CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2015/12/03 09:21:30
Modified files:
security/openssl: Makefile distinfo
security/openssl/patches: patch-Configure
security/openssl/pkg: PLIST
Added files:
security/openssl/patches: patch-Makefile_org
Log message:
update to OpenSSL 1.0.2e, patching around the pod2mantest script missing
in the distribution tar file.
- BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193, Aug 13)
- Certificate verify crash with missing PSS parameter (CVE-2015-3194, Aug 27)
- X509_ATTRIBUTE memory leak (CVE-2015-3195, Nov 9)
(plus the advisory mentions an issue fixed in 1.0.2d)
