./security/openssl [TLS/SSL library and tools]
[+] Add this package to your ports tracker

[ CVSweb ] [ Homepage ] [ RSS feed ]

Version: 1.0.2k, Package name: openssl-1.0.2k
Maintained by: Stuart Henderson
Master sites:
Description
OpenSSL is an open-source toolkit implementing the Secure Sockets
Layer (SSL) and Transport Layer Security (TLS) protocols as well as a
full-strength general purpose cryptography library.

This package is not intended for general-purpose use in OpenBSD -
it is present to provide support for applications which cannot be made
compatible with LibReSSL (mostly due to use of removed APIs), and for
test/comparison purposes.


Filesize: 5184.801 KB
Version History (View Complete History)
  • (2017-01-26) Updated to version: openssl-1.0.2k
  • (2016-09-26) Updated to version: openssl-1.0.2j
  • (2016-09-23) Updated to version: openssl-1.0.2i
  • (2016-05-04) Updated to version: openssl-1.0.2h
  • (2016-03-01) Updated to version: openssl-1.0.2g
  • (2016-01-28) Updated to version: openssl-1.0.2f
  • (2015-12-03) Updated to version: openssl-1.0.2e
  • (2015-09-13) Updated to version: openssl-1.0.2d
  • (2015-07-09) Updated to version: openssl-1.0.1p
  • (2015-06-13) Updated to version: openssl-1.0.1o
[show/hide] View available PLISTS (Can be a lot of data)

CVS Commit History:

   2017-05-25 08:39:24 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to OpenSSL-1.0.2l
   2017-05-25 08:39:24 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to OpenSSL-1.0.2l
   2017-05-25 08:39:24 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to OpenSSL-1.0.2l
   2017-05-25 08:39:24 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to OpenSSL-1.0.2l
   2017-03-28 08:14:01 by Stuart Henderson | Files touched by this commit (1)
Log message:
add portroach limit to 1.0.x
   2017-01-26 07:40:04 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to openssl-1.0.2k
   2017-01-26 07:40:04 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to openssl-1.0.2k
   2017-01-26 07:40:04 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to openssl-1.0.2k
   2017-01-26 07:40:04 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to openssl-1.0.2k
   2016-09-26 05:11:42 by Stuart Henderson | Files touched by this commit (2)
Log message:
update to OpenSSL 1.0.2j, "A bug fix which included a CRL sanity check
was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a
result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null
pointer exception."
(not moved to 1.1.0 yet, so today's critical fix for CVE-2016-6309
doesn't apply).
   2016-09-26 05:11:42 by Stuart Henderson | Files touched by this commit (2)
Log message:
update to OpenSSL 1.0.2j, "A bug fix which included a CRL sanity check
was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a
result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null
pointer exception."
(not moved to 1.1.0 yet, so today's critical fix for CVE-2016-6309
doesn't apply).
   2016-09-22 15:18:06 by Stuart Henderson | Files touched by this commit (4)
Log message:
security update to OpenSSL 1.0.2i
major library bump because dtls1_clear_record_buffer() was removed
   2016-09-22 15:18:06 by Stuart Henderson | Files touched by this commit (4)
Log message:
security update to OpenSSL 1.0.2i
major library bump because dtls1_clear_record_buffer() was removed
   2016-09-22 15:18:06 by Stuart Henderson | Files touched by this commit (4)
Log message:
security update to OpenSSL 1.0.2i
major library bump because dtls1_clear_record_buffer() was removed
   2016-09-22 15:18:06 by Stuart Henderson | Files touched by this commit (4)
Log message:
security update to OpenSSL 1.0.2i
major library bump because dtls1_clear_record_buffer() was removed
   2016-05-04 02:07:03 by Stuart Henderson | Files touched by this commit (3)
Log message:
update to OpenSSL-1.0.2h:
*) Prevent padding oracle in AES-NI CBC MAC check
*) Fix EVP_EncodeUpdate overflow
*) Fix EVP_EncryptUpdate overflow
*) Prevent ASN.1 BIO excessive memory allocation
*) EBCDIC overread
*) Modify behavior of ALPN to invoke callback after SNI/servername
callback, such that updates to the SSL_CTX affect ALPN.
*) Remove LOW from the DEFAULT cipher list, removing single DES
from the default.
*) Only remove the SSLv2 methods with the no-ssl2-method option.
When the methods are enabled and ssl2 is disabled the methods return
NULL.  (i.e. restore ABI compat with pre-1.0.2g cf. SSLv2_*_method)
   2016-05-04 02:07:03 by Stuart Henderson | Files touched by this commit (3)
Log message:
update to OpenSSL-1.0.2h:
*) Prevent padding oracle in AES-NI CBC MAC check
*) Fix EVP_EncodeUpdate overflow
*) Fix EVP_EncryptUpdate overflow
*) Prevent ASN.1 BIO excessive memory allocation
*) EBCDIC overread
*) Modify behavior of ALPN to invoke callback after SNI/servername
callback, such that updates to the SSL_CTX affect ALPN.
*) Remove LOW from the DEFAULT cipher list, removing single DES
from the default.
*) Only remove the SSLv2 methods with the no-ssl2-method option.
When the methods are enabled and ssl2 is disabled the methods return
NULL.  (i.e. restore ABI compat with pre-1.0.2g cf. SSLv2_*_method)
   2016-05-04 02:07:03 by Stuart Henderson | Files touched by this commit (3)
Log message:
update to OpenSSL-1.0.2h:
*) Prevent padding oracle in AES-NI CBC MAC check
*) Fix EVP_EncodeUpdate overflow
*) Fix EVP_EncryptUpdate overflow
*) Prevent ASN.1 BIO excessive memory allocation
*) EBCDIC overread
*) Modify behavior of ALPN to invoke callback after SNI/servername
callback, such that updates to the SSL_CTX affect ALPN.
*) Remove LOW from the DEFAULT cipher list, removing single DES
from the default.
*) Only remove the SSLv2 methods with the no-ssl2-method option.
When the methods are enabled and ssl2 is disabled the methods return
NULL.  (i.e. restore ABI compat with pre-1.0.2g cf. SSLv2_*_method)
   2016-04-29 05:24:05 by Stuart Henderson | Files touched by this commit (1)
Log message:
Fix OpenSSL which uses file on /usr/lib/libc.so.* to figure out if we're ELF
or not, which gets confused with libc.so.*.a files present.
   2016-03-19 06:20:31 by Stuart Henderson | Files touched by this commit (1)
Log message:
MFC: add fallback MASTER_SITES.
Note the security fixes aren't backported yet due to the ABI break.
   2016-03-19 06:16:04 by Stuart Henderson | Files touched by this commit (1)
Log message:
add fallback MASTER_SITES
   2016-03-11 16:03:21 by Christian Weisgerber | Files touched by this commit (8)
Log message:
remove NO_SHARED_LIBS and merge PFRAG.shared into PLIST; ok sthen@
   2016-03-11 16:03:21 by Christian Weisgerber | Files touched by this commit (8)
Log message:
remove NO_SHARED_LIBS and merge PFRAG.shared into PLIST; ok sthen@
   2016-03-11 16:03:21 by Christian Weisgerber | Files touched by this commit (8)
Log message:
remove NO_SHARED_LIBS and merge PFRAG.shared into PLIST; ok sthen@
   2016-03-07 03:58:49 by Stuart Henderson | Files touched by this commit (1)
Log message:
now that sslscan uses a special build, disable ssl3/rc5 again in openssl port
   2016-03-01 08:37:53 by Stuart Henderson | Files touched by this commit (5)
Log message:
security update to OpenSSL 1.0.2g, for the few things in ports which use it
   2016-03-01 08:37:53 by Stuart Henderson | Files touched by this commit (5)
Log message:
security update to OpenSSL 1.0.2g, for the few things in ports which use it
   2016-03-01 08:37:53 by Stuart Henderson | Files touched by this commit (5)
Log message:
security update to OpenSSL 1.0.2g, for the few things in ports which use it
   2016-03-01 08:37:53 by Stuart Henderson | Files touched by this commit (5)
Log message:
security update to OpenSSL 1.0.2g, for the few things in ports which use it
   2016-03-01 08:37:53 by Stuart Henderson | Files touched by this commit (5)
Log message:
security update to OpenSSL 1.0.2g, for the few things in ports which use it
   2016-01-29 08:31:17 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to openssl-1.0.1r
   2016-01-29 08:31:17 by Stuart Henderson | Files touched by this commit (4)
Log message:
update to openssl-1.0.1r
   2016-01-29 08:23:43 by Stuart Henderson | Files touched by this commit (2)
Log message:
fix the installed pkg-config files, issue reported a while ago by
Wladimir J. van der Laan
   2016-01-29 08:23:43 by Stuart Henderson | Files touched by this commit (2)
Log message:
fix the installed pkg-config files, issue reported a while ago by
Wladimir J. van der Laan
   2016-01-28 15:50:59 by Stuart Henderson | Files touched by this commit (2)
Log message:
cherrypick patch from OpenSSL_1_0_2-stable upstream:
Correct number of arguments in BIO_get_conn_int_port macro.
   2016-01-28 15:50:59 by Stuart Henderson | Files touched by this commit (2)
Log message:
cherrypick patch from OpenSSL_1_0_2-stable upstream:
Correct number of arguments in BIO_get_conn_int_port macro.
   2016-01-28 08:51:38 by Stuart Henderson | Files touched by this commit (4)
Log message:
security update to openssl-1.0.2f
http://www.openssl.org/news/openssl-1.0.2-notes.html
   2016-01-28 08:51:38 by Stuart Henderson | Files touched by this commit (4)
Log message:
security update to openssl-1.0.2f
http://www.openssl.org/news/openssl-1.0.2-notes.html
   2016-01-28 08:51:38 by Stuart Henderson | Files touched by this commit (4)
Log message:
security update to openssl-1.0.2f
http://www.openssl.org/news/openssl-1.0.2-notes.html
   2016-01-28 08:51:38 by Stuart Henderson | Files touched by this commit (4)
Log message:
security update to openssl-1.0.2f
http://www.openssl.org/news/openssl-1.0.2-notes.html
   2015-12-07 17:50:51 by Stuart Henderson | Files touched by this commit (3)
Log message:
update OpenSSL in 5.8-stable to 1.0.1q
   2015-12-03 12:40:00 by Stuart Henderson | Files touched by this commit (3)
Log message:
The upstream distfile was quietly re-rolled.
   2015-12-03 12:40:00 by Stuart Henderson | Files touched by this commit (3)
Log message:
The upstream distfile was quietly re-rolled.
   2015-12-03 12:40:00 by Stuart Henderson | Files touched by this commit (3)
Log message:
The upstream distfile was quietly re-rolled.
   2015-12-03 09:21:30 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to OpenSSL 1.0.2e, patching around the pod2mantest script missing
in the distribution tar file.
- BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193, Aug 13)
- Certificate verify crash with missing PSS parameter (CVE-2015-3194, Aug 27)
- X509_ATTRIBUTE memory leak (CVE-2015-3195, Nov 9)
(plus the advisory mentions an issue fixed in 1.0.2d)
   2015-12-03 09:21:30 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to OpenSSL 1.0.2e, patching around the pod2mantest script missing
in the distribution tar file.
- BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193, Aug 13)
- Certificate verify crash with missing PSS parameter (CVE-2015-3194, Aug 27)
- X509_ATTRIBUTE memory leak (CVE-2015-3195, Nov 9)
(plus the advisory mentions an issue fixed in 1.0.2d)
   2015-12-03 09:21:30 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to OpenSSL 1.0.2e, patching around the pod2mantest script missing
in the distribution tar file.
- BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193, Aug 13)
- Certificate verify crash with missing PSS parameter (CVE-2015-3194, Aug 27)
- X509_ATTRIBUTE memory leak (CVE-2015-3195, Nov 9)
(plus the advisory mentions an issue fixed in 1.0.2d)
   2015-12-03 09:21:30 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to OpenSSL 1.0.2e, patching around the pod2mantest script missing
in the distribution tar file.
- BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193, Aug 13)
- Certificate verify crash with missing PSS parameter (CVE-2015-3194, Aug 27)
- X509_ATTRIBUTE memory leak (CVE-2015-3195, Nov 9)
(plus the advisory mentions an issue fixed in 1.0.2d)
   2015-12-03 09:21:30 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to OpenSSL 1.0.2e, patching around the pod2mantest script missing
in the distribution tar file.
- BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193, Aug 13)
- Certificate verify crash with missing PSS parameter (CVE-2015-3194, Aug 27)
- X509_ATTRIBUTE memory leak (CVE-2015-3195, Nov 9)
(plus the advisory mentions an issue fixed in 1.0.2d)
   2015-09-12 13:29:34 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to openssl-1.0.2d
   2015-09-12 13:29:34 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to openssl-1.0.2d
   2015-09-12 13:29:34 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to openssl-1.0.2d
   2015-09-12 13:29:34 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to openssl-1.0.2d
   2015-09-12 13:29:34 by Stuart Henderson | Files touched by this commit (5)
Log message:
update to openssl-1.0.2d
   2015-07-18 18:39:01 by Stuart Henderson | Files touched by this commit (1)
Log message:
tweak port
   2015-07-18 18:06:42 by Stuart Henderson | Files touched by this commit (1)
Log message:
Reenable crappy old protocols, mainly for use with sslscan (which connects
to a server to identify supported SSL/TLS methods) - note that this port is
not used generally within OpenBSD, only for testing and special cases.
   2015-07-09 08:50:40 by Stuart Henderson | Files touched by this commit (1)
Log message:
MFC security update to openssl-1.0.1o (libressl is not affected by this problem)
During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.
This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
   2015-07-09 08:49:35 by Stuart Henderson | Files touched by this commit (2)
Log message:
security update to openssl-1.0.1o (libressl is not affected by this problem)
During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.
This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
   2015-07-09 08:49:35 by Stuart Henderson | Files touched by this commit (2)
Log message:
security update to openssl-1.0.1o (libressl is not affected by this problem)
During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.
This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
   2015-06-13 05:33:04 by Stuart Henderson | Files touched by this commit (1)
Log message:
forced whitespace-only commit to note that previous commit log should have read:
update to openssl-1.0.1o; http://www.openssl.org/news/secadv_20150611.txt
(bugs were fixed in 1.0.1n, but this had an ABI change - 1.0.1o restores the
interface compatibility).
   2015-06-13 05:31:15 by Stuart Henderson | Files touched by this commit (3)
Log message:
MFC: update to openssl-1.0.1n; http://www.openssl.org/news/secadv_20150611.txt
   2015-06-13 05:30:00 by Stuart Henderson | Files touched by this commit (2)
Log message:
update to openssl-1.0.1o, restoring ABI
   2015-06-13 05:30:00 by Stuart Henderson | Files touched by this commit (2)
Log message:
update to openssl-1.0.1o, restoring ABI
   2015-06-11 09:30:17 by Stuart Henderson | Files touched by this commit (3)
Log message:
update to openssl-1.0.1n; http://www.openssl.org/news/secadv_20150611.txt
   2015-06-11 09:30:17 by Stuart Henderson | Files touched by this commit (3)
Log message:
update to openssl-1.0.1n; http://www.openssl.org/news/secadv_20150611.txt
   2015-06-11 09:30:17 by Stuart Henderson | Files touched by this commit (3)
Log message:
update to openssl-1.0.1n; http://www.openssl.org/news/secadv_20150611.txt
   2015-03-20 07:02:34 by Jasper Lievisse Adriaanse | Files touched by this commit (3)
Log message:
SECURITY update to OpenSSL 1.0.1m
http://openssl.org/news/secadv_20150319.txt
   2015-03-20 06:24:28 by Jasper Lievisse Adriaanse | Files touched by this commit (3)
Log message:
SECURITY update to OpenSSL 1.0.1m
http://openssl.org/news/secadv_20150319.txt
   2015-03-19 10:22:04 by Stuart Henderson | Files touched by this commit (4)
Log message:
SECURITY update to OpenSSL 1.0.1m
http://openssl.org/news/secadv_20150319.txt
   2015-03-19 10:22:04 by Stuart Henderson | Files touched by this commit (4)
Log message:
SECURITY update to OpenSSL 1.0.1m
http://openssl.org/news/secadv_20150319.txt
   2015-03-19 10:22:04 by Stuart Henderson | Files touched by this commit (4)
Log message:
SECURITY update to OpenSSL 1.0.1m
http://openssl.org/news/secadv_20150319.txt
   2015-03-19 10:22:04 by Stuart Henderson | Files touched by this commit (4)
Log message:
SECURITY update to OpenSSL 1.0.1m
http://openssl.org/news/secadv_20150319.txt
   2015-01-09 11:36:32 by Stuart Henderson | Files touched by this commit (2)
Log message:
update to openssl 1.0.1k
   2015-01-09 11:36:32 by Stuart Henderson | Files touched by this commit (2)
Log message:
update to openssl 1.0.1k
   2014-10-15 09:01:11 by Stuart Henderson | Files touched by this commit (3)
Log message:
update to openssl-1.0.1j, build with no-ssl3
   2014-10-15 09:01:11 by Stuart Henderson | Files touched by this commit (3)
Log message:
update to openssl-1.0.1j, build with no-ssl3
   2014-10-15 09:01:11 by Stuart Henderson | Files touched by this commit (3)
Log message:
update to openssl-1.0.1j, build with no-ssl3