FreeBSD Bugzilla – Attachment 254364 Details for
Bug 282203
security/cryptlib: update 3.4.6 → 3.4.7, fix CVE-2024-0202
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
[PATCH] security/cryptlib: update 3.4.6 → 3.4.7, fix CVE-2024-0202
0001-security-cryptlib-update-3.4.6-3.4.7-fix-CVE-2024-02.patch (text/plain), 4.79 KB, created by
Älven
on 2024-10-19 18:58:28 UTC
(
hide
)
Description:
[PATCH] security/cryptlib: update 3.4.6 → 3.4.7, fix CVE-2024-0202
Filename:
MIME Type:
Creator:
Älven
Created:
2024-10-19 18:58:28 UTC
Size:
4.79 KB
patch
obsolete
>From f19e8f5fb8674670da6ec6f0696cf0fc9f725a70 Mon Sep 17 00:00:00 2001 >From: Ãlven <alster@vinterdalen.se> >Date: Sat, 19 Oct 2024 22:52:01 +0400 >Subject: [PATCH] security/cryptlib: update 3.4.6 â 3.4.7, fix CVE-2024-0202 >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >https://nvd.nist.gov/vuln/detail/CVE-2024-0202 >--- > security/cryptlib/Makefile | 22 +++++++------ > security/cryptlib/distinfo | 6 ++-- > security/cryptlib/files/patch-test_certs.c | 4 +-- > security/cryptlib/files/patch-tools_ccopts.sh | 32 ------------------- > 4 files changed, 17 insertions(+), 47 deletions(-) > >diff --git a/security/cryptlib/Makefile b/security/cryptlib/Makefile >index a306eb97b224..d4730f989bbe 100644 >--- a/security/cryptlib/Makefile >+++ b/security/cryptlib/Makefile >@@ -1,38 +1,40 @@ > PORTNAME= cryptlib >-DISTVERSION= 3.4.6 >+DISTVERSION= 3.4.7 > CATEGORIES= security > MASTER_SITES= https://cryptlib-release.s3-ap-southeast-1.amazonaws.com/ > DISTNAME= ${PORTNAME}${PORTVERSION:S/.//g} > > MAINTAINER= ale@FreeBSD.org > COMMENT= Powerful security programming toolkit >-WWW= http://www.cs.auckland.ac.nz/~pgut001/cryptlib/ >+WWW= https://www.cs.auckland.ac.nz/~pgut001/cryptlib/ > > LICENSE= SLEEPYCAT > LICENSE_NAME= Sleepycat > LICENSE_FILE= ${WRKSRC}/COPYING >-LICENSE_PERMS= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept >+LICENSE_PERMS= auto-accept dist-mirror dist-sell pkg-mirror pkg-sell > > ONLY_FOR_ARCHS= amd64 armv6 armv7 i386 powerpc powerpc64 powerpc64le > > USES= cpe zip:infozip >+USE_LDCONFIG= yes > >-OPTIONS_DEFINE= DOCS >- >-EXTRACT_BEFORE_ARGS= -aq >-NO_WRKSUBDIR= yes > MAKEFILE= makefile >+MAKE_JOBS_UNSAFE=yes > ALL_TARGET= default FreeBSD shared testlib >-USE_LDCONFIG= yes >-MAKE_JOBS_UNSAFE= yes >+ > CFLAGS+= -DUSE_PKCS11 > >+EXTRACT_BEFORE_ARGS= -aq >+ >+NO_WRKSUBDIR= yes >+ > PLIST_FILES= include/cryptlib.h \ > lib/libcl.a lib/libcl.so \ > lib/libcl.so.3 lib/libcl.so.${PORTVERSION} >- > PORTDOCS= README > >+OPTIONS_DEFINE= DOCS >+ > do-install: > ${INSTALL_DATA} ${WRKSRC}/libcl.a ${WRKSRC}/libcl.so.${PORTVERSION} \ > ${STAGEDIR}${PREFIX}/lib >diff --git a/security/cryptlib/distinfo b/security/cryptlib/distinfo >index 4e31fa1950d6..a74a752cd737 100644 >--- a/security/cryptlib/distinfo >+++ b/security/cryptlib/distinfo >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1679305871 >-SHA256 (cryptlib346.zip) = c72cfd103eb9fa9f205c14c84ce4fbdf3ead1e2447e830b164dc335141f747bd >-SIZE (cryptlib346.zip) = 6826568 >+TIMESTAMP = 1729355724 >+SHA256 (cryptlib347.zip) = e3f617ea55b1c2c6ea1a27ccc7c8dd4972d3428dfbb0c8ba52a3e4a3ea98ada6 >+SIZE (cryptlib347.zip) = 7041396 >diff --git a/security/cryptlib/files/patch-test_certs.c b/security/cryptlib/files/patch-test_certs.c >index 8d9b05f4093c..ae19a7214d31 100644 >--- a/security/cryptlib/files/patch-test_certs.c >+++ b/security/cryptlib/files/patch-test_certs.c >@@ -4,8 +4,8 @@ > #if defined( __MWERKS__ ) || defined( SYMANTEC_C ) || defined( __MRC__ ) > #define CERTTIME_DATETEST ( ( ( 2021 - 1970 ) * ONE_YEAR_TIME ) + 2082844800L ) > #else >-- #define CERTTIME_DATETEST ( ( 2021 - 1970 ) * ONE_YEAR_TIME ) >-+ #define CERTTIME_DATETEST ( ( 2023 - 1970 ) * ONE_YEAR_TIME ) >+- #define CERTTIME_DATETEST ( ( 2022 - 1970 ) * ONE_YEAR_TIME ) >++ #define CERTTIME_DATETEST ( ( 2024 - 1970 ) * ONE_YEAR_TIME ) > #endif /* Macintosh-specific weird epoch */ > #if ( ULONG_MAX > 0xFFFFFFFFUL ) || defined( _M_X64 ) > #define SYSTEM_64BIT >diff --git a/security/cryptlib/files/patch-tools_ccopts.sh b/security/cryptlib/files/patch-tools_ccopts.sh >index 040bf62ddbf0..83c42dd19c3d 100644 >--- a/security/cryptlib/files/patch-tools_ccopts.sh >+++ b/security/cryptlib/files/patch-tools_ccopts.sh >@@ -9,35 +9,3 @@ > # The versions of clang shipped with OS X or OpenBSD don't > # support -fsanitize=safe-stack even as late as clang 12, so > # there's not much that we can do. >-@@ -892,31 +892,6 @@ fi >- # a big deal. As a convenient side-effect, this also enables the use of >- # ASLR where it's supported. >- >--if [ "$ARCH" = "i586" ] || [ "$ARCH" = "i686" ] || [ "$ARCH" = "x86_64" ] ; then >-- if [ "$COMPILER_VER" -ge 45 ] ; then >-- if [ $GENERICBUILD -gt 0 ] ; then >-- echo " (Enabling lowest-common-denominator build options for cross-platform library)." >&2 ; >-- else >-- CCARGS="$CCARGS -march=native -mtune=generic" ; >-- fi >-- if [ "$ARCH" = "x86_64" ] ; then >-- CCARGS="$CCARGS -fPIC" ; >-- fi ; >-- elif [ "$COMPILER_VER" -ge 30 ] ; then >-- case $ARCH in >-- 'x86_64') >-- CCARGS="$CCARGS -march=opteron -fPIC" ;; >-- >-- 'i686') >-- CCARGS="$CCARGS -march=pentiumpro" ;; >-- >-- *) >-- CCARGS="$CCARGS -march=pentium" ;; >-- esac ; >-- else >-- CCARGS="$CCARGS -mcpu=pentium" ; >-- fi ; >--fi >- >- # gcc 4.x for 64-bit architectures has an optimiser bug that removes an >- # empty-list check in cryptlib's list-management code (this has been >-- >2.47.0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=254364">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
alster
:
maintainer-approval?
(
ale
)
Actions:
View
|
Diff
Attachments on
bug 282203
: 254364