Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-1.9.git;a=commitdiff;h=096c51ba7fcaa8f525070e8c67f2c48a5e4e9892
commit 096c51ba7fcaa8f525070e8c67f2c48a5e4e9892 Author: kikadf <[email protected]> Date: Thu Jun 5 17:01:32 2014 +0200 openssl-1.0.1-5arcturus5-x86_64 * Version bump to patch level h * Fix CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470 diff --git a/source/base/openssl/CVE-2014-0198.patch b/source/base/openssl/CVE-2014-0198.patch deleted file mode 100644 index f8e3444..0000000 --- a/source/base/openssl/CVE-2014-0198.patch +++ /dev/null @@ -1,19 +0,0 @@ -Description: fix denial of service via null pointer dereference -Origin: vendor, http://anoncvs.estpak.ee/cgi-bin/cgit/openbsd-src/commit/lib/libssl?id=e76e308f1fab2253ab5b4ef52a1865c5ffecdf21 -Bug: http://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 - -Index: openssl-1.0.1f/ssl/s3_pkt.c -=================================================================== ---- openssl-1.0.1f.orig/ssl/s3_pkt.c 2014-05-02 15:00:28.216467809 -0400 -+++ openssl-1.0.1f/ssl/s3_pkt.c 2014-05-02 15:02:06.192469397 -0400 -@@ -657,6 +657,10 @@ - if (i <= 0) - return(i); - /* if it went, fall through and send more stuff */ -+ /* we may have released our buffer, so get it again */ -+ if (wb->buf == NULL) -+ if (!ssl3_setup_write_buffer(s)) -+ return -1; - } - - if (len == 0 && !create_empty_fragment) diff --git a/source/base/openssl/FrugalBuild b/source/base/openssl/FrugalBuild index 773ee51..feaf62a 100644 --- a/source/base/openssl/FrugalBuild +++ b/source/base/openssl/FrugalBuild @@ -1,12 +1,11 @@ # Compiling Time: 0.84 SBU -# Contributor: kikadf <[email protected]> # Contributor: Miklos Vajna <[email protected]> # Maintainer: voroskoi <[email protected]> pkgname=openssl pkgver=1.0.1 -pkgextraver=g -pkgrel=5arcturus4 +pkgextraver=h +pkgrel=5arcturus5 pkgdesc="The Open Source toolkit for Secure Sockets Layer and Transport Layer Security" url="http://www.openssl.org/source/"; groups=('base' 'chroot-core') @@ -19,8 +18,8 @@ source=($url$pkgname-$pkgver$pkgextraver.tar.gz \ signatures=("$source.asc" '' '') # FSA fix *** -source=(${source[@]} CVE-2010-5298.patch CVE-2014-0198.patch) -signatures=(${signatures[@]} '' '') +#source=(${source[@]} ) +#signatures=(${signatures[@]} '' '') # *********** build() _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
