OpenSSL has released a new version 1.0.0b fixing a possible buffer overflow in version 1.0.0a: http://www.openssl.org/
Also the SCTP patches from http://sctp.fh-muenster.de/dtls-patches.html are outdated
Fix: Attached patch will:
* Update OpenSSL to 1.0.0b
* Change the default options to include two patches from http://sctp.fh-muenster.de/dtls-patches.html (TLS key extractor and abbr. negotiations) as those two patches have been integrated into the upcoming version 1.0.1 upstream (if this is undesired feel free to revert it).
* Remove the DTSL_BUGS option as it is a noop since all patches in that set have been integrated into 1.0.0a upstream
It does not, however, fix the indentation of the options (I'm not sure if there was a purpose for it to be different for DTLS options)
Over to maintainer (via the GNATS Auto Assign Tool)
- DTLS_BUGS is now obsolte, no new patches have been come out.
- Changeing the default does not work,
The check in the makefile must be converted from WITH_* to WITHOUT_*.
I will keep the old defaults.
- There is a regression with the new version.
I am testing some patches.
dinoex 2010-11-17 10:35:00 UTC
FreeBSD ports repository
security/openssl Makefile distinfo
- Security update to 1.0.0b
Submitted by: Alexander Wittig
- Fix regression in TLS handling
Obtained from: http://cvs.openssl.org/chngview?cn=19998
Revision Changes Path
1.176 +3 -7 ports/security/openssl/Makefile
1.63 +10 -15 ports/security/openssl/distinfo
1.1 +16 -0 ports/security/openssl/files/patch-t1_lib.c (new)
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "email@example.com"
committed with changes, thanks.