 12:20 amdmi3 ]
- Update to 4.2.0
- Fix LICENSE
- Add LICENSE_FILE
- Add testing support
PR: 233190
Submitted by: takefu@airport.fm
|
|
Mon, 4 Nov 2019
|
[ 21:21 rene ] (Only the first 10 of 99 ports in this commit are shown above. )
Returns johans's ports to the pool after safekeeping his commit bit.
|
|
Wed, 5 Dec 2018
|
[ 20:01 linimon ] (Only the first 10 of 21 ports in this commit are shown above. )
These ports now build on powerpc64.
While here, pet portlint.
Approved by: portmgr (tier-2 blanket)
|
|
Sat, 17 Nov 2018
|
[ 17:46 sunpoet ]
Update MASTER_SITES and WWW
Approved by: portmgr (blanket)
|
|
Mon, 10 Sep 2018
|
[ 13:14 mat ] (Only the first 10 of 995 ports in this commit are shown above. )
Add DOCS options to ports that should have one.
Also various fixes related to said option.
PR: 230864
Submitted by: mat
exp-runs by: antoine
|
|
Mon, 25 Dec 2017
|
[ 11:47 johans ]
Update to WolfSSL 3.13.0
https://www.wolfssl.com/docs/wolfssl-changelog/
|
|
Tue, 21 Nov 2017
|
[ 21:15 johans ]
Update to WolfSSL 3.12
https://www.wolfssl.com/docs/wolfssl-changelog/
|
|
Fri, 2 Jun 2017
|
[ 15:49 linimon ] (Only the first 10 of 19 ports in this commit are shown above. )
Mark some ports failing on powerpc64. These ports are either new
ports, or had been recently unblocked.
While here, pet portlint.
Approved by: portmgr (tier-2 blanket)
|
|
Tue, 9 May 2017
|
[ 19:05 johans ]
Update to latest release (4 May); bugfixes and new features
https://www.wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html
|
|
Tue, 27 Dec 2016
|
[ 10:24 johans ]
Update to WolfSSL 3.10
Configure script now uses bash-isms
|
|
Mon, 12 Sep 2016
|
[ 20:30 johans ]
Update to WolfSSL 3.9.8
|
|
Tue, 26 Apr 2016
|
[ 20:58 johans ]
Update to WolfSSL 3.9.0
https://www.wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html
|
|
Wed, 6 Jan 2016
|
[ 21:32 johans ]
- Update WolfSSL to 3.8.0 (new MASTER_SITES, WWW entry and description)
- Includes important security fixes for CVE-2015-7744 and CVE-2015-6925
see
https://www.wolfssl.com/wolfSSL/Blog/Entries/2015/9/17_Two_Vulnerabilities_Recently_Found%2C_An_Attack_on_RSA_using_CRT_and_DoS_Vulnerability_With_DTLS.html
- Disables support for SSLv3
PR: 205936
Submitted by: Christoph Moench-Tegeder <cmt@burggraben.net>
MFH: 2016Q1
|
|
Thu, 30 Apr 2015
|
[ 19:41 johans ]
- Update to WolfSSL 3.4.6
- Remove options to include ChaCha and Poly1305, these are now on by default
|
|
Sat, 28 Mar 2015
|
[ 09:15 johans ]
CyaSSL has been renamed WolfSSL upstream
Rename port and update to 3.4.0
http://www.yassl.com/yaSSL/Products-wolfssl.html
|
Number of commits found: 40 |
As an Amazon Associate I earn from qualifying purchases.