diff options
| author | Adrien Nader <adrien@notk.org> | 2014-01-14 07:52:24 +0100 |
|---|---|---|
| committer | Adrien Nader <adrien@notk.org> | 2014-01-14 07:52:24 +0100 |
| commit | e8aec63f6a864e2aea04c27c0273b39dce6732b9 (patch) | |
| tree | 1a3c42e5a5d4255536c93875dd78d5015cd85b11 /n/openssl/openssl0 | |
| parent | 0feb1a884f9fa2d2021b09da866c1578bfab6d13 (diff) | |
Tue Jan 14 03:54:48 UTC 2014
a/openssl-solibs-1.0.1f-x86_64-1.txz: Upgraded.
d/llvm-3.4-x86_64-1.txz: Upgraded.
n/openssl-1.0.1f-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Fix for TLS record tampering bug CVE-2013-4353
Fix for TLS version checking bug CVE-2013-6449
Fix for DTLS retransmission bug CVE-2013-6450
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450
(* Security fix *)
n/php-5.4.24-x86_64-1.txz: Upgraded.
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before
5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly
parse (1) notBefore and (2) notAfter timestamps in X.509 certificates,
which allows remote attackers to execute arbitrary code or cause a denial
of service (memory corruption) via a crafted certificate that is not
properly handled by the openssl_x509_parse function.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420
(* Security fix *)
n/samba-4.1.4-x86_64-1.txz: Upgraded.
This update fixes a heap-based buffer overflow that may allow AD domain
controllers to execute arbitrary code via an invalid fragment length in
a DCE-RPC packet.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408
(* Security fix *)
x/libXfont-1.4.7-x86_64-1.txz: Upgraded.
This update fixes a stack overflow when reading a BDF font file containing
a longer than expected string, which could lead to crashes or privilege
escalation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462
(* Security fix *)
Diffstat (limited to 'n/openssl/openssl0')
| -rw-r--r-- | n/openssl/openssl0/fix-pod-syntax.patch.gz | bin | 0 -> 1661 bytes | |||
| -rwxr-xr-x | n/openssl/openssl0/openssl0.build | 3 |
2 files changed, 3 insertions, 0 deletions
diff --git a/n/openssl/openssl0/fix-pod-syntax.patch.gz b/n/openssl/openssl0/fix-pod-syntax.patch.gz Binary files differnew file mode 100644 index 0000000..066c8e5 --- /dev/null +++ b/n/openssl/openssl0/fix-pod-syntax.patch.gz diff --git a/n/openssl/openssl0/openssl0.build b/n/openssl/openssl0/openssl0.build index 262a16a..9b798aa 100755 --- a/n/openssl/openssl0/openssl0.build +++ b/n/openssl/openssl0/openssl0.build @@ -56,6 +56,9 @@ rm -rf $PKG1 openssl-$VERSION tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1 cd openssl-$VERSION +# Fix pod syntax errors which are fatal wih a newer perl: +zcat $CWD/fix-pod-syntax.patch.gz | patch -p1 --verbose || exit 1 + # Use .so.0, not .so.0.9.8: zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 if [ "$ARCH" = "i486" ]; then |